Research Article
An Empirical Study of Security of VoIP System
|
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
|
| Volume 181 - Issue 10 |
| Published: Aug 2018 |
| Authors: Ahmad Ghafarian, Maria Dehghani |
10.5120/ijca2018916399
|
Ahmad Ghafarian, Maria Dehghani . An Empirical Study of Security of VoIP System. International Journal of Computer Applications. 181, 10 (Aug 2018), 6-11. DOI=10.5120/ijca2018916399
@article{ 10.5120/ijca2018916399,
author = { Ahmad Ghafarian,Maria Dehghani },
title = { An Empirical Study of Security of VoIP System },
journal = { International Journal of Computer Applications },
year = { 2018 },
volume = { 181 },
number = { 10 },
pages = { 6-11 },
doi = { 10.5120/ijca2018916399 },
publisher = { Foundation of Computer Science (FCS), NY, USA }
}
%0 Journal Article
%D 2018
%A Ahmad Ghafarian
%A Maria Dehghani
%T An Empirical Study of Security of VoIP System%T
%J International Journal of Computer Applications
%V 181
%N 10
%P 6-11
%R 10.5120/ijca2018916399
%I Foundation of Computer Science (FCS), NY, USA
Abstract
As VoIP (Voice-over-IP) Services are becoming more popular, various types of attacks against them are increasing. SIP (Session Initiation Protocol) is the main protocol that is used in VoIP. SIP is subject to various types of attacks including DoS (Denial-of-Service) attack. This paper reports our experiment of simulating VoIP system using existing open source tools and technology. The simulated VoIP system is used to demonstrate a normal VoIP communication, launching DoS flooding attacks against SIP and implementing a successful Snort-based Intrusion Detection System (IDS) capable of catching suspicious SIP messages. Additionally, we propose a new VoIP architecture, which is based on buffering all incoming messages from clients with the intention of processing the messages in the buffer before they are forwarded to the destination.
References
- S. Ehlert, Y. Rebahi, and T. Magedanz, ‘Intrusion Detection System for Denial-of-Service flooding attacks in SIP communication networks’, Int. J. Security and Networks, vol. 4, no. 3, pp. 189–200, 2009.
- S. Ehlert, G. Zhang, and D. Geneiatakis, "Two layer Denial of Service prevention on SIP VoIP infrastructure”, Computer Communications, vol 31, pp. 2443-2456, 2008.
- Z. Fan, and X. Wan, “The Design and Realization of SIP DoS attack Detection Plugin Based on Balanced Message Number Principle”, Proceedings of ICCTA, pp. 780-784, 2009.
- B. Goode, “Voice over Internet protocol (VoIP)”, Proceedings of the IEEE ,vol 90 , Issue 9 , 2002.
- S. McGann, and D. C. Sicker. “An Analysis of Security Threats and Tools in SIP-Based VoIP Systems”, University of Colorado Boulder, 2005.
- J. Markl, J. Dočkal, “Deployment of Snort IDS in SIP based VoIP environments”, Security and Protection of Information 2007.
- S. Niccolini, R. G. Garroppo, S. Giordano , G. Risi, and S. Ventura, “SIP Intrusion Detection and Prevention: Recommendations and Prototype Implementation”, IEEE, vol 5, no 6, 2006.
- G. Ormazabal, S. Nagpal, E.Yardeni, and H. Schulzrinne. “Secure SIP: A Scalable Prevention Mechanism for DoS Attacks on SIP Based VoIP Systems.” H. Schulzrinne, R. State, and S. Niccolini (Eds.): IPTComm 2008, LNCS 5310, pp. 107–132, 2008.
- J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Spark, M. Handley, and E. Schooler, Session Initiation Protocol, no. RFC 3261, 2002.
- D. Sisalem, and J. Kuthan “Denial of Service Attacks and SIP Infrastructure: Attack Scenarios and Prevention Mechanisms”, Network IEEE, Vol 20, Issue 5, pp. 26-31, 2006.
- Snort, www.snort.org
- M. Voznak, and J. Safarik, "SIP proxy robustness against DoS attacks", Proceedings of the Applied Computing Conference, pp. 223-227, 2011.
- VMware.com. virtualization for desktop, available at VMware.com.
Index Terms
Keywords