Transcript What is VOIP?

MITP 458 : Information Security and
Assurance
VOIP
Xeon Group
Rohit Bhat
Ryan Hannan
Alan Mui
Irfan Siddiqui
1
VOIP
I.
Overview - What is VOIP?
II.
Business Concern
III. Security Issues
IV. Availability
V.
Attack example
VI. Current solution
2
Overview
VOIP
•
Protocol optimized for the transmission of voice through the
Internet or other packet switched networks
•
Often used abstractly to refer to the actual transmission of voice
(rather than the protocol implementing it)
•
Also referred to as IP telephony, Internet telephony, voice over
broadband, broadband telephony, and broadband phone.
3
Business Concern
•Highly complex communication
•Critical communication should remain confidential
•Data should remain accurate
•Compliance issues along with privacy of users
4
Security Issues
Confidentiality
• Broadband pipe serving the VOIP and data center services must
offer transmission confidentiality.
Authenticity
• Access to the data servers must offer fool-proof authentication.
Integrity
• Voice quality and data accuracy is critical to the success of service
offerings.
Availability
• VOIP and data center servers must have industry standard uptime.
5
Availability
Why is it important
• Emergency
• Business
• Sale
• Communication
They type of attacks to VOIP
• DoS Attack
• Spit (Spam)
• Fraud
6
Attack example
DoS attack
•
The most serious threat to VoIP is a distributed denial of service
(DoS) attack
•
Can effect any internet-connected device
•
Floods networks with spurious traffic or server requests.
•
Usually generated by machines that have been compromised by
a virus or other malware
•
Servers grind to a halt and ignore/cant process new requests
due to increased traffic
7
Current Solution
vLAN
• Isolate VoIP calls from other traffic in the network by creating
a segregated vLAN
• Also used to prioritize voice traffic and keep it up and running
during a DoS attack.
Cons
• Wasted bandwidth
• Cost to implement and monitor
8
Current Solution
Effective monitoring
• Monitoring geographic destinations of VoIP traffic
• Sudden changes in the overall geographic distribution of
network traffic originating from inside the VoIP network could
indicate that unauthorized users are abusing the system to
commit toll fraud
Cons
• Increased cost due to labor intensive monitoring
• False positive readings
9
Current solution
Redundancy
• Setup switches that will re-route the VOIP traffic when the
main router/network is down.
• In he event of a DOS attack all VOIP traffic will be switched
to another network to prevent service interruption.
Cons
• Setup will require extra hardware and therefore more
maintenance, cost, and labor
• Load balancers, switches…
10
VOIP
Questions?
11