The week's pick
Reseach Article
Analysis of Security Issues in VoIP
| International Journal of Computer Applications |
| Foundation of Computer Science (FCS), NY, USA |
| Volume 103 - Number 8 |
| Year of Publication: 2014 |
| Authors: Akshay Chopra, Bhavya Chaudhary, Suman Mann |
10.5120/18092-9148
|
Akshay Chopra, Bhavya Chaudhary, Suman Mann . Analysis of Security Issues in VoIP. International Journal of Computer Applications. 103, 8 ( October 2014), 9-12. DOI=10.5120/18092-9148
Abstract
The most common way of communication is obviously through voice exchange. There are mainly two ways by which voice can be easily transmitted over a network: PSTN (Public Switched Telephone Network) and VoIP (Voice over Internet Protocol). The VoIP is relatively new and is gaining more and more popularity as it offers a wide range of features and is much more cost effective as compared to the traditional PSTN. But the VoIP brings with it certain security threats which need to be resolved in order to make it a more reliable source of communication. One of the most concerning security threats of VoIP technology is VoIP Spoofing. Caller ID Spoofing is a technique in which a person takes the identity of a different person to make a call to a third party, thereby hiding his/her original identity. None of the existing protocols so far have been able to prevent Spoofing of calls. This research explains the fundamentals of the Session Initiation Protocol and the Asterisk Server. Also, a new system is proposed which makes use of Public Key Infrastructure which can be used to create digital certificates for the VoIP, thereby helping us to make VoIP calls which are more secure. The PKI is a form of Cryptography which is used to create and manage digital certificates. The PKI mainly consists of (i) a certificate authority that issues the certificates (ii) registration authority which helps in verifying the identity of users (iii) central directory to store the certificates. Also, this paper gives a brief overview of the Asterisk Server which is used to make calls over the Internet. The basic idea is to implement the SIP with the Asterisk Server and using the concepts of Public Key Infrastructure to provide the Asterisk Server with the desired Digital Certificates so as to authenticate the user which in turn will make calling over the Internet more secure.
References
- Rakesh Arora "Voice Over IP Protocols and Standards"
- Sanjay Kumar Sonkar, Rahul Singh, Ritu Chauhan, Ajay Pal Singh on "Security of Voice over Internet Protocol from Spoofing attacks", International Journal of Advanced Research in Computer and Communication Engineering Volume 1, Issue 3, May 2012.
- Ge Zhang, "Secure SIP Signaling Service for VoIP applications Performance-Related Attacks and Prevention".
- Angelos D. Keromytis, "A comprehensive survey on Voice over IP Security and Research"
- H. Abdelnur, T. Avanesov, M. Rusinowitch, and R. State, "Abusing SIP Authentication," in Proceedings of the 4th International Conference on Information Assurance and Security (ISIAS), September 2008.
- Seedorf, J. , "SIP Security: Status Quo and Future Issues", Talk presented at 23rd Chaos Communication Congress, 2006.
- A. Kurmus and J. -F. Garet, "Studying and Experimenting with threats against Voice over IP Systems," Technical Representation Masters Thesis EURECOM 2009.
- Mohammad Masudur Rahman, Nafish Sarwar Islam, "VoIP Implementation using Asterisk PBX", IOSR Journal of Business and Management (IOSR-JBM), Volume 15, Issue 6, January 2014.
- William Stallings, "Cryptography and Network Security", USA.
- Riddhi Patel, Pushkar Jha, Aditya K. Sinha, "Analysis of SIP Authentication in VoIP", International Journal of Engineering Research and Technology (IJERT), ISSN: 2278-0181, Volume 2, Issue 4, April 2013.
Index Terms
Keywords