VoIP Security - PowerPoint PPT Presentation

1 / 12
About This Presentation
Title:

VoIP Security

Description:

cc.gatech.edu Proxy Server. VoIP Security. IP is inherently insecure ... Magnification of existing vulnerabilities. Testbed: SIP Open Source Lab. Open Source Software ... – PowerPoint PPT presentation

Number of Views:32
Avg rating:3.0/5.0
Slides: 13
Provided by: mustaqu
Category:

less

Transcript and Presenter's Notes

Title: VoIP Security


1
VoIP Security
  • Vijay Arvind B.
  • GTISC Lab

2
Motivation
  • Advantages
  • Cost Effective
  • Feature rich
  • Presence
  • IM
  • Convergence
  • One user multiple devices
  • Geographical indifference

3
VoIP Security
  • IP is inherently insecure
  • Low latency requirements of VoIP
  • Critical infrastructure dependence
  • Magnification of existing vulnerabilities

4
Testbed SIP Open Source Lab
  • Open Source Software
  • Soft phone Kphone, Minisip
  • Proxy SIP Express Router PBX Asterisk

5
SIP Express Router
  • Other open source proxies
  • partySIP, YATE
  • Edge
  • SIP Conformance
  • Interoperability
  • TCP Support
  • Authentication - Digest
  • NAT support (STUN uPNP)
  • Extensive Use

6
Kphone / Minisip
  • Other clients
  • Linphone, YATEClient
  • Kphone Edge
  • Supports IPV6
  • Presence and Instant Messaging
  • Call hold / transfer
  • Ease of debugging
  • Minisip Edge
  • Security features
  • S/MIME
  • TLS
  • MIKEY key exchange
  • SRTP
  • Push-to-talk
  • Call Conferencing

7
Other tools
  • SiPP
  • Load generation
  • XML scripts
  • Sipsak
  • SER tester
  • Funtionality / Load tester
  • SiVuS
  • GUI based
  • VoMIT
  • SIP packet injection
  • Protos
  • Packet fuzzing
  • Ethereal
  • Call scenario diagrams

8
Lab Experiments
  • Vulnerability attacks
  • Denial of Service
  • Registration Hijacking
  • Premature BYE / CANCEL
  • Flooding
  • Lightweight Scheme for locating SIP users
  • Enhanced KPhone with authentication scheme

9
Sample Attack
REGISTER sipsomewhere.com SIP/2.0 From root
ltsiproot_at_192.168.0.101gt To root
ltsiproot_at_192.168.0.101gt Contact
ltsiproot_at_192.168.0.101gt Expires 0
REGISTER sipsomewhere.com SIP/2.0 From root
ltsiproot_at_192.168.0.101gt To root
ltsiproot_at_192.168.0.101gt Contact
ltsiproot_at_192.168.0.101gt Expires 7200
  • Sniff for registrations
  • Send malformed 0 Expires field packet
  • Worse by setting Contact
  • Nullifies all registrations

10
VoIP SPAM
  • VoIP SPAM is more annoying than other forms
  • Largely automated
  • Unsolicited calls
  • Constantly
  • At weird times
  • Result
  • Unusability of phone E911
  • Difference from Email SPAM
  • Real time processing
  • Traffic analysis made harder
  • Introduction of noise and silence
  • Flavours
  • Call SPAM
  • IM SPAM
  • Presence SPAM

11
Proposed Solutions
  • Content Filtering
  • Black Lists
  • White Lists
  • Consent-Based Communications
  • Reputation Systems
  • Limited Use Addresses
  • Turing Tests
  • Computational Puzzles
  • Payments at Risk
  • Legal Action
  • Circles of Trust
  • Centralized SIP Providers
  • Sender Checks

12
Questions
  • Who framed Roger rabbit ?
Write a Comment
User Comments (0)
About PowerShow.com