Video and Voice over Internet Protocol

Video and Voice over Internet Protocol

Introduction

The voice over internet technology is sometimes referred to as the Internet Multimedia Subsystem. It represents a class of products developed to facilitate advanced communication services over data networks. In this technology, voice is the major aspect but also includes other products including the video and capabilities such as collaborative editing, whiteboard sharing, and file sharing. The VoIP is an ideal way of providing reliable means of communication at flexible and low cost. The flexibility of the system is enhanced by the inclusion of open architecture and the software-based implementation. The low cost feature is made possible as a result of new business models, components, and networking systems as well as consumer-grade broadband connectivity.

The Voice over Internet Protocol has been widely adopted by different enterprises and consumer markets. More and more enterprises have shifted from the internal phones switches to the VoIP-based systems which offer new equipment and stop the usage of redundant equipment (Keromytis, 2012).

The VoIP technology bears some vulnerability that may be exploited by ill motived users to carry out security attacks. The technology is exposed to major types of vulnerability, from the infrastructure and the other arising from associated VoIP protocols and devices. The components in the VoIP technologies bear vulnerable elements that affect either directly and indirectly. The major vulnerability facing the VoIP systems are pegged to the VoIP applications, the protocols, management interface, and the other devices such as switches and routers.

The VoIP vulnerabilities are at times exploited by attackers who carry out various kinds of attacks. The attacks may be in the form of attack against availability, confidentiality, integrity, and the social perspective. The attacks occur in form of Denial of Service, Call flooding, malformed messages, spoofed messages, and call hijacking (Lazzez).

Various measures have been put in place to curb the attacks and ensure the development and maintenance of secure systems. These systems include voice signaling and media transmission protocol which work by providing authentication, privacy, and integrity. These systems include features such as message authentication, encryption, and network layer security. The SIP protocol supports frameworks such as firewall and the Network Address Translation (Lazzez).

Background of Voice over IP

VoIP Benefits

The use of Voice over Internet Protocol (VoIP) provides phone technology using the Broadband internet connection as well as hosted VoIP systems. The components and the infrastructure adopted by VoIP come with many benefits that can be accrued. The VoIP system can be installed, configured and maintained with more ease. IP phones do not need an expert with extensive knowhow to install as they do not need a phone wiring in the facility. The use of hosted software provides an easy and inexpensive way out for new user. The system uses a web portal that makes it easy to move, add, or change a system’s configuration (Ayokunle, 2012).

The VoIP system comes with added facilities and features unlike the standard telephone line. Majority of VoIP packages include messaging, conference call options, video calling, and revealing caller’s identity. The VoIP systems allow the exchange of data during the telephone conservation. This feature can be utilized by different types of business to enhance the quality of their services and level of customer service (Uys, 2009).

It is also worth noting that VoIP is not static to a direct facility or location unlike the traditional telephone system that was limited to a given geographical range. This opens up a window of opportunity for users to operate from different locations but still connected on the same network. In this way, businesses can come up with home-based call centers thereby reducing the cost for developing and running the permanent office-based call center (Uys, 2009).

VoIP Disadvantages

One of the disadvantages of using VoIP is the complicated service and network architecture used. The VoIP system integrated different kinds of services such as a voice, video, and data over the same network. This requires designing of complex architecture to ensure that proper functioning of the protocols and systems used for different services. This complexity poses challenges to the detect errors as it makes troubleshooting and isolation of errors more difficult. 

There is always a concern on the exposure of VoIP to security issues. This is mainly in the possibility of interception of conversations that demand a physical access to the phone lines. The issues are more in the VoIP systems. The architecture of the VoIP system engages IP phones, access devices, media gateways, servers and protocol in the process of facilitating a call and moving media between two endpoints (Lazzez & Slimani, 2012). Each of the elements mentioned above introduces its own vulnerable factors that attackers may take advantage of and conduct security attacks.

When using the VoIP, the issue of quality service always arises. This aspect was not given full consideration in the designing of the IP technology. This creates inefficiencies especially in the transmission of voice and video traffic. Concerns on quality of service related to voice traffic considers issues like fidelity, echo, side tone, and background noise (Lazzez & Slimani, 2012).

Working with VoIP

Sources of Vulnerabilities

Network Infrastructure. Threats have been perpetuated against the VoIP system by means of exploiting the weakness of implementation within the system. The vulnerabilities may be felt across various protocols within the same platform and product due to code sharing and internal software structure. This is also known to extend to some systems that are not considered as an integral part of the VoIP but which one requires to understand. The ease of detection leads to the distribution of the vulnerabilities within different systems. 

Another cause of vulnerability within the system arises due to interaction between different technologies used in VoIP.  Cross-site scripting attacks may be carried out against the web-based management interface by introducing some malicious codes in the messages. This vulnerability further creates a chance to carry out tool fraud through aiming of the underlying database (Keromytis, 2010).

Open and Public Networks. It is worth noting that the VoIP flow of information is transmitted over the internet. This is open to all public even anonymous people such as hackers with the potential of sending and receiving the traffic. The most common VoIP protocols such as the SIP and H.323 tend to be standardized and with an open access to the public. This creates an opportunity for an attack to develop a malicious client or server program as per the protocol specification with an aim of gaining access to the target VoIP servers or clients. This feature of being open exposes the protocol to ill-motived individuals who may study and exploit the vulnerabilities within the system (Lazzez, 2012). 

Mobility. The system of the Public Switched Telephone Network (PSTN) works by allocating a dedicated phone line to a particular number. Attacking such a configured system would require the attacker to acquire a physical access to spoof the credentials of the line of a normal user (Lazzez, 2012). The VoIP system on the other hand is configured in a way that it allows endpoints mobility. This creates a challenge of offering protection to curb identity spoofing.

Voice and data integration. Despite its genius inclusion of integrated voice and regular data traffic in the same network thereby offering significant benefits, this introduced new traffic engineering challenges. The integration of various traffic and different QOS and security requirements, the traffic engineering tasks such as securing, switching, and queuing became more complicated and difficult to accomplish (Lazzez, 2012).

VoIP Security

Lack of security features and devices. The VoIP system weakens the security posture of the well-established data networks. This is caused by poorly implemented VoIP components which tend to make the conventional IP firewall inadequate. Security issues arise from poorly implemented IP stacks in VoIP devices. This creates an avenue through which IP data systems may be accessed. It can be achieved by developing an inroad of compromised VoIP devices that opens up a path to the targeted computer (Davidowicz, 2004). This situation has arisen due to rush to market and the goals of increasing their revenue for new technology. This manner of operation creates issues with the code quality and security implementation in new technologies such as wireless technology.

Another issue arises due to the fact that IP adopted protocols tend to be very complex. This complexity tends to render the traditional IP firewalls ineffective as they are unable to handle the requirements of the protocols. The complexity further weakens the security posture of the most common firewall thereby increasing the level of exposure of the internal local area networks to security attacks (Davidowicz, 2004).

Data security infrastructure. To provide security to the networks in the VoIP system firewalls and NAT may be adopted. Firewalls have become a common component for the IP’s network. This forms the first line of defense when providing protection of a LAN, WAN, DMZ or a sole computer. Firewalls operate by cutting out any traffic considered to be invasive, intrusive, or malicious. The traffic that is found to be below the required standards by the firewall is dropped. The task of processing the traffic is determined through a set of rules included in the firewall program by the network administrator. A firewall is important in protecting a network as it offers a central location for deploying security policies (Kuhn, Walsh, & Fries, 2005).

Another option in the network protection process involves the use of Network Address Translation (NAT). This offers a powerful tool used to make the network addresses invisible making it possible for different endpoints within a LAN to share an IP address. The outgoing IP headers are converted from private LAN addresses and adopt a router’s global IP (Xin, 2007). This system makes positive contribution to the security of a LAN by making internal IP addresses less accessible form the publicly available internet. Any attack on the network would have to be concentrated to the NAT router. This makes protection much easier as only a single point needs to be protected (Kuhn, et al. 2005).

Strict authentication and encryption. Protection of networks may be enhanced through the use of authentication and encryption. In the authentication, a digest authentication scheme that is pegged on a simple challenge-response paradigm may be used. This scheme provides a challenge to the remote end of the system using a nonce value. A valid response is composed of a checksum of username, password, the provided nonce value, the HTTP method and the requested URI. The VoIP systems may also use the SIP authenticated Identity Body that defines a generic SIP authentication token (Kuhn, et al. 2005).  This token is generated by adding an S/MIME body to a SIP request thereby providing integrity over its headers. 

VoIP Threat Taxonomy

Call Flooding

In this particular security threat, an attacker floods valid or invalid heavy traffic. The traffic may be in the form of signals or media to a target system such as a VoIP server, client, and the underlying infrastructure. This causes a collapse of the functionality of the system or a decrease in its performance level by significant levels. The denial of service (DoS) attacks that may be perpetuated in a VoIP system include user call flooding, flooding user call by overflowing to other devices, endpoint request flooding, endpoint request flooding after call setup, and caller request flooding.

Call hijacking

Hijacking of a call occurs at a point when some transactions between the VoIP endpoint and network are overridden and under control of an attacker. The transaction may be on the registration, call setup, or media flow. The hijacking bears the potential of creating a major service interruption by disabling the legitimate and rightful users from accessing and using the VoIP service. It is carried out in a similar manner of call teardown as it steals session information as a first phase but with a different form of attack and impact. Most common forms of hijacking include the registration hijacking and the media season hijacking (Lazzez, 2012).

Call Teardown

This is a form of a DoS attack where the service delivery is disrupted by causing a session to end prematurely thereby denying service to users. The attackers transmit a fake call teardown message for a session thereby prompting the other end to end the session by tearing it down.

Call Pattern Tracking

This attack means carrying out unauthorized analysis of VoIP traffic emanating from the end to unidentified nodes or networks. The attacker aims to determine a potential target device, access information, protocol, or the level of vulnerability. The traffic analysis helps determine who called who and when a certain call was made.

Protection with VoIP Protocol

Authentication 

The VoIP protocol has a security system that offers access control. The control is aimed avoiding unauthorized use of VoIP resources. This helps in preventing transmission of corruptive data through DoS attacks. To ensure the control, the protocol provides access rights as per set policies. A user is required to verify these rights before accessing a terminal to facilitate approval for using the VoIP service. Access control is enhanced by authentication control. Authentication aims to prove that the user really holds the claimed identity. The VoIP protocol includes a password or pin mechanism that a user uses to log in to the network. The passwords and pins are sent in an encrypted form. To complete the authentication process, the identity of terminal devices is determined before the call is forwarded to the VoIP (Schmidt, 2005).

User to Proxy Authentication

The SIP protocol uses SIOP authenticated Identity Body (AIB) is a generic SIP authentication token.  The token is introduced by adding an S/MIME body to a SIP request and response required to determine the reference integrity over its header. The SIP applies existing mechanisms that show identity in SIP and in most cases do not allow an administrative domain to securely determine the identity of the source of a request. 

The need to approve the proxy authorization is to protect the system against proxy impersonation. A proxy impersonation attack attempts to trick the user into initiating communication with a rogue server as opposed to opening communication of a legitimated proxy server. The UAs and proxies use UDP to communicate which do not normally require strong authentication to initiate communicate with proxy.

Encryption

The SIP Protocol that incorporates different security features. Some of these features include message authentication, message encryption, media encryption, TLS and NLS. 

Message encryption

The SIP protocol depends on Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol which encrypts the headers of the signaling message. Only the Via and Route headers are not subjected to the encryption. This encryption is useful in maintaining an end-to-end confidentiality, integrity, and authentication between the users. The S/MIME model ensures flexibility towards granular protection of header information in SIP messages. This allows the SIP message filed to be allowed in a selective form.

Media encryption

The SIP protocol of the VoIP system uses a secure RTO to provide encryption of media packet modules for encryptions. These are beneficial in assuring the confidentiality and integrity of the media transmitted through the system. The SRTP concentrates on offering a protocol that ensures adequate protection for media streams but also maintains key properties to protect wired and wireless networks where bandwidth or limitation on their transmission exists.

Transport Layer Security (TLS)

The TLS protocol provides a transport-layer security for the VoIP protocol message such as requests and responses. The TLS provides an overall encryption for all SIP request and responses thereby enhancing the confidentiality and integrity of messages.

Conclusion

The video and voice over internet protocol opened up a new system with a higher flexibility as compared to the conventional telephone infrastructure with a greater margin for cost. The VoIP systems have a variety of complexities which make it vulnerable to the attack factors through forms of traffic intercepting and impersonation. The VoIP provides a way where information is passed over data networks. The data transmitted through the VoIP includes voice, video, and sharing. The threats facing the VoIP on DoS are related to implementation issues. Some of the discussed sources of vulnerability to the VoIP systems arises from IP-Based Network infrastructure, use of open and public networks, mobility factors, and the voice and data integration. The VoIP security can be enhanced through the use of data security infrastructure and the installation of a tight authentication and encryption. The VoIP threat has been categorized into different taxonomies. This paper discusses the call related threats such as call flooding, hijacking, teardown, and pattern tracking. It has been noted that the VoIP protocol may be protected by using authentication focused on the communication between the user and the proxy server and between different users. Encryption has been found to be developed to deal with message and media encryption.

References

Ayokunle, O. (2012). Integrating Voice over Internet Protocol VoIP Technology as a Communicatio Tool on a Converged Network in Nigeria. International Journal of Information and Communication Technology Research, Volume 2, No. 11.

Davidowicz, D. (2004). Voice Over IP (VoIP) Vulnerabilities . NOAA.

Keromytis, A. (2010). A look at VoIP Vulnerabilities. Colombia University.

Keromytis, A. (n.d.). Voice over IP: Risks, Threats and Vulnerability. Symatec Research Labs.

kUhn, R., Walsh, T., & Fries, S. (2005). Security Consideration for Voice Over IP Systems. National Institute of Standards and Technology.

Lazzez, A. (n.d.). VoIP Technology: Security Issues Analysis. Taif University .

Lazzez, A., & Slimani, T. (2012). Deployment of VoIP Technology: QOS Concerns. Taif Univeristy .

Padlipsky, M., Snow, D., & Karger, P. (2015). Limitations of End-to-End Encryption in Secure Computer Networks. Owlfolio.

Srinivasan, R., Harish, V., Narrasinmhan, K., & Srikanth, V. (2002). Authentication of Signaling in VoIP Applications.

Uys, L. (2009). Voice over Internet Protocol (VoIP) as a Communications tool in South African Business. African Journal of Business Management , 089-094.Xin, J. (2007). Security Issues and Countermeasure for VoIP. GSEC. SANS Institute