New and Current Approaches for Secure VoIP Service

Size: px
Start display at page:

Download "New and Current Approaches for Secure VoIP Service"

Transcription

1 New and Current Approaches for Secure VoIP Service H. Hakan Kılınç, Uğur Cağal Netas, Cyber Security Department, Istanbul Abstract: The current telecom technology uses 4G and preparations are being made for 5G. Technological generation change and the expansion of IPv6 have increased the use of VoIP. In parallel to this increase, many frauds and weaknesses are realized. There is a growing need for security products that have in-depth packet analysis capabilities in application layer in order to find the vulnerabilities of VoIP systems, to detect attacks against these systems and to protect them. However, unlike services such as and web, VoIP services are time-sensitive. Complex and time-consuming security mechanisms are not suitable for VoIP. In our study, we discuss existing and new security approaches for VoIP security issues. Keywords: VoIP, SIP, Security Threats, Security Products, DoS/DdoS, VoIP IDS (Intrusion Detection System), VoIP IPS (Intrusion Prevention System), VoIP Firewall, VoIP Security Scanner. 1. Introduction: IP(Internet Protocol) based VoIP (Voice over IP Telephony), which offers many benefits such as low cost communications and rich telephony services, is becoming more widespread everyday as the technological infrastructure of IP grows stronger. VoIP has many advantages over PSTN (Public Switched Telephony Network) and over the years, VoIP services have become a serious contender to the PSTN Systems. Figure-1 shows the constantly increasing amount of data (petabytes/month) that is transferred over VoIP networks. The VoLTE (Voice over LTE, the VoIP leg of 4G LTE) and VoWIFI technologies will further increase the VoIP traffic in the near future. Figure 1 -Annual Increase in the Amount of VoIP Services Data [1] The fact that IP communication contains security vulnerabilities and furthermore inherits all of the security problems associated with the internet points out the importance of security in next generation telecommunications technologies. Examples of VoIP security vulnerabilities include, VoIP Traffic Theft, unauthorized usage of communication infrastructure, calls to toll-free systems with malicious intent, reduction of voice quality, denial of service (DoS) attacks, fake registrations, service theft, eavesdropping, spam, malware, information theft and VoIP traffic redirection. The 2013 Global Fraud Loss Survey by Communications Fraud Control Association reports the total revenue lost to VoIP network attacks is 3,62 billion dollars [2]. Since this report only covers the attacks that were detected, the total loss is much more than this amount.

2 These losses are results of attacks towards VoIP and UC (Unified Communications) systems. 25% of hacker attacks are towards VoIP and UC systems, and there are over exploits and threats discovered in these systems [3]. Toll Fraud, which is highly profitable for fraudsters and quite easy to accomplish, is one of the most widespread crimes in the telecommunications industry. Most of the attacks towards VoIP infrastructure occur on signaling technologies. SIP (Session Initiation Protocol) is the most widespread hypertext based protocol used in establishing, modifying and tearing down sessions between VoIP components [4]. It was selected as the signaling protocol of IMS (IP Multimedia Subsystem) and VoLTE because of its flexible usage and measurability. Although SIP presents great advantages, it is also vulnerable to many security threats [6] [7] [8] [9]. This paper is organized as follows: Chapter 2 summarizes the new telecommunications infrastructure. Chapter 3 discusses VoIP security issues and the current and new methods that are used to deal with these issues. Chapter 4 concludes our work by providing recommendations. 2. New Telecommunications Infrastructure and VoIP Traditional telecommunications uses an infrastructure called PSTN that is based on circuit switching method to provide stationary voice communications service. VoIP, which is the new telecommunications infrastructure, uses the internet as the voice communications medium. Voice is transferred with the packet switching method, which is the basis of data transfer over the internet. As shown in Figure-2, the new telecommunications infrastructure is abandoning PSTN in lieu of VoIP networks and components. This change takes the form of a hybrid structure at first and transforms into pure VoIP over time. The hybrid structure takes the form of a VoIP telecommunications system in intercompany telephones and is converted to PSTN for outside communications. The current infrastructure in Turkey uses the hybrid system. Telekom infrastructure is moving to pure IP, abandoning the PSTN system altogether. The next-generation mobile technology 4G LTE is purely IP based and will continue to evolve as IPv6 becomes more widespread. VoIP can use a single broadband circuit for packet switched services such as data, voice and video. Many institutions use VoIP as part of their already existing data network. Although this method is cost-effective, it also increases the performance and security requirements of the system. An integrated system increases the importance of the Quality of Service (QoS) and security processes in order to preserve call quality [10]. Figure 2 - The New Telecommunications Infrastructure

3 3. VoIP Security Problems and Solution Approaches Figure 3 - Security Products and Packet Analysis Levels Telephony networks have always been a target of computer hackers since Phreaking, Telephone Hacking, became widespread in 70s/80s. The general aim of these attacks is to commit billing fraud and to make toll-free long-distance calls. The security problems of PSTN such as call forwarding and illegal interception were abused to commit these crimes. VoIP faces these problems along with the new security issues it inherits from the internet infrastructure. [10] We can classify some of the problems encountered in a VoIP network under the following five topics. We will use figure 3 in these descriptions. Figure 3 clearly displays some of these problems and their solutions. As mentioned above, most of the attacks against VoIP Networks occur over signaling technologies. The payload these packets contain should be inspected in order to detect these attacks. Problem 1: VoIP Traffic Theft and Toll Fraud: It is the foremost problem VoIP Service Providers and Customers have faced since the beginning. Many VoIP Call Servers contain solutions to this problem that uses either Classes of Restriction or Authentication Codes. Class of Restriction groups certain telephone numbers based on criteria, such as local or long-distance, and brings restrictions to calling these numbers. The other approach requires the user to enter a code before making a call. Both of these approaches are hard to manage and maintain. Also, authentication codes can easily be acquired by others. The new approach suggests monitoring the system at every step by checking certain parameters, such as call count, individual call duration or total call duration. The system administrator sets thresholds for these parameters by defining policy rules, which are used to prevent calls that exceed these threshold values. Another new approach consists of VoIP Intrusion Detection and Intrusion Prevention Systems (IDS / IPS). These systems detect calls that don t match the usual call patterns and prevent them. Problem 2: VoIP Traffic and Network Security: The second problem occurs because VoIP Traffic is transferred over the Internet Traffic. If the basic network security of an organization is lacking, then the VoIP security of the same organization will also suffer.

4 Internet traffic is similar to traditional circuit switching traffic. Packet Sniffers can easily capture unencrypted traffic. VPN (Virtual Private Network) is the usual method for overcoming this vulnerability. Although this method works fine, call session establishment (while receiving or making calls) might take some time. Packet encryption and decryption also causes delays in VoIP packet transfers. The fact that VPN solutions are usually hardware based is also another limitation. A vulnerability in an already existing network is also vulnerability for the VoIP system that can be abused by attackers. It is recommended to run independent security assessments and to deploy firewalls in order to overcome these vulnerabilities. It is also advisable to adopt a patching policy for the system and to periodically examine system logs. Although it is still advised to use VPN, it is not enough by itself. Discovery of new VPN vulnerabilities and the lack of security at the endpoints where VPN is used makes it essential to use a dedicated VoIP Firewall. The importance of a VoIP Firewall is evident as IP Firewalls, like shown in Figure-3, do not inspect the payloads of packets. Although it is not always required, security assessments should also include VoIP specific analyses. It is difficult to apply and manage patching procedures. Tools that track available patches for different VoIP Phones should also be used. VoIP Security Scanners, which are vulnerability assessment tools that can also be used to track patch information, should be used to assess the security of a VoIP system. Log inspection is a nice approach; however it is usually used after an attack in order to prevent future incidents. The new approach highlights products that can engage in instantaneous data analysis. These include VoIP Firewalls, VoIP IDS and VoIP IPS products. Problem 3: Malicious Calls, Dos and DDoS: The third problem, DoS and DdoS (Distributed Denial of Service), prevent telephone calls. Also, automated call generators can make VoIP Systems Unresponsive. Many out-of-the-box VoIP solutions contain unmonitored TCP/UDP ports that don t have a reason to be always left open. This creates a suitable environment for DoS/DDoS attacks. For example, VoIP systems use ports 5060 and 5061 for signaling but numerous different ports for voice packets. It is imperative to close unneeded ports and services, and to develop new patches for newly discovered vulnerabilities in order to prevent these attacks. Pre-recorded calls that contain unwanted messages are called SPIT (Spam over IP Telephony). SPIT calls consume resources (like bandwidth) and can act as DoS attacks. Preventing SPIT is like preventing SPAM and it is impossible to do so with traditional security tools. The key to prevent VoIP Signaling attacks is to generate a strong identity verification protocol. This approach can be applied in a company but it is hard to apply to the public in general. Products that observe the normal traffic patterns and define signaling and media thresholds based on these should be used. This way, sources of abnormal traffic can be blocked. However, this blocking should be implemented in a different way for VoIP systems. Blocking an IP can block a whole organization. Because of this, blocking should be done on the based on three parameters User, IP Address and Port. Besides this, smart DDoS detection technique, which also detects

5 repetitive attacks that are below the established thresholds, should be used. This detection technique requires the use of products that employ statistical behavior analysis. VoIP Firewalls, VoIP IDS and VoIP IPS products designed with these problems in mind should be used to secure VoIP Networks. Problem 4: Eavesdropping: Some problems about VoIP or SIP are hard, even impossible, to solve. These vulnerabilities will continue to increase as the technology advances and protocols become more widespread. One of the hard-to-solve problems is eavesdropping. There are many applications that capture traffic on a network and convert them to.wav format. VoMIT, SIPtap, Wireshark, Voipong, Cain&Abel can be used in this manner [11]. Such applications obtain not only the voice packets but also the signaling information (call-id, call source, call destination, call duration and call initiation time) associated with the call. The only way to prevent eavesdropping is to form a secure channel and to encrypt voice data. Protocols for authentication and mutual key exchange between two endpoints should be developed. The mutual key can be used encrypt and decrypt the voice packets. Of course, the encryption methods have to be checked to not affect performance in a highly negative manner [9]. An abnormal status check can be applied on traffic data to detect eavesdroppers. A higher than normal packet flow would indicate eavesdropping. For example, a VoIP system currently hosting 10 calls would indicate 160 KB/s of traffic assuming the highest quality voice codecs are used. 300KB/s traffic on the system would indicate an abnormal situation. It is important to detect such a situation. This can be done with VoIP IDS products that support such detection mechanisms. Problem 5: Company Specific Policies and Operational Management: Some situations might prioritize certain calls over others, some users might not be able to call certain numbers and some of the phones in an office location might only be allowed to work on that location. Such situations and telephone device updates might need management. Such requirements are hard or impossible to meet with traditional security or operational management applications. Some IP PBX systems are capable of these operations by themselves. Telephone software updates are usually handled directly by the telephone s software with traditional file transfer protocols like TFTP. This approach opens a window for hackers to place other files or software into these devices. Company specific policies and rules should be applicable to VoIP calls. This might be accomplished by using a policy rule based VoIP Firewall that analyzes signaling to detect and if necessary prevent calls that defy the policy rules set by the system administrator. VoIP Security Scanners can be used for monitoring device software updates whereas VoIP Firewalls can be used to ensure that correct files are transferred for these updates. 4. Recommendations and Conclusion: Creating a secure VoIP Infrastructure begins with the detection of security vulnerabilities and reporting the results with their possible solutions. It is hard to discover the vulnerabilities and to prepare solutions for their

6 removal. Specialized VoIP vulnerability assessment tools can be used for this and logical problems can be solved with aid from VoIP security specialists. The second step is to deploy a VoIP Firewall that detects and prevents attacks with instantaneous deep packet inspection and generates dynamic rules and uses filtering to prevent previously unknown and smart attack types from damaging the system. This firewall should also cause minimal delay in packet transfer. VoIP Firewalls can detect known attack types with application layer analysis and also analyze the state of a call by inspecting the message flow and react to abnormal situations caused by unknown attacks. Instant alarms and termination of malicious calls and service usage prevent the operator from suffering serious losses. At the third step, VoIP IDS and VoIP IPS products that are able to prevent traffic and toll fraud as well as social engineering cases should be deployed in the network. These products are also able to aid the operational management of VoIP Systems. Lastly, the security measures in traditional data networks cannot be applied to the VoIP world. Time-critical applications that don t cause performance issues should be used to overcome VoIP security problems. References [1] Data volume of global VoIP service traffic from 2011 to 2016 (in petabytes per month), (Retrieved: ) [2] Global Fraud Loss Survey, (Retrieved: ) [3] Securing UC: There are Ways, but Where's the Will? (Retrieved: ) [4] Rosenberg J., Schulzrinne H., Camarillo G., Johnston A., Peterson J., Sparks R., Handley M., Schooler E., SIP: Session Initiation Protocol, Internet Engineering Task Force, RFC 3261, [5] Camarillo G., Garca-Martn M.-A., The 3G IP Multimedia Subsystem (IMS): Merging the Internet and the Cellular Worlds, Second Edition. WILEY, [6] Geneiatakis D., Dagiouklas A., Kambourakis G., Lambrinoudakis C., Gritzalis S., Ehlert S., Sisalem D., Survey of Security Vulnerabilities in Session Initiation Protocol, IEEE Commun. Surveys Tutorials, vol. 8, no. 3, pp , [7] Geneiatakis D., Lambrinoudakis C., Kambourakis G., An Ontology Based-Policy for Deploying Secure SIPbased VoIP Services, Elsevier Computer and Security, vol. 27, no. 7-8, pp , [8] S. Salsano, L. Veltri, and D. Papalilo, SIP Security Issues: The SIP Authentication Procedure and its Processing Load, IEEE Network, vol. 16, no. 6, pp , [9] Kilinc, H.H., Yanik, T., "A Survey of SIP Authentication and Key Agreement Schemes," in Communications Surveys & Tutorials, IEEE, vol.16, no.2, pp , [10] Ruck, M., Top Ten Security Issues with Voice over IP (VoIP), (Retrieved: ) [11] VoIP Security Tool List, (Retrieved: )

7

Ingate SIParator /Firewall SIP Security for the Enterprise

Ingate SIParator /Firewall SIP Security for the Enterprise Ingate SIParator /Firewall SIP Security for the Enterprise Ingate Systems Ingate Systems AB (publ) Tel: +46 8 600 77 50 BACKGROUND... 1 1 NETWORK SECURITY... 2 2 WHY IS VOIP SECURITY IMPORTANT?... 3 3

More information

Security for SIP-based VoIP Communications Solutions

Security for SIP-based VoIP Communications Solutions Tomorrow Starts Today Security for SIP-based VoIP Communications Solutions Enterprises and small to medium-sized businesses (SMBs) are exposed to potentially debilitating cyber attacks and exploitation

More information

Performance Evaluation of a Flooding Detection Mechanism for VoIP Networks

Performance Evaluation of a Flooding Detection Mechanism for VoIP Networks Performance Evaluation of a Flooding Detection Mechanism for VoIP Networks Dimitris Geneiatakis Dept. of Telecommunications Science and Technology, University of Peloponnese End of Karaiskaki St., GR-2200,

More information

Modern IP Communication bears risks

Modern IP Communication bears risks Modern IP Communication bears risks How to protect your business telephony from cyber attacks Voice-over-IP (VoIP) provides many new features over PSTN. However, the interconnection with your IT infrastructure

More information

WHITE PAPER. Session Border Controllers: Helping keep enterprise networks safe TABLE OF CONTENTS. Starting Points

WHITE PAPER. Session Border Controllers: Helping keep enterprise networks safe TABLE OF CONTENTS. Starting Points WHITE PAPER Session Border Controllers: Helping keep enterprise networks safe TABLE OF CONTENTS Starting Points...1 The Four Essentials...2 The Business Case for SIP Trunks...3 To benefit from the latest

More information

Express Monitoring 2019

Express Monitoring 2019 Express Monitoring 2019 WHY CHOOSE PT EXPRESS MONITORING PT Express Monitoring provides a quick evaluation of the current signaling network protection level. This service helps to discover critical vulnerabilities

More information

A Cost-Effective Mechanism for Protecting SIP Based Internet Telephony Services Against Signaling Attacks Dimitris Geneiatakis and Costas Lambrinoudakis Laboratory of Information and Communication Systems

More information

SDN-Based Network Security Functions for VoIP and VoLTE Services

SDN-Based Network Security Functions for VoIP and VoLTE Services SDN-Based Network Security Functions for VoIP and VoLTE Services Daeyoung Hyun, Jinyoug Kim, Jaehoon (Paul) Jeong, Hyoungshick Kim, Jungsoo Park, and Taejin Ahn Department of Software, Sungkyunkwan University,

More information

Broadband Internet Access Disclosure

Broadband Internet Access Disclosure Broadband Internet Access Disclosure This document provides information about the network practices, performance characteristics, and commercial terms applicable broadband Internet access services provided

More information

Securing Information Systems

Securing Information Systems Chapter 7 Securing Information Systems 7.1 2007 by Prentice Hall STUDENT OBJECTIVES Analyze why information systems need special protection from destruction, error, and abuse. Assess the business value

More information

Real-time Communications Security and SDN

Real-time Communications Security and SDN Real-time Communications Security and SDN 2016 [Type here] Securing the new generation of communications applications, those delivering real-time services including voice, video and Instant Messaging,

More information

تاثیرفناوری اطالعات برسازمان ومدیریت جلسه هشتم و نهم

تاثیرفناوری اطالعات برسازمان ومدیریت جلسه هشتم و نهم بنام خدا تاثیرفناوری اطالعات برسازمان ومدیریت جلسه هشتم و نهم امنیت بخشی به سیستمهای فناوری اطالعات Securing Information Systems 1 Learning Objectives Describe the business value of security and control.

More information

Studying the Security in VoIP Networks

Studying the Security in VoIP Networks Abstract Studying the Security in VoIP Networks A.Alseqyani, I.Mkwawa and L.Sun Centre for Security, Communications and Network Research, Plymouth University, Plymouth, UK e-mail: info@cscan.org Voice

More information

CHAPTER 8 SECURING INFORMATION SYSTEMS

CHAPTER 8 SECURING INFORMATION SYSTEMS CHAPTER 8 SECURING INFORMATION SYSTEMS BY: S. SABRAZ NAWAZ SENIOR LECTURER IN MANAGEMENT & IT SEUSL Learning Objectives Why are information systems vulnerable to destruction, error, and abuse? What is

More information

PCI DSS v3.2 Mapping 1.4. Kaspersky Endpoint Security. Kaspersky Enterprise Cybersecurity

PCI DSS v3.2 Mapping 1.4. Kaspersky Endpoint Security. Kaspersky Enterprise Cybersecurity Kaspersky Enterprise Cybersecurity Kaspersky Endpoint Security v3.2 Mapping 3.2 regulates many technical security requirements and settings for systems operating with credit card data. Sub-points 1.4,

More information

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle Data Security and Privacy : Compliance to Stewardship Jignesh Patel Solution Consultant,Oracle Agenda Connected Government Security Threats and Risks Defense In Depth Approach Summary Connected Government

More information

The leader in session border control. for trusted, first class interactive communications

The leader in session border control. for trusted, first class interactive communications The leader in session border control for trusted, first class interactive communications VoIP security at the carrier network edge Kevin Mitchell Director, Solutions Marketing kmitchell@acmepacket.com

More information

Digital Advisory Services Professional Service Description SIP SBC with Field Trial Endpoint Deployment Model

Digital Advisory Services Professional Service Description SIP SBC with Field Trial Endpoint Deployment Model Digital Advisory Services Professional Service Description SIP SBC with Field Trial Endpoint Deployment Model 1. Description of Services. 1.1 SIP SBC with Field Trial Endpoint Deployment Verizon will assist

More information

IP MULTIMEDIA SUBSYSTEM (IMS) SECURITY MODEL

IP MULTIMEDIA SUBSYSTEM (IMS) SECURITY MODEL International Journal of Advance Research, IJOAR.org ISSN 2320-9194 1 International Journal of Advance Research, IJOAR.org Volume 1, Issue 3, March 2013, Online: ISSN 2320-9194 IP MULTIMEDIA SUBSYSTEM

More information

Unified Communications Threat Management (UCTM) Secure Communications and Collaborations

Unified Communications Threat Management (UCTM) Secure Communications and Collaborations Secure Cloud Communication and Collaboration. Overview The emergence of IP Voice, Video, Unified Communication and Collaborations (UC&C) technology and applications are causing a fundamental shift in the

More information

What is SIP Trunking? ebook

What is SIP Trunking? ebook What is SIP Trunking? ebook A vast resource for information about all things SIP including SIP, security, VoIP, SIP trunking and Unified Communications. Table of Contents 3 4 5 6 7 8 9 10 11 What is the

More information

About Your SIP Service Solution

About Your SIP Service Solution whitepaper 5 Key Questions to Ask About Your SIP Service Solution By Gaetan Brichet, COO, Voxbone Voxbone US LLC - San Francisco Office 535 Voxbone Mission US St San 535 Mission Francisco, St CA San 94105

More information

Securing Information Systems

Securing Information Systems Introduction to Information Management IIM, NCKU System Vulnerability and Abuse (1/6) Securing Information Systems Based on Chapter 8 of Laudon and Laudon (2010). Management Information Systems: Managing

More information

BUILDING A NEXT-GENERATION FIREWALL

BUILDING A NEXT-GENERATION FIREWALL How to Add Network Intelligence, Security, and Speed While Getting to Market Faster INNOVATORS START HERE. EXECUTIVE SUMMARY Your clients are on the front line of cyberspace and they need your help. Faced

More information

Chapter 1 B: Exploring the Network

Chapter 1 B: Exploring the Network Chapter 1 B: Exploring the Network Types of Networks The two most common types of network infrastructures are: Local Area Network (LAN) Wide Area Network (WAN). Other types of networks include: Metropolitan

More information

Cyber Security Audit & Roadmap Business Process and

Cyber Security Audit & Roadmap Business Process and Cyber Security Audit & Roadmap Business Process and Organizations planning for a security assessment have to juggle many competing priorities. They are struggling to become compliant, and stay compliant,

More information

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation Defense-in-Depth Against Malicious Software Speaker name Title Group Microsoft Corporation Agenda Understanding the Characteristics of Malicious Software Malware Defense-in-Depth Malware Defense for Client

More information

Network-based Fast Handover for IMS Applications and Services

Network-based Fast Handover for IMS Applications and Services Network-based Fast Handover for IMS Applications and Services Sang Tae Kim 1, Seok Joo Koh 1, Lee Kyoung-Hee 2 1 Department of Computer Science, Kyungpook National University 2 Electronics and Telecommunications

More information

Data Communication. Chapter # 5: Networking Threats. By: William Stalling

Data Communication. Chapter # 5: Networking Threats. By: William Stalling Data Communication Chapter # 5: By: Networking Threats William Stalling Risk of Network Intrusion Whether wired or wireless, computer networks are quickly becoming essential to everyday activities. Individuals

More information

Chapter 11: Networks

Chapter 11: Networks Chapter 11: Networks Devices in a Small Network Small Network A small network can comprise a few users, one router, one switch. A Typical Small Network Topology looks like this: Device Selection Factors

More information

Secure Telephony Enabled Middle-box (STEM)

Secure Telephony Enabled Middle-box (STEM) Report on Secure Telephony Enabled Middle-box (STEM) Maggie Nguyen 04/14/2003 Dr. Mark Stamp - SJSU - CS 265 - Spring 2003 Table of Content 1. Introduction 1 2. IP Telephony Overview.. 1 2.1 Major Components

More information

We will divide the many telecom fraud schemes into three broad categories, based on who the fraudsters are targeting. These categories are:

We will divide the many telecom fraud schemes into three broad categories, based on who the fraudsters are targeting. These categories are: Introduction to Telecom Fraud This guide will help you learn about the different types of telecom fraud and industry best practices for detection and prevention. Three Major Categories of Telecom Fraud

More information

Securing Information Systems

Securing Information Systems Chapter 7 Securing Information Systems 7.1 Copyright 2011 Pearson Education, Inc. STUDENT LEARNING OBJECTIVES Why are information systems vulnerable to destruction, error, and abuse? What is the business

More information

Cybersecurity for Service Providers

Cybersecurity for Service Providers Cybersecurity for Service Providers Alexandro Fernandez, CISSP, CISA, CISM, CEH, ECSA, ISO 27001LA, ISO 27001 LI, ITILv3, COBIT5 Security Advanced Services February 2018 There are two types of companies:

More information

SIP security and the great fun with Firewall / NAT Bernie Höneisen SURA / ViDe, , Atlanta, GA (USA)

SIP security and the great fun with Firewall / NAT Bernie Höneisen SURA / ViDe, , Atlanta, GA (USA) security and the great fun with Firewall / NAT Bernie Höneisen SURA / ViDe, 29.03.2006, Atlanta, GA (USA) 2006 SWITCH Content and Firewall and NAT Privacy / Encryption SpIT / Authentication Identity General

More information

Never Drop a Call With TecInfo SIP Proxy White Paper

Never Drop a Call With TecInfo SIP Proxy White Paper Innovative Solutions. Trusted Performance. Intelligently Engineered. Never Drop a Call With TecInfo SIP Proxy White Paper TecInfo SD-WAN product - PowerLink - enables real time traffic like VoIP, video

More information

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems

ACS-3921/ Computer Security And Privacy. Chapter 9 Firewalls and Intrusion Prevention Systems ACS-3921/4921-001 Computer Security And Privacy Chapter 9 Firewalls and Intrusion Prevention Systems ACS-3921/4921-001 Slides Used In The Course A note on the use of these slides: These slides has been

More information

USING CAPTCHAs TO MITIGATE THE VoIP SPAM PROBLEM

USING CAPTCHAs TO MITIGATE THE VoIP SPAM PROBLEM Second International Conference on Computer Research and Development USING CAPTCHAs TO MITIGATE THE VoIP SPAM PROBLEM Ismail Ahmedy Department of Computer System and Communication Faculty of Computer Science

More information

Understanding Cisco Unified Communications Security

Understanding Cisco Unified Communications Security Cisco Support Community Presents Tech-Talk Series Understanding Cisco Unified Communications Security Akhil Behl Solutions Architect, akbehl@cisco.com Author of Securing Cisco IP Telephony Networks 2010

More information

HOW TO ANALYZE AND UNDERSTAND YOUR NETWORK

HOW TO ANALYZE AND UNDERSTAND YOUR NETWORK Handbook HOW TO ANALYZE AND UNDERSTAND YOUR NETWORK Part 3: Network Traffic Monitoring or Packet Analysis? by Pavel Minarik, Chief Technology Officer at Flowmon Networks www.flowmon.com In previous two

More information

NETWORK THREATS DEMAN

NETWORK THREATS DEMAN SELF-DEFENDING NETWORK NETWORK THREATS DEMAN NEW SECURITY: STRATEGIES TECHNOLOGIES Self-Propagating Threats A combination of: self propagating threats Collaborative applications Interconnected environments

More information

Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats.

Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats. Network IPS Overview Intrusion prevention systems are an important part of protecting any organisation from constantly developing threats. By using protocol recognition, identification, and traffic analysis

More information

CDW LLC 200 North Milwaukee Avenue, Vernon Hills, IL

CDW LLC 200 North Milwaukee Avenue, Vernon Hills, IL Coordinating Conferencing and Collaboration Vital unified communications capabilities offer a solid foundation for an integrated view of the collaborative environment. To make the most of the opportunities

More information

Hybrid Cloud for Business Communications

Hybrid Cloud for Business Communications Hybrid Cloud for Business Communications THE ESSENTIAL GUIDE So you re considering hybrid cloud for your business communications. You re not alone! In fact, more and more businesses are turning to cloud

More information

New misuse detection algorithm for SIP faked response attacks

New misuse detection algorithm for SIP faked response attacks New misuse detection algorithm for SIP faked response attacks Dahham Allawi 1, Alaa Aldin Rohiem 2, Ali El-moghazy 3, and Ateff Zakey Ghalwash 4 1,2,3 Military Technical College, Cairo, Egypt 4 Helwan

More information

Basic Concepts in Intrusion Detection

Basic Concepts in Intrusion Detection Technology Technical Information Services Security Engineering Roma, L Università Roma Tor Vergata, 23 Aprile 2007 Basic Concepts in Intrusion Detection JOVAN GOLIĆ Outline 2 Introduction Classification

More information

Positive Technologies Telecom Attack Discovery DATA SHEET

Positive Technologies Telecom Attack Discovery DATA SHEET Positive Technologies Telecom Attack Discovery DATA SHEET PT TELECOM ATTACK DISCOVERY DATA SHEET CELLULAR NETWORK SECURITY COMPLICATIONS As is shown in the network analysis performed by Positive Technologies

More information

Internet of Things (IoT) Attacks. The Internet of Things (IoT) is based off a larger concept; the Internet of Things came

Internet of Things (IoT) Attacks. The Internet of Things (IoT) is based off a larger concept; the Internet of Things came Victoria Ellsworth Dr. Ping Li ICTN 4040 04/11/17 Internet of Things (IoT) Attacks The Internet of Things (IoT) is based off a larger concept; the Internet of Things came from idea of the Internet of Everything.

More information

WE SEE YOUR VOICE. SecureLogix We See Your Voice

WE SEE YOUR VOICE. SecureLogix We See Your Voice ETM SYSTEM WE SEE YOUR VOICE We know some important things about your enterprise things that you may not know yourself. We know that you are significantly overpaying for your corporate voice network and

More information

Spectrum Enterprise SIP Trunking Service Vertical TM Wave IP500TM / Wave IP2500 TM Release 4.0, 4.5 IP PBX Configuration Guide

Spectrum Enterprise SIP Trunking Service Vertical TM Wave IP500TM / Wave IP2500 TM Release 4.0, 4.5 IP PBX Configuration Guide Spectrum Enterprise SIP Trunking Service Vertical TM Wave IP500TM / Wave IP2500 TM Release 4.0, 4.5 IP PBX Configuration Guide About Spectrum Enterprise: Spectrum Enterprise is a division of Charter Communications

More information

The Smart Enterprise. InGuard Application. 24/7/365 Protection from Toll Fraud Attack

The Smart Enterprise. InGuard Application. 24/7/365 Protection from Toll Fraud Attack The Smart Enterprise InGuard Application 24/7/365 Protection from Toll Fraud Attack InGuard Application Contents 3 What exactly is a toll fraud attack? How does NEC s InGuard defend against these? How

More information

A Review Paper on Network Security Attacks and Defences

A Review Paper on Network Security Attacks and Defences EUROPEAN ACADEMIC RESEARCH Vol. IV, Issue 12/ March 2017 ISSN 2286-4822 www.euacademic.org Impact Factor: 3.4546 (UIF) DRJI Value: 5.9 (B+) A Review Paper on Network Security Attacks and ALLYSA ASHLEY

More information

Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks

Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks Multi-Layered Security Framework for Metro-Scale Wi-Fi Networks A Security Whitepaper January, 2004 Photo courtesy of NASA Image exchange. Image use in no way implies endorsement by NASA of any of the

More information

Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks

Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks Intrusion Detection System For Denial Of Service Flooding Attacks In Sip Communication Networks So we are proposing a network intrusion detection system (IDS) which uses a Keywords: DDoS (Distributed Denial

More information

Securing Your Microsoft Azure Virtual Networks

Securing Your Microsoft Azure Virtual Networks Securing Your Microsoft Azure Virtual Networks IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up

More information

The Top 6 WAF Essentials to Achieve Application Security Efficacy

The Top 6 WAF Essentials to Achieve Application Security Efficacy The Top 6 WAF Essentials to Achieve Application Security Efficacy Introduction One of the biggest challenges IT and security leaders face today is reducing business risk while ensuring ease of use and

More information

Unified Communications Networks Security and Platforms

Unified Communications Networks Security and Platforms Unified Communications Networks Security and Platforms About Program Who May Apply? Learning Environment Program Overview Program Architecture Partnership with Industry Index Who is Who? 2 Index Introduction

More information

PrecisionAccess Trusted Access Control

PrecisionAccess Trusted Access Control Data Sheet PrecisionAccess Trusted Access Control Defeats Cyber Attacks Credential Theft: Integrated MFA defeats credential theft. Server Exploitation: Server isolation defeats server exploitation. Compromised

More information

Cisco Webex Cloud Connected Audio

Cisco Webex Cloud Connected Audio White Paper Cisco Webex Cloud Connected Audio Take full advantage of your existing IP telephony infrastructure to help enable a Webex integrated conferencing experience Introduction Cisco Webex Cloud Connected

More information

CYBER ATTACKS EXPLAINED: PACKET SPOOFING

CYBER ATTACKS EXPLAINED: PACKET SPOOFING CYBER ATTACKS EXPLAINED: PACKET SPOOFING Last month, we started this series to cover the important cyber attacks that impact critical IT infrastructure in organisations. The first was the denial-of-service

More information

Securing Your Amazon Web Services Virtual Networks

Securing Your Amazon Web Services Virtual Networks Securing Your Amazon Web Services s IPS security for public cloud deployments It s no surprise that public cloud infrastructure has experienced fast adoption. It is quick and easy to spin up a workload,

More information

Ken Agress, Senior Consultant PlanNet Consulting, LLC.

Ken Agress, Senior Consultant PlanNet Consulting, LLC. Elements of a Vulnerability Assessment Ken Agress, Senior Consultant PlanNet Consulting, LLC. Defining a Vulnerability Assessment Agenda Types of Vulnerability Assessments Are You Ready for an Assessment?

More information

Voice over IP. What You Don t Know Can Hurt You. by Darren Bilby

Voice over IP. What You Don t Know Can Hurt You. by Darren Bilby Voice over IP What You Don t Know Can Hurt You by Darren Bilby What is VoIP? Voice over Internet Protocol A method for taking analog audio signals, like the kind you hear when you talk on the phone, and

More information

Header Compression Capacity Calculations for Wireless Networks

Header Compression Capacity Calculations for Wireless Networks Header Compression Capacity Calculations for Wireless Networks Abstract Deployment of wireless transport in a data-centric world calls for a fresh network planning approach, requiring a balance between

More information

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK

Hacker Academy Ltd COURSES CATALOGUE. Hacker Academy Ltd. LONDON UK Hacker Academy Ltd COURSES CATALOGUE Hacker Academy Ltd. LONDON UK TABLE OF CONTENTS Basic Level Courses... 3 1. Information Security Awareness for End Users... 3 2. Information Security Awareness for

More information

Security Assessment Checklist

Security Assessment Checklist Security Assessment Checklist Westcon Security Checklist - Instructions The first step to protecting your business includes a careful and complete assessment of your security posture. Our Security Assessment

More information

White Paper. SIP Trunking: Deployment Considerations at the Network Edge

White Paper. SIP Trunking: Deployment Considerations at the Network Edge SIP Trunking: Deployment Considerations at the Network Edge at the Network Edge Executive Summary The move to Voice over IP (VoIP) and Fax over IP (FoIP) in the enterprise has, until relatively recently,

More information

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation

90% 191 Security Best Practices. Blades. 52 Regulatory Requirements. Compliance Report PCI DSS 2.0. related to this regulation Compliance Report PCI DSS 2.0 Generated by Check Point Compliance Blade, on April 16, 2018 15:41 PM O verview 1 90% Compliance About PCI DSS 2.0 PCI-DSS is a legal obligation mandated not by government

More information

Chapter 9. Firewalls

Chapter 9. Firewalls Chapter 9 Firewalls The Need For Firewalls Internet connectivity is essential Effective means of protecting LANs Inserted between the premises network and the Internet to establish a controlled link however

More information

THREATS TO PACKET CORE SECURITY OF 4G NETWORK

THREATS TO PACKET CORE SECURITY OF 4G NETWORK 07 CONTENTS Terms and abbreviations... : main components and protocols...4 Attack scenarios...5 What is necessary for a successful attack...5 Threats to EPC security...7. Fraud...7. Connection hijacking...8.

More information

A lightweight protection mechanism against signaling attacks in a SIP-based VoIP environment

A lightweight protection mechanism against signaling attacks in a SIP-based VoIP environment Telecommun Syst (2007) 36: 153 159 DOI 10.1007/s11235-008-9065-5 A lightweight protection mechanism against signaling attacks in a SIP-based VoIP environment Dimitris Geneiatakis Costas Lambrinoudakis

More information

2. SA1 Release 11 Standardization Trends

2. SA1 Release 11 Standardization Trends 3GPP SA1 Release 11 Standardization Trends 3GPP SA1 Service Requirements Release 11 3GPP SA1 Release 11 Standardization Trends NTT DOCOMO Technical Journal At the 3GPP, which standardizes mobile communications

More information

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network

10 Key Things Your VoIP Firewall Should Do. When voice joins applications and data on your network 10 Key Things Your Firewall Should Do When voice joins applications and data on your network Table of Contents Making the Move to 3 10 Key Things 1 Security is More Than Physical 4 2 Priority Means Clarity

More information

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT

Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT Completing your AWS Cloud SECURING YOUR AMAZON WEB SERVICES ENVIRONMENT Introduction Amazon Web Services (AWS) provides Infrastructure as a Service (IaaS) cloud offerings for organizations. Using AWS,

More information

IP Possibilities Conference & Expo. Minneapolis, MN April 11, 2007

IP Possibilities Conference & Expo. Minneapolis, MN April 11, 2007 IP Possibilities Conference & Expo Minneapolis, MN April 11, 2007 Rural VoIP Protocol, Standards and Technologies Presented by: Steven P. Senne, P.E Chief Technology Officer Finley Engineering Company,

More information

Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues

Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues Firewall-Friendly VoIP Secure Gateway and VoIP Security Issues v Noriyuki Fukuyama v Shingo Fujimoto v Masahiko Takenaka (Manuscript received September 26, 2003) IP telephony services using VoIP (Voice

More information

Ingate Firewall & SIParator Product Training. SIP Trunking Focused

Ingate Firewall & SIParator Product Training. SIP Trunking Focused Ingate Firewall & SIParator Product Training SIP Trunking Focused Common SIP Applications SIP Trunking Remote Desktop Ingate Product Training Common SIP Applications SIP Trunking A SIP Trunk is a concurrent

More information

ANATOMY OF AN ATTACK!

ANATOMY OF AN ATTACK! ANATOMY OF AN ATTACK! Are Your Crown Jewels Safe? Dom Kapac, Security Evangelist WHAT DO WE MEAN BY CROWN JEWELS? Crown jewels for most organizations are critical infrastructure and data Data is a valuable

More information

NGN: Carriers and Vendors Must Take Security Seriously

NGN: Carriers and Vendors Must Take Security Seriously Research Brief NGN: Carriers and Vendors Must Take Security Seriously Abstract: The next-generation network will need to provide security on many levels. A comprehensive set of standards should be in place

More information

Simple and Powerful Security for PCI DSS

Simple and Powerful Security for PCI DSS Simple and Powerful Security for PCI DSS The regulations AccessEnforcer helps check off your list. Most merchants think they are too small to be targeted by hackers. In fact, their small size makes them

More information

Recommendations for Device Provisioning Security

Recommendations for Device Provisioning Security Internet Telephony Services Providers Association Recommendations for Device Provisioning Security Version 2 May 2017 Contact: team@itspa.org.uk Contents Summary... 3 Introduction... 3 Risks... 4 Automatic

More information

Second International Barometer of Security in SMBs

Second International Barometer of Security in SMBs 1 2 Contents 1. Introduction. 3 2. Methodology.... 5 3. Details of the companies surveyed 6 4. Companies with security systems 10 5. Companies without security systems. 15 6. Infections and Internet threats.

More information

Union Springs Telephone Company, Inc. Network TRANSPARENCY statement

Union Springs Telephone Company, Inc. Network TRANSPARENCY statement Union Springs Telephone Company, Inc. Network TRANSPARENCY statement Union Springs Telephone Company, Inc. ( Company ) provides this Network Transparency Statement in accordance with the FCC s Restore

More information

Grandstream Networks, Inc. UCM6100 Security Manual

Grandstream Networks, Inc. UCM6100 Security Manual Grandstream Networks, Inc. UCM6100 Security Manual Index Table of Contents OVERVIEW... 3 WEB UI ACCESS... 4 UCM6100 HTTP SERVER ACCESS... 4 PROTOCOL TYPE... 4 USER LOGIN... 4 LOGIN TIMEOUT... 5 TWO-LEVEL

More information

SIP Trunking & Security. Dan York, CISSP VOIPSA Best Practices Chair

SIP Trunking & Security. Dan York, CISSP VOIPSA Best Practices Chair SIP Trunking & Security Dan York, CISSP VOIPSA Best Practices Chair September 2, 2009 Privacy Availability Compliance Confidence Mobility Cost Avoidance Business Continuity TDM security is relatively

More information

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person)

Cyber Security. February 13, 2018 (webinar) February 15, 2018 (in-person) Cyber Security Presenters: - Brian Everest, Chief Technology Officer, Starport Managed Services - Susan Pawelek, Accountant, Compliance and Registrant Regulation February 13, 2018 (webinar) February 15,

More information

Advanced Network Troubleshooting Using Wireshark (Hands-on)

Advanced Network Troubleshooting Using Wireshark (Hands-on) Advanced Network Troubleshooting Using Wireshark (Hands-on) Description This course is a continuation of the "Basic Network Troubleshooting Using Wireshark" course, and comes to provide the participants

More information

Education Network Security

Education Network Security Education Network Security RECOMMENDATIONS CHECKLIST Learn INSTITUTE Education Network Security Recommendations Checklist This checklist is designed to assist in a quick review of your K-12 district or

More information

Modular Design of Call Control Layer in Telephony Software

Modular Design of Call Control Layer in Telephony Software 8 Modular Design of Call Control Layer in Telephony Software Ilija Basicevic University of Novi Sad, Faculty of Technical Sciences Novi Sad, 21000, Serbia Abstract An important property of a telephony

More information

COMPUTER NETWORK SECURITY

COMPUTER NETWORK SECURITY COMPUTER NETWORK SECURITY Prof. Dr. Hasan Hüseyin BALIK (9 th Week) 9. Firewalls and Intrusion Prevention Systems 9.Outline The Need for Firewalls Firewall Characterictics and Access Policy Type of Firewalls

More information

IMS, NFV and Cloud-based Services BUILDING INTEGRATED CLOUD COMMUNICATION SERVICES

IMS, NFV and Cloud-based Services BUILDING INTEGRATED CLOUD COMMUNICATION SERVICES Daitan White Paper IMS, NFV and Cloud-based Services BUILDING INTEGRATED CLOUD COMMUNICATION SERVICES Highly Reliable Software Development Services http://www.daitangroup.com Daitan Group 2014 IMS, NFV

More information

5 What two Cisco tools can be used to analyze network application traffic? (Choose two.) NBAR NetFlow AutoQoS Wireshark Custom Queuing

5 What two Cisco tools can be used to analyze network application traffic? (Choose two.) NBAR NetFlow AutoQoS Wireshark Custom Queuing 1 Refer to the exhibit. After configuring QoS, a network administrator issues the command show queueing interface s0/1. What two pieces of information can an administrator learn from the output of this

More information

Information Security in Corporation

Information Security in Corporation Information Security in Corporation System Vulnerability and Abuse Software Vulnerability Commercial software contains flaws that create security vulnerabilities. Hidden bugs (program code defects) Zero

More information

NetDefend Firewall UTM Services

NetDefend Firewall UTM Services NetDefend Firewall UTM Services Unified Threat Management D-Link NetDefend UTM firewalls (DFL-260/860/1660/2560/2560G) integrate an Intrusion Prevention System (IPS), gateway AntiVirus (AV), and Web Content

More information

CEH: CERTIFIED ETHICAL HACKER v9

CEH: CERTIFIED ETHICAL HACKER v9 CEH: CERTIFIED ETHICAL HACKER v9 SUMMARY The Certified Ethical Hacker (CEH) program is the core of the most desired information security training system any information security professional will ever

More information

ITSPA RECOMMENDATIONS FOR SECURE DEPLOYMENT OF AN IP-PBX PUBLIC NODE4 LIMITED 17/07/2017

ITSPA RECOMMENDATIONS FOR SECURE DEPLOYMENT OF AN IP-PBX PUBLIC NODE4 LIMITED 17/07/2017 ITSPA RECOMMENDATIONS FOR SECURE DEPLOYMENT OF AN IP-PBX PUBLIC NODE4 LIMITED 17/07/2017 DOCUMENT SOURCE Internet Telephony Services Providers Association Recommendations for secure deployment of an IP-PBX

More information

Cyber Security Threats to Telecom Networks. Rosalia D Alessandro Hardik Mehta Loay Abdelrazek

Cyber Security Threats to Telecom Networks. Rosalia D Alessandro Hardik Mehta Loay Abdelrazek Cyber Security Threats to Telecom s Rosalia D Alessandro Hardik Mehta Loay Abdelrazek Press Release: some highlights Cyber Security Threats to Telecom s - Rosalia D Alessandro, Hardik Mehta and Loay Abdelrazek

More information

Improving QoS of VoIP over Wireless Networks (IQ-VW)

Improving QoS of VoIP over Wireless Networks (IQ-VW) Improving QoS of VoIP over Wireless Networks (IQ-VW) Mona Habib & Nirmala Bulusu CS522 12/09/2002 1 Agenda Voice over IP (VoIP): Why? VoIP Protocols: H.323 and SIP Quality of Service (QoS) Wireless Networks

More information

Simulation of SIP-Based VoIP for Mosul University Communication Network

Simulation of SIP-Based VoIP for Mosul University Communication Network Int. J. Com. Dig. Sys. 2, No. 2, 89-94(2013) 89 International Journal of Computing and Digital Systems Simulation of SIP-Based VoIP for Mosul University Communication Network Abdul-Bary Raouf Suleiman

More information

SPECIAL ISSUE, PAPER ID: IJDCST-09 ISSN

SPECIAL ISSUE, PAPER ID: IJDCST-09 ISSN Digital Forensics CH. RAMESH BABU, Asst.Proffessor, Dept. Of MCA, K.B.N.College, Vijayawada Abstract: The need for computer intrusion forensics arises from the alarming increase in the number of computer

More information