Govt. Engineering College Bikaner

A SEMINAR PresentationON

Presentation By: Deepak Kumar Mishra

Information Technology FINAL YEAR

SECURITY CHALLENGE AND DEFENSE IN VOIP INFRASTRUCTURE

WHAT IS VOIP

Voice over internet protocol : Allows user to to make calls using broadband internet Connection instead of analog phone line.

Uses packet-switched network replace circuit switched network.

VOIP DATA PROCESSING

SIGNALING (H.323 , SIP )

ENCODING AND TRANSPORT (analog to digital , RTP , UDP)

GATEWAY CONTROL (format conversion )

Fig. 1. (a) Typical VoIP network structure. (b) Voice data processing of the VoIP.

OVERVIEW OF SECURITY CONCERNS AND IMPACTS IN A VOIP SYSTEM

GENERIC SECURITY CONCERNS IN VOIP

DOS- Availability.

Eavesdropping – confidentiality.

Alteration of voice stream – confidentiality and Integrity .

Toll fraud – Integrity .

Redirection of call – Integrity and confidentiality.

Accounting Data Manipulation – Integrity and Confidentiality.

Caller Identification Impersonation – Integrity

OCCURRENCE POSITION AND IMPACT OF POTENTIAL ATTACKS TO A VOIP SYSTEM

ATTACK VECTORS IN VOIP AND CRITICAL CHALLENGES

The threats to the VOIP system can be further broken down into specific attack vectors to disrupt the system and summarized by the system layer where the attacks occur .

SIP Registration Hijacking SIP Message Modification SIP cancel / bye attack Malformed SIP Command SIP Redirect RTP Payload RTP Tampering

SIP REGISTRATION HIJACKING

Registration hijacking occurs when an attacker impersonates a valid UA to a registrar and replaces the legitimate registration with its own address .TLS can protect this.

SIP MESSAGE MODIFICATION

Have no Built in integrity ,by Man in middle attacks an attacker can intercept and modify SIP messages .TLS can protect from reading it.

SIP CANCEL /BYE ATTACK

The attacker can create an SIP message with the Cancel or Bye command in its payload and send it to an end node to terminate ongoing conversation . Strong Authentication can control this attack.

MALFORMED SIP COMMAND

SIP uses HTML to carry command information , it becomes difficult to test the SIP parser with possible inputs.Strong Authentication and Dictionary test of cases for parser can save network.

SIP REDIRECT

By attacking REDIRECT SERVER and commanding it to redirect the victim’s call to specific number can redirect to null type device .

TLS with strong password can eliminate this.

RTP PAYLOAD

RTP carries actual encoded messages b/w two callers , adds sequencing information .

MITM attack can gain access to the RTP media stream b/w two nodes and can inspect and modify the data

RTP TAMPERING

By manipulation of the sequence number and timestamp fields in the header of the RTP packet , the packets can be re sequenced or made unusable.

SRTP can determine the modification of packet.

POSITION AND IMPACT OF POTENTIALATTACKS IN VOIP

1. Physical Attack 2. Address Resolution Protocol 3. MAC Spoofing 4. IP Spoofing 5. Malformed Packet 6. TCP or UDP Replay 7. Dynamic Host Configuration Protocol8. Internet Control Message Protocol9. Buffer Overflow Attack 10.OS Attack11.Virus and Malware12.CIDR Database Attack

Other Attacks General to IP Data Networks.

DEFENSE VECTORS IN VOIP

Separation of VOIP and Data Traffic Similar to port Authentication , separating voice and data traffic is a key enabler to overall security. VLAN technology (802.1q) is applied along with voice mail servers and SIP aware firewalls.

Configuration Authentication VOIP phones need basic config. Information to get into VOIP system ,public key or shared secret keys can help in the authenticated configuration of the phone .Along with TLS it becomes more secure.

Signaling Authentication The IP Security(IP Sec ) protocol provides mechanisms for both authentication and encryption .Provides DNS Secure , Authentication Header protocol . Controls Replay Attacks.

Media Encryption SRTP protocol minimizes the number of keys that must be shared b/w two nodes , MIKEY(multimedia Keying Protocol) capable of handing keys in adhoc environment .

SECURITY MECHANISMS AGAINST ATTACKS

SEGMENTATION OF VOIP VOICE AND DATA

Queries ??

THANK you