VoIP Security. Threats and Countermeasures. Eric Chen NTT Information Sharing Platform Laboratories & VOIPSA Technical Board of Advisors
|
|
- Abel Casey
- 8 years ago
- Views:
Transcription
1 VoIP Security Threats and Countermeasures Eric Chen NTT Information Sharing Platform Laboratories & VOIPSA Technical Board of Advisors
2 Agenda Increasing awareness of VoIP security Top VoIP security threats Best current practices Ongoing research efforts
3 Industry Activity VoIP Security Alliance (VOIPSA) launched in 2005 Mission: To promote VoIP security research, education and awareness To become a one-stop source of testing tools/methodologies Membership: Over 100 members on the Technical Board Include NTT, Mitel, Avaya, Nortel, Siemens, Alcatel, Extreme Networks, AT&T, Verizon, Columbia University VOIPSEC mailing list for discussion of VoIP security issues Projects: Threat taxonomy, best practices etc
4 VoIP Security Threat Taxonomy Refer to for more details
5 Conference Activity
6 VoIP Security Books Source:
7 Zero Day Auctions Now Include VoIP Source: WabiSabiLabi Home Page 26 June 2008
8 VoIP Attack Tools Now Available Online More than 80 VoIP attack/security tools known (still increasing)
9 Agenda Increasing awareness of VoIP security Top VoIP security threats Best current practices Ongoing research efforts
10 Finding Targets using Google Cisco Grandstream Sipura Polycom VoIP phones with built-in web servers to allow easy configuration May be indexed by Google if connected to the Internet without any protection Can easily find these phones using keywords included in the default URLs
11 SPIT SPam over Internet Telephony Definition: Automated telemarketing calls (excluding human calls) Not yet a problem due to the small number of VoIP users Can be more serious than PSTN marketing calls Can be easily automated Can be performed at low cost Can perform broadcast No country barrier in terms of call charges -> large scale Yahoo!BB Phone incidents in Japan 2004/2 Unsolicited commercial messages for an adult website 2004/8 "Number scanning" for active VoIP phone numbers (050- [provider code]-xxxx) at the rate of 6000 calls/day 2004/11 Unsolicited automatic messages asking for personal information Contracts with these spammers are terminated by the provider
12 SIP Scanning Send requests (REGISTER OPTIONS etc) with various spoofed originating UID to a SIP server Servers that respond with different replies for valid and invalid UIDs may be exploited
13 Example: SIPSCAN
14 Flood-based DoS Attacks VoIP is vulnerable to flood-based DoS attacks at various layers General DoS attacks target at TCP/IP Same threats to any web server on the Internet VoIP-specific DoS attacks target at UDP-based SIP and RTP Flood of bogus signaling packets may overload CPU of any SIP server or UA Flood of bogus RTP packets may degrade audio stream quality Tools available: kphone-ddos, RTP flooder, SIPBomber, SIPsak, Scapy, IAXFlooder, Seagull and SIPsak
15 Retrieve IP Address Motivation Method Send arbitrary packets to the target Call the target and sniff the incoming packets Contact info in 200 OK Source IP of the incoming RTP IP address of the target included
16 Fuzzing Attacks Send malformed SIP messages Buffer overflow Via: SIP/2.0/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa Integer anomalies Content-Length: -1 Invalid addresses INVITE SIP/2.0 Structural anomalies Cseq: 7038 INVITE a1 a2 a3 a4 a5 a6 a7 a8 a9 a10 Can either crash the target or execute arbitrary code
17 Eavesdropping INVITE SIP Proxy A INVITE OK SIP Proxy B Intercept signaling packets to analyze call patterns INVITE OK OK Alice RTP Bob Intercept conversation
18 Eavesdropping Scenarios Wireless LAN with weak security Physical access to intermediate network nodes UA vulnerability ARP-Spoofing
19 Agenda Increasing awareness of VoIP security Top VoIP security threats Best current practices Ongoing research efforts
20 How to avoid being Googled Follow the product guidelines Disable the web server Apply necessary security measures (FW, NAT etc) Use Google to look for exposed devices in one s company
21 Use VoIP Firewalls VoIP clients use various RTP ports to connect with their peers outside. Statically opening all possible ports using a regular firewall introduces new threats. VoIP firewall Dynamically open/close necessary ports through stateful inspection of VoIP traffic ( pinhole ) Inspecting the SDP payload in an INVITE message, extract the UDP port number to be used and open the port before the session starts Close the port when the BYE message corresponding to the session is detected Hide IP addresses of VoIP clients using NAT to prevent them from being direct targets on the Internet
22 Segregation of VoIP Network Segregate data and voice networks using VLAN etc Minimize impact on voice network from sudden traffic surge caused by PCs infected by worms on data network Reduce the risks of eavesdropping Prevent broadcast traffic on data network from entering VoIP network To further prevent unauthorized machines from accessing and attacking voice network IEEE802.1x MAC address filtering Allows only dedicated VoIP appliances on voice network (less programmability, less risk to be exploited) What to do with soft phones (e.g. X-Lite)? Don t allow them on mission-critical voice networks Restrict installation of applications Deploy immune networks
23 Software Updates Check various sources for new vulnerability information Source VOIPSA Blue Box CERT/CC JPCERT/CC IPA Vendor HP Description New VoIP security/attack tools Blog and mailing list discussions VoIP security-related podcast Tutorials Security incident report SIP vulnerability report (Japanese only) New firmware and patches URL com/
24 Penetration Tests Conduct simulated attacks using tools available on PROTOS/Codenomicon (fuzzing) SIPSCAN SiVuS SIPBomber...etc Verification criteria Terminal status Connection status QoS
25 Encryption Securing the signaling channel IPSec TLS/DTLS Securing the media channel IPSec SRTP (two candidates for SRTP key exchange now at IETF) DTLS-SRTP ZRTP
26 Vendor Solutions Arbor Networks ( Borderware ( Captus Networks ( Cisco Riverhead ( Ingate ( Mazu Networks ( Mirage Networks ( SecureLogix ( Sipera ( TippingPoint ( TopLayer (
27 Agenda Increasing awareness of VoIP security Top VoIP security threats Best current practices Ongoing research efforts
28 Research Opportunities in VoIP Security VoIP-specified DDoS attacks SPIT Adaptive detection against fuzzing attacks
29 NTT s SIP Guard for SIP-specific DoS attacks Eric Y. Chen, "Detecting DoS Attacks on SIP Systems", IEEE workshop on VoIP Management and Security at NOMS 2006, Canada, April 2006
30 NEC s VOIP SEAL Roman Schlegel, Saverio Niccolini, Sandra Tartarelli, Marcus Brunner SPam over Internet Telephony (SPIT) Prevention Framework, GLOBECOM 2006
31 Other Research Efforts Gaston Ormazabal, Secure SIP: A scalable prevention mechanism for DoS attacks on SIP based VoIP systems, IPTCOMM 2008 Charles Shen, SIP Server Overload Control: Design and Evaluation, IPTCOMM 2008 Mohamed Nassar, Holistic VoIP Intrusion Detection and Prevention System, IPTCOMM 2007 Jens Fiedler, VoIP Defender: Highly Scalable SIP-based Security Architecture, IPTCOMM 2007 Ge Zhang, Denial of Service Attack and Prevention on SIP VoIP Infrastructures Using DNS Flooding, IPTCOMM 2007
32 Conclusion VoIP is still an emerging technology, so is its security framework No such thing as perfect security, but risks can be significantly reduced using currently available solutions Challenges for Vendor Increase effort devoted to software engineering practices to minimize implementation flaws Provider User Learn to securely integrate different physical components (SIP servers, SIP clients) and solutions from multiple vendors Be aware of the new threats introduced by VoIP
Voice over IP. VoIP (In) Security. Presented by Darren Bilby NZISF 14 July 2005
Voice over IP VoIP (In) Security Presented by Darren Bilby NZISF 14 July 2005 Security-Assessment.com Who We Are NZ s only pure-play security firm Largest team of security professionals in NZ Offices in
More informationAn outline of the security threats that face SIP based VoIP and other real-time applications
A Taxonomy of VoIP Security Threats An outline of the security threats that face SIP based VoIP and other real-time applications Peter Cox CTO Borderware Technologies Inc VoIP Security Threats VoIP Applications
More informationVoIP some threats, security attacks and security mechanisms. Lars Strand RiskNet Open Workshop Oslo, 24. June 2009
VoIP some threats, security attacks and security mechanisms Lars Strand RiskNet Open Workshop Oslo, 24. June 2009 "It's appalling how much worse VoIP is compared to the PSTN. If these problems aren't fixed,
More informationVoice Over IP (VoIP) Denial of Service (DoS)
Introduction Voice Over IP (VoIP) Denial of Service (DoS) By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Denial of Service (DoS) is an issue for any IP network-based
More informationVerizon Columbia Research on VoIP Security A Model Academia/Industry Collaboration. Gaston Ormazabal. Verizon Laboratories.
Verizon 2009 All Rights Reserved. 1 Verizon Columbia Research on VoIP Security A Model Academia/Industry Collaboration Gaston Ormazabal Verizon Laboratories May 13, 2009 June 16, 2009 Verizon 2009 All
More informationSession Initiation Protocol (SIP) Vulnerabilities. Mark D. Collier Chief Technology Officer SecureLogix Corporation
Session Initiation Protocol (SIP) Vulnerabilities Mark D. Collier Chief Technology Officer SecureLogix Corporation What Will Be Covered Introduction to SIP General SIP security SIP vulnerabilities and
More informationVoIP Security: How Secure is Your IP Phone?
VoIP Security: How Secure is Your IP Phone? Dan York, CISSP Director of IP Technology, Office of the CTO Chair, Mitel Product Security Team Member, Board of Directors, VoIP Security Alliance (VOIPSA) ICT
More informationBest Practices for Securing IP Telephony
Best Practices for Securing IP Telephony Irwin Lazar, CISSP Senior Analyst Burton Group Agenda VoIP overview VoIP risks Mitigation strategies Recommendations VoIP Overview Hosted by VoIP Functional Diagram
More informationColumbia - Verizon Research Securing SIP: Scalable Mechanisms For Protecting SIP-Based Systems
Columbia - Verizon Research Securing SIP: Scalable Mechanisms For Protecting SIP-Based Systems Henning Schulzrinne Eilon Yardeni Somdutt Patnaik Columbia University CS Department Gaston Ormazabal Verizon
More informationCconducted at the Cisco facility and Miercom lab. Specific areas examined
Lab Testing Summary Report July 2009 Report 090708 Product Category: Unified Communications Vendor Tested: Key findings and conclusions: Cisco Unified Communications solution uses multilayered security
More informationFootprinting. Vendor press releases and case studies Resumes of VoIP personnel Mailing lists and user group postings Web-based VoIP logins
Voice Over IP Security Mark D. Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com www.securelogix.com www.voipsecurityblog.com Outline Outline Introduction Attacking
More informationRecommended IP Telephony Architecture
Report Number: I332-009R-2006 Recommended IP Telephony Architecture Systems and Network Attack Center (SNAC) Updated: 1 May 2006 Version 1.0 SNAC.Guides@nsa.gov This Page Intentionally Left Blank ii Warnings
More informationVoice over IP Security
Voice over IP Security Patrick Park Cisco Press Cisco Press 800 East 96th Street Indianapolis, Indiana 46240 USA vii Contents Introduction xvii Part I VoIP Security Fundamentals 3 Chapter 1 Working with
More informationVoice Over IP and Firewalls
Introduction Voice Over IP and Firewalls By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Use of Voice Over IP (VoIP) in enterprises is becoming more and more
More informationBasic Vulnerability Issues for SIP Security
Introduction Basic Vulnerability Issues for SIP Security By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com The Session Initiation Protocol (SIP) is the future
More informationProtect Yourself Against VoIP Hacking. Mark D. Collier Chief Technology Officer SecureLogix Corporation
Protect Yourself Against VoIP Hacking Mark D. Collier Chief Technology Officer SecureLogix Corporation What Will Be Covered How to assess the security of your IPT network: In house/external and ground
More informationSecuring SIP Trunks APPLICATION NOTE. www.sipera.com
APPLICATION NOTE Securing SIP Trunks SIP Trunks are offered by Internet Telephony Service Providers (ITSPs) to connect an enterprise s IP PBX to the traditional Public Switched Telephone Network (PSTN)
More informationRam Dantu. VOIP: Are We Secured?
Ram Dantu Professor, Computer Science and Engineering Director, Center for Information and Computer Security University of North Texas rdantu@unt.edu www.cse.unt.edu/~rdantu VOIP: Are We Secured? 04/09/2012
More informationThreat Mitigation for VoIP
Threat Mitigation for VoIP Bogdan Materna, VP Engineering and CTO VoIPshield Systems Third Annual VoIP Security Workshop June 2, 2006 Overview Basics VoIP Security Impact Examples of real vulnerabilities
More informationVOICE OVER IP SECURITY
VOICE OVER IP SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in part without
More informationConducting an IP Telephony Security Assessment
Conducting an IP Telephony Security Assessment Mark D. Collier Chief Technology Officer mark.collier@securelogix.com www.securelogix.com Presentation Outline Ground rules and scope Discovery Security policy
More informationA Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.
A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money
More informationIntrusion Prevention: The Future of VoIP Security
Intrusion Prevention: The Future of VoIP Security Introduction...2 VoIP Building Blocks...3 VoIP Security Threat Scenarios...7 Attacks against the underlying VoIP devices OS...7 Configuration Weaknesses
More informationIngate Firewall/SIParator SIP Security for the Enterprise
Ingate Firewall/SIParator SIP Security for the Enterprise Ingate Systems February, 2013 Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?...
More informationWhite Paper A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK. A balancing act
A SECURITY GUIDE TO PROTECTING IP PHONE SYSTEMS AGAINST ATTACK With organizations rushing to adopt Voice over IP (VoIP) technology to cut costs and integrate applications designed to serve customers better,
More informationPresenter. Zane Ryan. Director Dot Force zane.ryan@dotforce.co.uk www.dotforce.co.uk
Presenter Zane Ryan Director Dot Force zane.ryan@dotforce.co.uk www.dotforce.co.uk Ingate Systems Headquarters in Stockholm, Sweden North American subsidiary in New Hampshire Long Island, New York San
More informationIndustrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1
Industrial Network Security for SCADA, Automation, Process Control and PLC Systems Contents 1 An Introduction to Industrial Network Security 1 1.1 Course overview 1 1.2 The evolution of networking 1 1.3
More informationVillains and Voice Over IP
Villains and Voice Over IP Heather Bonin ECE 578 March 7, 2004 Table of Contents Introduction... 3 How VOIP Works... 3 Ma Bell and her Babies... 3 VoIP: The New Baby on the Block... 3 Security Issues...
More informationEvaluation of Security and Countermeasures for a SIP-based VoIP Architecture
Evaluation of Security and Countermeasures for a SIP-based VoIP Architecture Marius HERCULEA, Tudor Mihai BLAGA, Virgil DOBROTA Technical University of Cluj-Napoca Faculty of Electronics, Telecommunications
More informationDEPLOYING VoIP SECURELY
DEPLOYING VoIP SECURELY Everyone knows that Voice-over-IP (VoIP) has been experiencing rapid growth. Even still, you might be surprised to learn that: 10% of all voice traffic is now transmitted with VoIP
More informationTransparent weaknesses in VoIP
Transparent weaknesses in VoIP Peter Thermos peter.thermos@palindrometech.com 2007 Palindrome Technologies, All Rights Reserved 1 of 56 Speaker Background Consulting Government and commercial organizations,
More informationCPNI VIEWPOINT 02/2007 ENTERPRISE VOICE OVER IP
ENTERPRISE VOICE OVER IP AUGUST 2007 Abstract Voice over IP (VoIP) is the term used for a set of technologies that enable real time voice or video conversations to take place across IP networks. VoIP devices
More informationVOIP TELEPHONY: CURRENT SECURITY ISSUES
VOIP TELEPHONY: CURRENT SECURITY ISSUES Authors: Valeriu IONESCU 1, Florin SMARANDA 2, Emil SOFRON 3 Keywords: VoIP, SIP, security University of Pitesti Abstract: Session Initiation Protocol (SIP) is the
More informationIPTCOMM 2008 Heidelberg. VoIP Security: Do Claims of Threats Justify Continued Research Efforts? Jonathan Zar. Pingalo VOIPSA
IPTCOMM 2008 Heidelberg VoIP Security: Do Claims of Threats Justify Continued Research Efforts? Jonathan Zar Pingalo VOIPSA Eric Chen NTT Information Sharing Platform Laboratories VOIPSA 1 Lots of Activity
More informationVulnerabilities in SOHO VoIP Gateways
Vulnerabilities in SOHO VoIP Gateways Is grandma safe? Peter Thermos pthermos@vopsecurity.org pthermos@palindrometechnologies.com 1 Purpose of the study VoIP subscription is growing and therefore security
More informationCPNI VIEWPOINT 01/2007 INTERNET VOICE OVER IP
INTERNET VOICE OVER IP AUGUST 2007 Abstract Voice over IP (VoIP) is the term used for a set of technologies that enable real time voice or video conversations to take place across IP networks. VoIP devices
More informationSIP SECURITY WILEY. Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne. A John Wiley and Sons, Ltd.
SIP SECURITY Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne WILEY A John Wiley and Sons, Ltd., Publication Foreword About the Authors Acknowledgment xi xiii xv 1 Introduction
More informationVesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, holger.zuleger}@arcor.net Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, 65760 Eschborn, Germany
Service Provider implementation of SIP regarding security Vesselin Tzvetkov, Holger Zuleger {vesselin.tzvetkov, holger.zuleger}@arcor.net Arcor AG&Co KG, Alfred-Herrhausen-Allee 1, 65760 Eschborn, Germany
More informationDeployment of Snort IDS in SIP based VoIP environments
Deployment of Snort IDS in SIP based VoIP environments Jiří Markl, Jaroslav Dočkal Jaroslav.Dockal@unob.cz K-209 Univerzita obrany Kounicova 65, 612 00 Brno Czech Republic Abstract This paper describes
More informationSIP Trunking Configuration with
SIP Trunking Configuration with Microsoft Office Communication Server 2007 R2 A Dell Technical White Paper End-to-End Solutions Team Dell Product Group - Enterprise THIS WHITE PAPER IS FOR INFORMATIONAL
More informationDetecting Spam in VoIP Networks. Ram Dantu Prakash Kolan
Detecting Spam in VoIP Networks Ram Dantu Prakash Kolan More Multimedia Features Cost Why use VOIP? support for video-conferencing and video-phones Easier integration of voice with applications and databases
More information10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network
10 Key Things Your Firewall Should Do When voice joins applications and data on your network Table of Contents Making the Move to 3 10 Key Things 1 Security is More Than Physical 4 2 Priority Means Clarity
More informationSecurity issues in Voice over IP: A Review
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 3 Issue 2 February, 2014 Page No. 3879-3883 Security issues in Voice over IP: A Review Rajni a, Preeti a, Ritu
More informationVoIP Security Challenges: 25 Ways to Secure your VoIP Network from Versign Security, Dec 01, 2006
VoIP Security Challenges: 25 Ways to Secure your VoIP Network from Versign Security, Dec 01, 2006 VoIP technology has the tech geeks buzzing. It has been touted as: - the killer of telecoms - a solution
More informationA Lightweight Countermeasure to Cope with Flooding Attacks Against Session Initiation Protocol
A Lightweight Countermeasure to Cope with Flooding Attacks Against Session Initiation Protocol Intesab Hussain, Soufiene Djahel, Dimitris Geneiatakis ±, and Farid Naït-Abdesselam LIPADE, University of
More informationSIP Intrusion Detection and Response Architecture for Protecting SIP-based Services
SIP Intrusion Detection and Response Architecture for Protecting SIP-based Services KyoungHee Ko, Hwan-Kuk Kim, JeongWook Kim, Chang-Yong Lee, HyunCheol Jeong Applied Security Technology Team Korea Information
More informationSecurity Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8
Security Testing Summary of Next-Generation Enterprise VoIP Solution: Unify Inc. OpenScape SBC V8 SR140531D 19 August 2014 Miercom www.miercom.com Overview Unify Inc. (formerly Siemens Enterprise Communications)
More informationSIP SECURITY. Status Quo and Future Issues. 23. Chaos Communication Congress: 27. - 30.12.2006, Berlin, Germany
SIP SECURITY Status Quo and Future Issues 23. Chaos Communication Congress: 27. - 30.12.2006, Berlin, Germany Jan Seedorf - seedorf@informatik.uni-hamburg.de SVS - Security in Distributed Systems Intention
More informationSecuring Enterprise VoIP. VoIP Vulnerabilities Patrick Young CEO Arlinx Inc.
Securing Enterprise VoIP VoIP Vulnerabilities Patrick Young CEO Arlinx Inc. VoIP Security Patrick Young CEO Arlinx, Inc. http:// (954) 344-7665 Arlinx manufactures a telecom carrier grade application specific
More informationVOIP SECURITY ISSUES AND RECOMMENDATIONS
VOIP SECURITY ISSUES AND RECOMMENDATIONS Sathasivam Mathiyalakan MSIS Department, College of Management, University of Massachusetts Boston Phone: (617) 287 7881; Email: Satha.Mathiyalakan@umb.edu ABSTRACT
More informationMAC Based Routing Table Approach to Detect and Prevent DDoS Attacks and Flash Crowds in VoIP Networks
BULGARIAN ACADEMY OF SCIENCES CYBERNETICS AND INFORMATION TECHNOLOGIES Volume 11, No 4 Sofia 2011 MAC Based Routing Table Approach to Detect and Prevent DDoS Attacks and Flash Crowds in VoIP Networks N.
More informationJust as the ecommerce companies have
Protecting IMS Networks From Attack Krishna Kurapati Krishna Kurapati is the founder and CTO of Sipera Systems (www.sipera.com), a company that specializes in security for VOIP, mobile and multimedia communications.
More informationSecuring VoIP Networks using graded Protection Levels
Securing VoIP Networks using graded Protection Levels Andreas C. Schmidt Bundesamt für Sicherheit in der Informationstechnik, Godesberger Allee 185-189, D-53175 Bonn Andreas.Schmidt@bsi.bund.de Abstract
More informationChapter 8 Security Pt 2
Chapter 8 Security Pt 2 IC322 Fall 2014 Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley March 2012 All material copyright 1996-2012 J.F Kurose and K.W. Ross,
More informationThe #1 Issue on VoIP, Fraud!
Know your enemy Sun Tzu's The Art of War The #1 Issue on VoIP, Fraud! How to identify, prevent and reduce damages caused by fraud Flavio E. Goncalves About me Author of the book Building Telephony Systems
More informationHow to make free phone calls and influence people by the grugq
VoIPhreaking How to make free phone calls and influence people by the grugq Agenda Introduction VoIP Overview Security Conclusion Voice over IP (VoIP) Good News Other News Cheap phone calls Explosive growth
More informationCPNI VIEWPOINT 03/2007 HOSTED VOICE OVER IP
HOSTED VOICE OVER IP AUGUST 2007 Abstract Voice over IP (VoIP) is the term used for a set of technologies that enable real time voice or video conversations to take place across IP networks. VoIP devices
More informationVirtual private network. Network security protocols VPN VPN. Instead of a dedicated data link Packets securely sent over a shared network Internet VPN
Virtual private network Network security protocols COMP347 2006 Len Hamey Instead of a dedicated data link Packets securely sent over a shared network Internet VPN Public internet Security protocol encrypts
More informationNext Generation IPv6 Network Security a Practical Approach Is Your Firewall Ready for Voice over IPv6?
Next Generation IPv6 Network Security a Practical Approach Is Your Firewall Ready for Voice over IPv6? - and many other vital questions to ask your firewall vendor Zlata Trhulj Agilent Technologies zlata_trhulj@agilent.com
More informationVulnerability Analysis on Mobile VoIP Supplementary Services and MITM Attack
Vulnerability Analysis on Mobile VoIP Supplementary Services and MITM Attack You Joung Ham Graduate School of Computer Engineering, Hanshin University, 411, Yangsan-dong, Osan, Gyeonggi, Rep. of Korea
More informationA Reality Check on Security in VoIP
A Reality Check on Security in VoIP Communications Rick Robinson CISSP ISSAP IEEE Sr. Member Agenda Background Overview of Threats Top Ten With Reality Checks Trends Actions Pearls Questions Background
More informationCS5008: Internet Computing
CS5008: Internet Computing Lecture 22: Internet Security A. O Riordan, 2009, latest revision 2015 Internet Security When a computer connects to the Internet and begins communicating with others, it is
More informationVoIP Security Methodology and Results. NGS Software Ltd
VoIP Security Methodology and Results NGS Software Ltd Barrie Dempster Senior Security Consultant barrie@ngssoftware.com Agenda VoIP Security Issues Assessment Methodology Case Study: Asterisk VoIP Security
More informationhackers 2 hackers conference III voip (in)security luiz eduardo cissp, ceh, cwne, gcih
luiz eduardo cissp, ceh, cwne, gcih who am I? networking guy security guy employed by Aruba Networks wlan network for defcon, blackhat & ccc regular speaker at cons founder, dc55.org and... agenda intro
More informationDoS/DDoS Attacks and Protection on VoIP/UC
DoS/DDoS Attacks and Protection on VoIP/UC Presented by: Sipera Systems Agenda What are DoS and DDoS Attacks? VoIP/UC is different Impact of DoS attacks on VoIP Protection techniques 2 UC Security Requirements
More informationIs Your Network Ready for VoIP?
Is Your Network Ready for VoIP? Evaluating firewalls for VoIP access, control and security. CONTENTS The Network Will Never be the Same 2 A VoIP-Ready Firewall Criteria Checklist 2 Control Considerations
More informationPerspective on secure network for control systems in SPring-8
Perspective on secure network for control systems in SPring-8 Toru Ohata, M. Ishii, T. Fukui* and R. Tanaka JASRI/SPring-8, Japan *RIKEN/SPring-8, Japan Contents Network architecture Requirement and design
More information1152 IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS PART C: APPLICATIONS AND REVIEWS, VOL. 37, NO. 6, NOVEMBER 2007
1152 IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS PART C: APPLICATIONS AND REVIEWS, VOL. 37, NO. 6, NOVEMBER 2007 Security Challenge and Defense in VoIP Infrastructures David Butcher, Member, IEEE,
More informationPENTEST. Pentest Services. VoIP & Web. www.novacybersecurity.com
PENTEST VoIP & Web Pentest Services VoIP & WEB Penetration Testing The Experinced and National VoIP/Unified Communications R&D organization, NETAŞ NOVA Pentest Services test the applications, infrastructure
More informationData Security in a Converged Network
Data Security in a Converged Network A Siemens White Paper Author: Contributors: Joel A. Pogar National Practice Manager Secure Network Services Joel.Pogar@icn.siemens.com Jeff Corcoran Solutions Architect,
More informationFirewall-Friendly VoIP Secure Gateway and VoIP Security Issues
Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues v Noriyuki Fukuyama v Shingo Fujimoto v Masahiko Takenaka (Manuscript received September 26, 2003) IP telephony services using VoIP (Voice
More informationAnalysis of SIP Traffic Behavior with NetFlow-based Statistical Information
Analysis of SIP Traffic Behavior with NetFlow-based Statistical Information Changyong Lee, Hwankuk-Kim, Hyuncheol Jeong, Yoojae Won Korea Information Security Agency, IT Infrastructure Protection Division
More informationHow To Support An Ip Trunking Service
Small Logo SIP Trunking: Deployment Considerations at the Network Edge at the Network Edge Executive Summary The move to Voice over IP (VoIP) and Fax over IP (FoIP) in the enterprise has, until relatively
More informationCisco ASA 5500 Series Unified Communications Deployments
5500 Series Unified Communications Deployments Cisco Unified Communications Solutions unify voice, video, data, and mobile applications on fixed and mobile networks, enabling easy collaboration every time,
More informationVoIP Security regarding the Open Source Software Asterisk
Cybernetics and Information Technologies, Systems and Applications (CITSA) 2008 VoIP Security regarding the Open Source Software Asterisk Prof. Dr.-Ing. Kai-Oliver Detken Company: DECOIT GmbH URL: http://www.decoit.de
More informationSession Initiation Protocol Security Considerations
Session Initiation Protocol Security Considerations Sami Knuutinen Helsinki University of Technology Department of Computer Science and Engineering May 28, 2003 Abstract Session Initiation Protocol (SIP)
More informationRon Shuck, CISSP, CISM, CISA, GCIA Infrastructure Security Architect Spirit AeroSystems
Ron Shuck, CISSP, CISM, CISA, GCIA Infrastructure Security Architect Spirit AeroSystems VOIP Components Common Threats How Threats are Used Future Trends Provides basic network connectivity and transport
More informationSecurity Best Practices for Enterprise VoIP. Preventing Attacks and Managing Risk
Security Best Practices for Enterprise VoIP Preventing Attacks and Managing Risk A Sipera White Paper September 2007 Summary To take full advantage of unified communications (UC), enterprises are extending
More informationImplementing VoIP monitoring solutions. Deployment note
Implementing VoIP monitoring solutions Deployment note Introduction With VoIP being an integral part of modern day business communications, enterprises are placing greater emphasis on the monitoring and
More informationFIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities
FIREWALLS & NETWORK SECURITY with Intrusion Detection and VPNs, 2 nd ed. Chapter 4 Finding Network Vulnerabilities Learning Objectives Name the common categories of vulnerabilities Discuss common system
More informationVoIP Security* Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011
VoIP Security* Professor Patrick McDaniel CSE545 - Advanced Network Security Spring 2011 *Thanks to Prof. Angelos Keromytis for materials for these lecture slides. CSE545 - Advanced Network Security -
More informationHow To Protect Your Phone From Being Hacked By A Man In The Middle Or Remote Attacker
An Empirical Investigation into the Security of Phone Features in SIP-based VoIP Systems Ruishan Zhang 1, Xinyuan Wang 1, Xiaohui Yang 1, Ryan Farley 1, and Xuxian Jiang 2 1 George Mason University, Fairfax,
More informationThreats to be considered (1) ERSTE GROUP
VoIP-Implementation Lessons Learned Philipp Schaumann Erste Group Bank AG Group IT-Security philipp.schaumann@erstegroup.com http://sicherheitskultur.at/ Seite 1 Threats to be considered (1) Eavesdropping
More informationHow To Prevent Hacker Attacks With Network Behavior Analysis
E-Guide Signature vs. anomaly-based behavior analysis News of successful network attacks has become so commonplace that they are almost no longer news. Hackers have broken into commercial sites to steal
More informationCE 817 - Advanced Network Security VoIP Security
CE 817 - Advanced Network Security VoIP Security Lecture 25 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially
More informationManaging Risks at Runtime in VoIP Networks and Services
Managing Risks at Runtime in VoIP Networks and Services Oussema Dabbebi, Remi Badonnel, Olivier Festor To cite this version: Oussema Dabbebi, Remi Badonnel, Olivier Festor. Managing Risks at Runtime in
More informationHow To Secure A Voice Over Internet Protocol (Voip) From A Cyber Attack
DHS 4300A Sensitive Systems Handbook Attachment Q5 To Handbook v. 11.0 Voice over Internet Protocol (VoIP) Version 11.0 December 22, 2014 Protecting the Information that Secures the Homeland This page
More informationA Model-based Methodology for Developing Secure VoIP Systems
A Model-based Methodology for Developing Secure VoIP Systems Juan C Pelaez, Ph. D. November 24, 200 VoIP overview What is VoIP? Why use VoIP? Strong effect on global communications VoIP will replace PSTN
More informationVoice over IP Security
ii Voice over IP Security Patrick Park Copyright 2009 Cisco Systems, Inc. Published by: Cisco Press 800 East 96th Street Indianapolis, IN 46240 USA All rights reserved. No part of this book may be reproduced
More informationUnregister Attacks in SIP
Unregister Attacks in SIP Anat Bremler-Barr Ronit Halachmi-Bekel Interdisciplinary Center Herzliya Email: {bremler,halachmi.ronit}@idc.ac.il Jussi Kangasharju Darmstadt University of Technology jussi@tk.informatik.tu-darmstadt.de
More informationModels of Secure VoIP Systems. VoIP Security Best Practice. Vol. II. Models of Secure VoIP Systems (Version: 1.2) NEC Corporation
VoIP Security Best Practice (Version: 1.2) NEC Corporation Liability Disclaimer NEC Corporation reserves the right to change the specifications, functions, or features, at any time, without notice. NEC
More informationSS7 & LTE Stack Attack
SS7 & LTE Stack Attack Ankit Gupta Black Hat USA 2013 akg0x11@gmail.com Introduction With the evolution of IP network, Telecom Industries are using it as their core mode of communication for their network
More informationBEng (Hons) Telecommunications. Examinations for 2011 2012 / Semester 1
BEng (Hons) Telecommunications Cohort: BTEL/10A/FT Examinations for 2011 2012 / Semester 1 MODULE: IP Telephony MODULE CODE: TELC3107 Duration: 2 Hours Reading time: 15 Minutes Instructions to Candidates:
More informationHacking VoIP Exposed. David Endler, TippingPoint Mark Collier, SecureLogix
Hacking VoIP Exposed David Endler, TippingPoint Mark Collier, SecureLogix Agenda Introductions Casing the Establishment Exploiting the Underlying Network Exploiting VoIP Applications Social Threats (SPIT,
More information1-4244-0353-7/07/$25.00 2007 IEEE
Detecting SPIT Calls by Checking Human Communication Patterns J. Quittek, S. Niccolini, S. Tartarelli, M. Stiemerling, M. Brunner, T. Ewald NEC Europe Ltd., Kurfürsten-Anlage 36, 69115 Heidelberg, Germany;
More informationMulti-layered Security Solutions for VoIP Protection
Multi-layered Security Solutions for VoIP Protection Copyright 2005 internet Security Systems, Inc. All rights reserved worldwide Multi-layered Security Solutions for VoIP Protection An ISS Whitepaper
More informationSIP Security in IP Telephony
SIP Security in IP Telephony Muhammad Yeasir Arafat and M. Abdus Sobhan School of Engineering and Computer Science Independent University, Bangladesh E-mail: sobhan30@gmail.com Abstract Today the session
More informationSIP Security Status Quo and Future Issues Jan Seedorf
SIP Security Status Quo and Future Issues Jan Seedorf Security in Distributed Systems (SVS) University of Hamburg, Dept. of Informatics Vogt-Kölln-Str. 30, D-22527 Hamburg seedorf@informatik.uni-hamburg.de
More informationIxLoad-Attack: Network Security Testing
IxLoad-Attack: Network Security Testing IxLoad-Attack tests network security appliances determining that they effectively and accurately block attacks while delivering high end-user quality of experience
More informationIP Phone Security: Packet Filtering Protection Against Attacks. Introduction. Abstract. IP Phone Vulnerabliities
W H I T E P A P E R By Atul Verma Engineering Manager, IP Phone Solutions Communications Infrastructure and Voice Group averma@ti.com Introduction The advantages of a converged voice and data network are
More information