seminar on voip challenges and countermeasures
DESCRIPTION
TRANSCRIPT
![Page 1: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/1.jpg)
Govt. Engineering College Bikaner
A SEMINAR PresentationON
Presentation By: Deepak Kumar Mishra
Information Technology FINAL YEAR
SECURITY CHALLENGE AND DEFENSE IN VOIP INFRASTRUCTURE
![Page 2: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/2.jpg)
WHAT IS VOIP
Voice over internet protocol : Allows user to to make calls using broadband internet Connection instead of analog phone line.
Uses packet-switched network replace circuit switched network.
VOIP DATA PROCESSING
SIGNALING (H.323 , SIP )
ENCODING AND TRANSPORT (analog to digital , RTP , UDP)
GATEWAY CONTROL (format conversion )
![Page 3: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/3.jpg)
![Page 4: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/4.jpg)
Fig. 1. (a) Typical VoIP network structure. (b) Voice data processing of the VoIP.
![Page 5: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/5.jpg)
OVERVIEW OF SECURITY CONCERNS AND IMPACTS IN A VOIP SYSTEM
![Page 6: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/6.jpg)
GENERIC SECURITY CONCERNS IN VOIP
DOS- Availability.
Eavesdropping – confidentiality.
Alteration of voice stream – confidentiality and Integrity .
Toll fraud – Integrity .
Redirection of call – Integrity and confidentiality.
Accounting Data Manipulation – Integrity and Confidentiality.
Caller Identification Impersonation – Integrity
![Page 7: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/7.jpg)
OCCURRENCE POSITION AND IMPACT OF POTENTIAL ATTACKS TO A VOIP SYSTEM
![Page 8: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/8.jpg)
ATTACK VECTORS IN VOIP AND CRITICAL CHALLENGES
The threats to the VOIP system can be further broken down into specific attack vectors to disrupt the system and summarized by the system layer where the attacks occur .
SIP Registration Hijacking SIP Message Modification SIP cancel / bye attack Malformed SIP Command SIP Redirect RTP Payload RTP Tampering
![Page 9: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/9.jpg)
SIP REGISTRATION HIJACKING
Registration hijacking occurs when an attacker impersonates a valid UA to a registrar and replaces the legitimate registration with its own address .TLS can protect this.
SIP MESSAGE MODIFICATION
Have no Built in integrity ,by Man in middle attacks an attacker can intercept and modify SIP messages .TLS can protect from reading it.
![Page 10: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/10.jpg)
![Page 11: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/11.jpg)
SIP CANCEL /BYE ATTACK
The attacker can create an SIP message with the Cancel or Bye command in its payload and send it to an end node to terminate ongoing conversation . Strong Authentication can control this attack.
MALFORMED SIP COMMAND
SIP uses HTML to carry command information , it becomes difficult to test the SIP parser with possible inputs.Strong Authentication and Dictionary test of cases for parser can save network.
![Page 12: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/12.jpg)
![Page 13: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/13.jpg)
SIP REDIRECT
By attacking REDIRECT SERVER and commanding it to redirect the victim’s call to specific number can redirect to null type device .
TLS with strong password can eliminate this.
RTP PAYLOAD
RTP carries actual encoded messages b/w two callers , adds sequencing information .
MITM attack can gain access to the RTP media stream b/w two nodes and can inspect and modify the data
![Page 14: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/14.jpg)
RTP TAMPERING
By manipulation of the sequence number and timestamp fields in the header of the RTP packet , the packets can be re sequenced or made unusable.
SRTP can determine the modification of packet.
![Page 15: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/15.jpg)
POSITION AND IMPACT OF POTENTIALATTACKS IN VOIP
![Page 16: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/16.jpg)
1. Physical Attack 2. Address Resolution Protocol 3. MAC Spoofing 4. IP Spoofing 5. Malformed Packet 6. TCP or UDP Replay 7. Dynamic Host Configuration Protocol8. Internet Control Message Protocol9. Buffer Overflow Attack 10.OS Attack11.Virus and Malware12.CIDR Database Attack
Other Attacks General to IP Data Networks.
![Page 17: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/17.jpg)
![Page 18: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/18.jpg)
![Page 19: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/19.jpg)
DEFENSE VECTORS IN VOIP
Separation of VOIP and Data Traffic Similar to port Authentication , separating voice and data traffic is a key enabler to overall security. VLAN technology (802.1q) is applied along with voice mail servers and SIP aware firewalls.
Configuration Authentication VOIP phones need basic config. Information to get into VOIP system ,public key or shared secret keys can help in the authenticated configuration of the phone .Along with TLS it becomes more secure.
![Page 20: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/20.jpg)
Signaling Authentication The IP Security(IP Sec ) protocol provides mechanisms for both authentication and encryption .Provides DNS Secure , Authentication Header protocol . Controls Replay Attacks.
Media Encryption SRTP protocol minimizes the number of keys that must be shared b/w two nodes , MIKEY(multimedia Keying Protocol) capable of handing keys in adhoc environment .
![Page 21: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/21.jpg)
SECURITY MECHANISMS AGAINST ATTACKS
![Page 22: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/22.jpg)
SEGMENTATION OF VOIP VOICE AND DATA
![Page 23: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/23.jpg)
Queries ??
![Page 24: Seminar on Voip Challenges and Countermeasures](https://reader035.vdocuments.net/reader035/viewer/2022062615/548137f9b4af9fea158b5e99/html5/thumbnails/24.jpg)
THANK you