Professional Documents
Culture Documents
143
P.Kalpana
R.Anitha
Department of Applied Mathematics & Computational Sciences
PSG College of Technology, Coimbatore, India
3
anitha_nadarajan@mail.psgtech.ac.in
Abstract Voice over Internet Protocol (VoIP) has become a
very popular technology as it allows the users to make phone
calls over the public internet. Some of its predominant features
such as efficiency, cost-effectiveness and long distance
communication made VoIP to stand apart from the traditional
Public Switched Telephone Networks (PSTN). Session Initiation
Protocol (SIP) is the contemporary signaling protocol used in
VoIP Networks. The protocol itself is vulnerable to most of the
threats that happen in VoIP Networks. Regardless to register
highly scalable incidents, it is widely considered by experts as the
futuristic target for attackers. This survey provides extensive and
comprehensive analysis of various security threats faced by VoIP
Networks. Also this paper exemplifies major defense mechanisms
and their proposed techniques to combat the threats. Apart from
that, this paper discusses open-source tools that can be simulated
to conduct experiments. The main objective of this work is to
motivate the researchers of VoIP domain to commence with
novel defense techniques to overcome the threats.
Keywords Voice over Internet Protocol, Session Imitation
Protocol, Denial of Service attacks, Spam over Internet Telephony,
Defense Mechanism, VoIP Tools
I. INTRODUCTION
Voice over Internet Protocol (VoIP) is a promising
technology that allows users to make telephone calls using
internet connection instead of analog telephone. The
accomplishment of VoIP technology is obtained by changing
the paradigm from Public Switched Telephone Networks
(PSTN) to IP Networks. The impelling logic behind this
phenomenon is the higher bandwidth, cheaper call rates,
integration among various services, better scalability and
disaster recovery offered by the latter compared to the
previous. To be precise, telecommunication markets started
accepting this migration from circuit switched to packet
switched telephone networks [1]. Due to these reasons, VoIP
find itself applicable both in commercial and consumer
markets. The main advantage for end user and business
IEEE 2014
IEEE Conference Number - 33344
July 8, 2014, Coimbatore, India.
IEEE 2014
IEEE Conference Number - 33344
July 8, 2014, Coimbatore, India.
144
Description
H.323/Signaling
H.323 is a Signaling protocol developed by ITU-T to support call setup, breakdown and forward. The main
components of H.323 are Terminals, Multipoint Control Units (MTU), Gateways and Border elements. It
uses binary representation for messages and it is not scalable for wide networks.
SIP/Signaling
Session Initiation Protocol (SIP) [16] is a signaling protocol developed by IETF to create, modify and
terminate sessions with one or more participants. It is a text-based similar to that of HTTP protocol and its
major components are User agents, Proxy Server and Registration server.
Inter-Asterisk eXchange protocol (IAX) [17] is a combination of both signaling and media protocol running
on the same port. The commands and parameters are sent in binary format and supports trunking and
multiplexing over a single channel.
RTP/RTCP /Media
Real-time Transport Protocol (RTP) [18] supports the real-time transfer of media (voice and video) over IP
networks developed by IETF. RTPs main goal is to deliver the contents on time and can tolerate some
packet loss to achieve its goal.
MGCP/Gateway
Media Gateway Control Protocol (MGCP) [19] defines communication between user agents and telephony
gateways. It offers centralized gateway administration and provides large scale IP telephony solutions.
RTSP/Media
Real-time Streaming Protocol (RTSP) [20] is a network control protocol designed for use in entertainment
and communications to control streaming media transfer.
SDP/Media
Session Description Protocol (SDP) [21] is designed for the purpose of session announcement, session
invitation etc. Some of the information conveyed by Session Description protocol are Session name and
purpose, Address and port number, Start and stop time and contact number
RSVP/QoS
Resource Reservation Protocol (RSVP) [22] can prioritize and guarantee latency to specific IP streams. It is
also designed to operate with current and future unicast and multicast routing protocols.
SAP/Advertisement
Session Announcement Protocol (SAP) is designed [23] to advertise multicast conferences and other
multicast sessions. Using SAP, senders periodically broadcast SDP descriptions to a well-known multicast
address and port.
IEEE 2014
IEEE Conference Number - 33344
July 8, 2014, Coimbatore, India.
145
IEEE 2014
IEEE Conference Number - 33344
July 8, 2014, Coimbatore, India.
Max-Forwards
To
From
Call-ID
Cseq
Contact
Content-Type
ContentLength
146
IEEE 2014
IEEE Conference Number - 33344
July 8, 2014, Coimbatore, India.
147
Category
148
Ekiga [68] - free VoIP client software developed for GNOME and Windows user
Linphone [57] - open source phone licensed by GNU General Public License (GPL) and can run in
platform like Windows, Linux, Mac OS, Android and Blackberry
SIP Express Router (SER) [58] - one of the initiators for SIP proxy server and it can be configured to
act as SIP registrar, proxy or redirect server.
OpenSER/OpenSIPS [59] - widely applied as VoIP Service provider, SIP trunking, SIP load balancing
and SIP router.
Sniffing Tools
AuthTool - Tool that attempts to determine the password of the user by analyzing the SIP traffic.
Etherpeek - general purpose VoIP and Ethernet sniffer.
VoIPong - Detects all VoIP calls on a pipeline and dumps conversation to separate wav files
VOMIT - converts CISCO IP phone conversation to wave file and can be played with any sound
players
Wireshark - widely used multi-platform network traffic analyzer
IEEE 2014
IEEE Conference Number - 33344
July 8, 2014, Coimbatore, India.
149
SIPp - Open Source test tool / traffic generator for the SIP protocol
SIPBomber - SIP protocol testing tool for Linux
Signal Manipulation Tools
VI.
BYE Teardown - attempts to disconnect an active VoIP conversation by spoofing the SIP BYE
message from the receiving party
SIP-kill - Sniff for SIP-INVITEs and tear down the call
SIPRougue - multifunctional SIP proxy that can be inserted between two talking parties
IEEE 2014
IEEE Conference Number - 33344
July 8, 2014, Coimbatore, India.
IEEE 2014
IEEE Conference Number - 33344
July 8, 2014, Coimbatore, India.
150