Security Threats in VOIP full report
#1

VOIP (voice on internet protocol)
Security Threats in VOIP


CONTENTS
Introduction
Vulnerabilities
VoIP Security Tools
Conclusion


Introduction
What Is IP Telephony
VoIP Phone
Working of VoIP
Protocols in IP Telephony

IP Telephony
IP telephony is a technology in which IP
networks are being used as the medium
to transmit voice traffic.
Voice over IP (VoIP)
Describes an IP telephony deployment where the IP network used
as the medium to transmit voice traffic is a managed IP network.
Voice on the Net (VON)
Describes an IP telephony deployment where the IP network used
as the medium to transmit voice traffic is the Internet.


Working of VoIP Phone
VoIP Phone
Requires broadband internet access and regular house
phones which plug into an analog telephone adapter (ATA).

Working of VoIP
works by the two-way transmission of voice over a
packet-switched IP network

Equipments
VoIP phone
call server
gateway.


Protocols in IP Telephony
Signaling protocols
perform session management and are responsible for
Locating a user
Session establishment
Session setup negotiation
Modifying a session
Tearing down a session

Vulnerabilities Confidentiality
Refers to the protection of data from being read by
an unauthorized user.
Integrity
Includes the unauthorized modification or deletion of
voice/data content.
Availability
Storage and transportation facilities for an information
system are accessible to authorized users

Confidentiality
Data Link Layer

Network Layer
Transport Layer
Application Layer

Integrity
Network Interface Layer
Network Layer
Transport Layer
Application Layer

Availability
Bandwidth consumption
Comprise of flooding the network
with a specific type of traffic.
Resource Starvation attacks
Flood a device (opposed to links
in a bandwidth consumption attack).
Routing Attacks
Involve manipulating routing information or protocols
in order to intercept / interrupt legitimate traffic.
Programming Flaws
Unintended bugs in software that can be exploited by
other user in order to gain access to a system .

VoIP Security Tools
VoIP systems become more prevalent and risk grows,
network engineers need to make sure the proper
precautions are taken to prevent security breaches.
Some testing tools
SiVuS
c07-sip

SiVuS
First publicly available vulnerability scanner for VoIP networks.

SIP Message generator
Used to test issues or generate demonstration attacks
SIP component discovery
Useful for identifying targets for analysis.
SIP vulnerability scanner
Used to verify the robustness and security of SIP phones,
proxy servers and registrar servers .

Strengths
Windows-based GUI design
Reports are generated in an easy
to read html page
Checks both the robustness and the
presence of security features

Weaknesses
Lack of information
SIP device failed to locate the Asterisk server
Issues arose on required SiVuS to be restarted.
authentication were found to report inaccurate
results.
Running the test cases repeatedly fails to find
a target on the first attempt

Conclusion
None of the security tools evaluated were significantly
effective for mitigating security risks in SIP-based
VoIP networks
Early stages of adoption, attacks have been either
largely unheard of or undetected
Particularly important to prevent DoS attacks
All tools today are still under heavy development and
will no doubt evolve as VoIP adoption increases
VoIP specific security tools should play an important
role in securing systems.

References B. Charney, "VoIP threats 'must be dealt with now,'
CNET News.com, 8 Feb. 2005;
J. E. Canavan, Fundamentals of Network Security,
Boston: Artech House, 2001
L.N.Vikram,Web Design And Multimedia Applications
4th Edition, Pearson Educations
Sikinder S.R.R.C, Voice On Internet Protocol A Basic
Approach, Charles House,2007
wikipedia.org.in
google.com
Digit magazine
Reply

Important Note..!

If you are not satisfied with above reply ,..Please

ASK HERE

So that we will collect data for you and will made reply to the request....OR try below "QUICK REPLY" box to add a reply to this page
Popular Searches: abstract on potential threats to mobile network security, security threats in database, threats of hemp and hpm seminar report, security challenges of voip seminar topic, ppt on cloud computing security threats and responses, cloud computing security threats seminar report, ppt of security threats in the world wide web,

[-]
Quick Reply
Message
Type your reply to this message here.

Image Verification
Please enter the text contained within the image into the text box below it. This process is used to prevent automated spam bots.
Image Verification
(case insensitive)

Possibly Related Threads...
Thread Author Replies Views Last Post
  network security seminars report computer science technology 14 20,385 24-11-2018, 01:19 AM
Last Post:
  computer networks full report seminar topics 8 42,024 06-10-2018, 12:35 PM
Last Post: jntuworldforum
  OBJECT TRACKING AND DETECTION full report project topics 9 30,656 06-10-2018, 12:20 PM
Last Post: jntuworldforum
  imouse full report computer science technology 3 24,898 17-06-2016, 12:16 PM
Last Post: ashwiniashok
  Implementation of RSA Algorithm Using Client-Server full report seminar topics 6 26,612 10-05-2016, 12:21 PM
Last Post: dhanabhagya
  Optical Computer Full Seminar Report Download computer science crazy 46 66,342 29-04-2016, 09:16 AM
Last Post: dhanabhagya
  ethical hacking full report computer science technology 41 74,443 18-03-2016, 04:51 PM
Last Post: seminar report asees
  broadband mobile full report project topics 7 23,322 27-02-2016, 12:32 PM
Last Post: Prupleannuani
  steganography full report project report tiger 15 41,335 11-02-2016, 02:02 PM
Last Post: seminar report asees
  Digital Signature Full Seminar Report Download computer science crazy 20 43,689 16-09-2015, 02:51 PM
Last Post: seminar report asees

Forum Jump: