SlideShare uma empresa Scribd logo

VoIP

Transferir como PPTX, PDF
Mustafa Lashen
Mustafa Lashen
TecnologiaNegócios
1 de 27
A Proposed Model For Enhancing VoIP Security
VoIP (Voice Over Internet Protocol) is considered to be the future replacement of PSTN (Public Switched Digital Network), So VoIP must be a reliable, secure and efficient to critical and sensitive operations as in emergency lines, business lines, police and military lines. So our goal is to Improve VoIP security by analysing threats in VoIP system and find a solution that manage us to block threads found in RTP (Real-time Transport Protocol) and make VoIP system to be more secure.
End-of-year subscribers Total consumer annual revenue 4500 12 4000 3500 10 3000 8 2500 6 2000 1500 4 1000 2 500 0 0 2004 2005 2006 2007 2008 2009 USD ( million ) 14 Households ( million ) VoIP is a rapidly growing Internet service that replaces telephony. VoIP has become one of the most important activities for internet users. Making VoIP available and reliable has become important for big segment of people.
Type: Qualitative Approach: Case study; we evaluate the enhancements in security for different cases of attacks. Methods: Task observation Test different security mechanisms to enhance the security level. Test different attack scenarios that may cause DOS (Denial of Service).
Many attackers aim to make the VoIP service down they may target the backdoors of the (RTP) to make (DoS) attacks on it. So we need fully encrypted (RTP) packets as what is done in (SRTP). Since most of these solutions require far more advanced and expensive equipment and infrastructure to be available to all users of VoIP and that can't be the case we require to make VoIP available alternative for (PSTN).
Chapter One: Introduction to VoIP (Voice over Internet Protocol). Chapter Two: Hands on Encryption in Different Systems. Chapter Three: Overview of (AES) Advanced Encryption Standard. Chapter Four: Threats and Attacks on VoIP. Chapter Five: VoIP Requirements and Protocols Architecture. Chapter Six: Recent Trends In VoIP Security. Chapter Seven: Proposed Model. Chapter Eight : Conclusion and Future Work.
The control messages over (RTCP) and the stream over (RTP) are sent over two different sockets. So the delay due to the encryption of any of the control messages will not affect the speed of the stream. The Reception Reports may be strongly authenticated by encrypting the (SSRC) in the Reception Report by the private key of the sender. The rate of sending reception reports insures an interval between packets so that an encryption of the reception reports is possible in this interval.
VoIP is a technology for transmitting and managing voice information over Internet Protocol. Instead of traditional analog telephone, the phone calls can be placed with for example Windows PC, and IP network. VoIP Takes analogue audio signals and turns them into digital signals, or packets. VoIP is the process of transferring the voice into data then is carried over the Internet by Packet Switching technology.
In addition, wireless in locations such as airports, parks and cafes allow you to connect to the Internet and may enable you to use VoIP service wirelessly.
Answering SIP UA Conne ct Call Control Logic Conne ct Originating SIP UA RTP / RTCP SIP SIP The process of creating a session between two VoIP parties. They start with signaling protocol Session Initiation Protocol (SIP) then they open Real-time Transport Protocol (RTP) session to start streaming .
VoIP provides worldwide voice network through already exists networks so it provides wide area calls. VoIP provides advanced features like video calls and video conference. VoIP is digital technology so it is more secure than analogue systems. VoIP is cheap enough to open new segments such as small business, home users, students especially in Long distance costs. VoIP Support for an optional Bluetooth phone, Ethernet or Wi-Fi LAN.
Internet Protocol (IP) IP is a routing protocol for the passing of data packets. Real Time Transport Protocol (RTP) RTP is used to exchange media information such as voice or video and provide end-to-end delivery services. Transmission Control Protocol (TCP) TCP resides at layer four (transport layer) and its function is to ensures that all packets are delivered to the destination and at the correct order.
User Datagram Protocol (UDP) UDP is a simpler protocol that confirm where a packet is sent and a response is received. RTP Control Protocol (RTCP) RTCP is used to control of aspects of RTP sessions. An application may use this aspects to control quality of service parameters, perhaps by limiting flow, or using a different codec.
Confidentiality Data confidentiality which relates to the data being kept safe and only disclosed to authorized parties that can access the information. Availability The system being available for use when needed such systems as critical systems (Financial, Banking , Police records , military records) have to remain available for use at all time. Integrity The integrity of data comes from the data being modified or destroyed by the appropriate personnel only.
Denial of Service (DoS) A DoS attack is characterized by an attempt by attackers to prevent actual users of a service from using that service. Attacks occur when a malicious user sends an extremely large amount of random messages to one or more VoIP end-points.
Symmetric Encryption Data can be encrypted using a private (Secret) key, both the sender and the receiver must know and use the same private key. Asymmetric encryption It is an encryption type that uses two keys, One key is said (Public) key of someone and the other key is (Private) key which derived from the public key. This process occurs every session that is take a long time so a delay in transfer packets occurs.
Since a symmetric encryption uses one public key and no message delay occurs it is our choice encryption algorithm to apply with a VoIP. Types of Symmetric Encryption Data Encryption Standard (DES) DES applies a (56-Bit) key to each (64-Bit) block of data. The process can run in several modes and involves (16-Rounds) or operations. Both the sender and the receiver must know and use the same private key.
Triple DES(3-DES) This method is the same process as DES but instead of going for one single round of encryption reapplied to the cipher-text for two extra times making it a three times the power of ordinary DES. The data is encrypted with the first key, decrypted with the second key, and finally encrypted again with the third key. Triple DES runs three times slower than ordinary DES, but it is much more secure if used properly.
Advanced Encryption Standard (AES) AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. AES algorithm used (128,192,256-bit) keys to encrypt and decrypt (128-bit) block of data. AES algorithm is based on permutations and substitutions. Permutations are re-arrangements of data, and substitutions replace one unit of data with another.
Comparison of Cipher text and Plain Text Block sizes of (DES),(3-DES), (AES) DES 3-DES AES Plaintext block size (bits) 64-bits 64-bits Cipher text Block size (bits) 64-bits 64-bits 128-bits Key size (bits) 56-bits 112 or 156 bits 128,192or256 bits 128-bits
Advantages of AES AES provides more security due to larger block size and longer keys, Where AES uses 128 bit fixed block size and works with 128, 192 and 256 bit keys. AES used in commercial applications such as banking and financial transactions, telecommunications, and private and Federal information.
After studying of (VoIP), it is clearly that (VoIP) is very important technology that is considered to replace (PSTN). VoIP system is still at this moment needs more strong secure techniques. After studying some of encryption algorithms we found that (AES) encryption algorithm is the best one.
(RTP) not encrypted. Any Third-Party can be one of the members of session easily and can make (DOS) to the actual users. Using suitable encryption algorithm (AES) can encrypt the (SSRC) number and prevent any attacker to reach the members of session. AES was chosen for many reasons: Suitable to work with VoIP (AES) runs much faster than any other encryption algorithms in both encryption and decryption phases. (AES) more secure due to working with (128:192:256) bit-key.
For future updates another proposal can be made to integrate all available security solutions into a crypto package of our own or to add the (SSRC) encryption module as software in VoIPsec package making a more advanced security infrastructure for our future VoIP systems. Another Future reference is to implement (SSRC) encryption in core of the (RTP) protocol itself and provide it as a new replacement for the currently available (RTP) protocol instead of the demanding (SRTP) protocol currently used by high grade security VoIP systems.
Thank you...

Recomendados

Videoconference
VideoconferenceVideoconference
Videoconferenceeonx_32
 
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...IRJET Journal
 
Vpn networks kami
Vpn networks kamiVpn networks kami
Vpn networks kamikamran_share
 
Bluetooth
BluetoothBluetooth
BluetoothTejaswa Jain
 
VPN presentation
VPN presentationVPN presentation
VPN presentationRiazehri
 
如何做報告 (How to make a presentation?)
如何做報告 (How to make a presentation?)如何做報告 (How to make a presentation?)
如何做報告 (How to make a presentation?)Frank Fang Kuo Yu
 
Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Mumbai Academisc
 
9517ijnsa03
9517ijnsa039517ijnsa03
9517ijnsa03IJNSA Journal
 

Recomendados

Videoconference
VideoconferenceVideoconference
Videoconferenceeonx_32
 
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...
IRJET- Overview of Hole Punching: ICMP Hole Punching, TCP Hole Punching, UDP ...IRJET Journal
 
Vpn networks kami
Vpn networks kamiVpn networks kami
Vpn networks kamikamran_share
 
Bluetooth
BluetoothBluetooth
BluetoothTejaswa Jain
 
VPN presentation
VPN presentationVPN presentation
VPN presentationRiazehri
 
如何做報告 (How to make a presentation?)
如何做報告 (How to make a presentation?)如何做報告 (How to make a presentation?)
如何做報告 (How to make a presentation?)Frank Fang Kuo Yu
 
Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Efficient packet marking for large scale ip trace back(synopsis)
Efficient packet marking for large scale ip trace back(synopsis)Mumbai Academisc
 
9517ijnsa03
9517ijnsa039517ijnsa03
9517ijnsa03IJNSA Journal
 
Vpn
VpnVpn
VpnKamalPreet Saluja
 
Test
TestTest
Testsinha.mrinal
 
Ip trace ppt
Ip trace pptIp trace ppt
Ip trace pptdeepakmarndi
 
Pgp1
Pgp1Pgp1
Pgp1Sanjeevsharma620
 
Worldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkWorldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkP1Security
 
Vpn Virtual Private Network
Vpn Virtual Private NetworkVpn Virtual Private Network
Vpn Virtual Private Networkfaisalmalik
 
Assaulting diameter IPX network
Assaulting diameter IPX networkAssaulting diameter IPX network
Assaulting diameter IPX networkAlexandre De Oliveira
 
Speedy ip trace back(sipt) for identifying sadhan
Speedy ip trace back(sipt) for identifying sadhanSpeedy ip trace back(sipt) for identifying sadhan
Speedy ip trace back(sipt) for identifying sadhanSadan Kumar
 
UCL
UCLUCL
UCLJanak Chandarana
 
100197
100197100197
100197Abhishek Malik
 
Internet relay chat (irc)
Internet relay chat (irc)Internet relay chat (irc)
Internet relay chat (irc)Ryon Whyte
 
Marrion Kujinga ; Firewalls
Marrion Kujinga ; FirewallsMarrion Kujinga ; Firewalls
Marrion Kujinga ; FirewallsMarrion Kujinga
 
Analysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkAnalysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkIJARIIT
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...ijsptm
 
Nachos Theoretical assigment 3
Nachos Theoretical assigment 3Nachos Theoretical assigment 3
Nachos Theoretical assigment 3colli03
 
S/MIME
S/MIMES/MIME
S/MIMEmaria azam
 
Barriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC BerkeleyBarriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC Berkeleyjoebeone
 
Internet protocol
Internet protocol Internet protocol
Internet protocol Bint Javed
 
Presentation1
Presentation1Presentation1
Presentation1Danesh Khandelwal
 
5sonline tập 537
5sonline tập 5375sonline tập 537
5sonline tập 537Trung Ngoc
 
New Year, New Traveling: Beaches You Should Visit in January
New Year, New Traveling: Beaches You Should Visit in JanuaryNew Year, New Traveling: Beaches You Should Visit in January
New Year, New Traveling: Beaches You Should Visit in JanuaryAlexandra Arrivillaga
 
Educación ambiental
Educación ambientalEducación ambiental
Educación ambientalEdgar Patricio Jimenez Jimenz
 

Mais conteúdo relacionado

Mais procurados

Worldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkWorldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkP1Security
 
Vpn Virtual Private Network
Vpn Virtual Private NetworkVpn Virtual Private Network
Vpn Virtual Private Networkfaisalmalik
 
Speedy ip trace back(sipt) for identifying sadhan
Speedy ip trace back(sipt) for identifying sadhanSpeedy ip trace back(sipt) for identifying sadhan
Speedy ip trace back(sipt) for identifying sadhanSadan Kumar
 
Internet relay chat (irc)
Internet relay chat (irc)Internet relay chat (irc)
Internet relay chat (irc)Ryon Whyte
 
Marrion Kujinga ; Firewalls
Marrion Kujinga ; FirewallsMarrion Kujinga ; Firewalls
Marrion Kujinga ; FirewallsMarrion Kujinga
 
Analysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkAnalysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkIJARIIT
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...ijsptm
 
Nachos Theoretical assigment 3
Nachos Theoretical assigment 3Nachos Theoretical assigment 3
Nachos Theoretical assigment 3colli03
 
Barriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC BerkeleyBarriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC Berkeleyjoebeone
 
Internet protocol
Internet protocol Internet protocol
Internet protocol Bint Javed
 

Mais procurados (19)

Vpn
VpnVpn
Vpn
 
Test
TestTest
Test
 
Ip trace ppt
Ip trace pptIp trace ppt
Ip trace ppt
 
Pgp1
Pgp1Pgp1
Pgp1
 
Worldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN networkWorldwide attacks on SS7/SIGTRAN network
Worldwide attacks on SS7/SIGTRAN network
 
Vpn Virtual Private Network
Vpn Virtual Private NetworkVpn Virtual Private Network
Vpn Virtual Private Network
 
Assaulting diameter IPX network
Assaulting diameter IPX networkAssaulting diameter IPX network
Assaulting diameter IPX network
 
Speedy ip trace back(sipt) for identifying sadhan
Speedy ip trace back(sipt) for identifying sadhanSpeedy ip trace back(sipt) for identifying sadhan
Speedy ip trace back(sipt) for identifying sadhan
 
UCL
UCLUCL
UCL
 
100197
100197100197
100197
 
Internet relay chat (irc)
Internet relay chat (irc)Internet relay chat (irc)
Internet relay chat (irc)
 
Marrion Kujinga ; Firewalls
Marrion Kujinga ; FirewallsMarrion Kujinga ; Firewalls
Marrion Kujinga ; Firewalls
 
Analysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wiresharkAnalysis of network traffic by using packet sniffing tool wireshark
Analysis of network traffic by using packet sniffing tool wireshark
 
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
THE FIGHT AGAINST IP SPOOFING ATTACKS: NETWORK INGRESS FILTERING VERSUS FIRST...
 
Nachos Theoretical assigment 3
Nachos Theoretical assigment 3Nachos Theoretical assigment 3
Nachos Theoretical assigment 3
 
S/MIME
S/MIMES/MIME
S/MIME
 
Barriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC BerkeleyBarriers to TOR Research at UC Berkeley
Barriers to TOR Research at UC Berkeley
 
Internet protocol
Internet protocol Internet protocol
Internet protocol
 
Presentation1
Presentation1Presentation1
Presentation1
 

Destaque

5sonline tập 537
5sonline tập 5375sonline tập 537
5sonline tập 537Trung Ngoc
 
New Year, New Traveling: Beaches You Should Visit in January
New Year, New Traveling: Beaches You Should Visit in JanuaryNew Year, New Traveling: Beaches You Should Visit in January
New Year, New Traveling: Beaches You Should Visit in JanuaryAlexandra Arrivillaga
 
11-08-2013 AND THE PEOPLES' RESPONSE (Part 2 of the Artifact)
11-08-2013 AND THE PEOPLES' RESPONSE (Part 2 of the Artifact)11-08-2013 AND THE PEOPLES' RESPONSE (Part 2 of the Artifact)
11-08-2013 AND THE PEOPLES' RESPONSE (Part 2 of the Artifact)Vicente Antofina
 
CLD 495 final presentation
CLD 495 final presentationCLD 495 final presentation
CLD 495 final presentationLeslie Brown
 
Formulari tic tac tep (respostes) respostes al formulari 1
Formulari tic tac tep (respostes) respostes al formulari 1Formulari tic tac tep (respostes) respostes al formulari 1
Formulari tic tac tep (respostes) respostes al formulari 1aalbbetta
 
Pobreza extrema, participación y acceso a los derechos fundamentales para tod...
Pobreza extrema, participación y acceso a los derechos fundamentales para tod...Pobreza extrema, participación y acceso a los derechos fundamentales para tod...
Pobreza extrema, participación y acceso a los derechos fundamentales para tod...Movimiento ATD Cuarto Mundo España
 
murat_islam_bitirme_tezi_yürüyen_merdivenler
murat_islam_bitirme_tezi_yürüyen_merdivenlermurat_islam_bitirme_tezi_yürüyen_merdivenler
murat_islam_bitirme_tezi_yürüyen_merdivenlerMurat Islam CEng MIMechE
 
超級記憶力 Class 08學員版
超級記憶力 Class 08學員版超級記憶力 Class 08學員版
超級記憶力 Class 08學員版gary wang
 
Ficha de evaluación de software educativo
Ficha de evaluación de software educativoFicha de evaluación de software educativo
Ficha de evaluación de software educativoantobevaqua
 

Destaque (19)

5sonline tập 537
5sonline tập 5375sonline tập 537
5sonline tập 537
 
New Year, New Traveling: Beaches You Should Visit in January
New Year, New Traveling: Beaches You Should Visit in JanuaryNew Year, New Traveling: Beaches You Should Visit in January
New Year, New Traveling: Beaches You Should Visit in January
 
Educación ambiental
Educación ambientalEducación ambiental
Educación ambiental
 
Stephanie Dwyer Resumé
Stephanie Dwyer ResuméStephanie Dwyer Resumé
Stephanie Dwyer Resumé
 
11-08-2013 AND THE PEOPLES' RESPONSE (Part 2 of the Artifact)
11-08-2013 AND THE PEOPLES' RESPONSE (Part 2 of the Artifact)11-08-2013 AND THE PEOPLES' RESPONSE (Part 2 of the Artifact)
11-08-2013 AND THE PEOPLES' RESPONSE (Part 2 of the Artifact)
 
CLD 495 final presentation
CLD 495 final presentationCLD 495 final presentation
CLD 495 final presentation
 
Beheer&tuintech voorlopig
Beheer&tuintech voorlopigBeheer&tuintech voorlopig
Beheer&tuintech voorlopig
 
resume_admin_skills
resume_admin_skillsresume_admin_skills
resume_admin_skills
 
Violencia familiar Abordaje multidisciplinario
Violencia familiar Abordaje multidisciplinarioViolencia familiar Abordaje multidisciplinario
Violencia familiar Abordaje multidisciplinario
 
Αναγέννηση
ΑναγέννησηΑναγέννηση
Αναγέννηση
 
Evangelio según san juan 17
Evangelio según san juan 17Evangelio según san juan 17
Evangelio según san juan 17
 
Creatividad e innovación
Creatividad e innovaciónCreatividad e innovación
Creatividad e innovación
 
Formulari tic tac tep (respostes) respostes al formulari 1
Formulari tic tac tep (respostes) respostes al formulari 1Formulari tic tac tep (respostes) respostes al formulari 1
Formulari tic tac tep (respostes) respostes al formulari 1
 
Navojoa
NavojoaNavojoa
Navojoa
 
Doc1
Doc1Doc1
Doc1
 
Pobreza extrema, participación y acceso a los derechos fundamentales para tod...
Pobreza extrema, participación y acceso a los derechos fundamentales para tod...Pobreza extrema, participación y acceso a los derechos fundamentales para tod...
Pobreza extrema, participación y acceso a los derechos fundamentales para tod...
 
murat_islam_bitirme_tezi_yürüyen_merdivenler
murat_islam_bitirme_tezi_yürüyen_merdivenlermurat_islam_bitirme_tezi_yürüyen_merdivenler
murat_islam_bitirme_tezi_yürüyen_merdivenler
 
超級記憶力 Class 08學員版
超級記憶力 Class 08學員版超級記憶力 Class 08學員版
超級記憶力 Class 08學員版
 
Ficha de evaluación de software educativo
Ficha de evaluación de software educativoFicha de evaluación de software educativo
Ficha de evaluación de software educativo
 

Semelhante a VoIP

ETE405-lec7.pptx
ETE405-lec7.pptxETE405-lec7.pptx
ETE405-lec7.pptxmashiur
 
ETE405-lec7.ppt
ETE405-lec7.pptETE405-lec7.ppt
ETE405-lec7.pptmashiur
 
VoIP and multimedia networking
VoIP and multimedia networkingVoIP and multimedia networking
VoIP and multimedia networkingsangusajjan
 
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...Edureka!
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvanitrraincity
 
CCNA Interview.pdf
CCNA Interview.pdfCCNA Interview.pdf
CCNA Interview.pdfhoang971
 
Case study about voip
Case study about voipCase study about voip
Case study about voipelmudthir
 
ETE405-lec7.pdf
ETE405-lec7.pdfETE405-lec7.pdf
ETE405-lec7.pdfmashiur
 
True or False Explain Why- 1- SIP and RTP are protocols used to allow.docx
True or False Explain Why- 1- SIP and RTP are protocols used to allow.docxTrue or False Explain Why- 1- SIP and RTP are protocols used to allow.docx
True or False Explain Why- 1- SIP and RTP are protocols used to allow.docxgtameka
 
Voip
VoipVoip
VoipPTCL
 
Voice Over IP (VoIP) and STREAMING
Voice Over IP (VoIP) and STREAMINGVoice Over IP (VoIP) and STREAMING
Voice Over IP (VoIP) and STREAMINGRagheb Gmira
 
T C P I P Weaknesses And Solutions
T C P I P Weaknesses And SolutionsT C P I P Weaknesses And Solutions
T C P I P Weaknesses And Solutionseroglu
 
Shahnshah Sarker 072802556
Shahnshah Sarker 072802556Shahnshah Sarker 072802556
Shahnshah Sarker 072802556mashiur
 
Computer Seminar.pptx
Computer Seminar.pptxComputer Seminar.pptx
Computer Seminar.pptxMelvinShaji12
 
ETE405-lec4.pptx
ETE405-lec4.pptxETE405-lec4.pptx
ETE405-lec4.pptxmashiur
 
VoIP (Voice over Internet Protocol)
VoIP (Voice over Internet Protocol)VoIP (Voice over Internet Protocol)
VoIP (Voice over Internet Protocol)Abdullah Shah
 

Semelhante a VoIP (20)

ETE405-lec7.pptx
ETE405-lec7.pptxETE405-lec7.pptx
ETE405-lec7.pptx
 
ETE405-lec7.ppt
ETE405-lec7.pptETE405-lec7.ppt
ETE405-lec7.ppt
 
R43019698
R43019698R43019698
R43019698
 
VoIP and multimedia networking
VoIP and multimedia networkingVoIP and multimedia networking
VoIP and multimedia networking
 
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...
Cybersecurity Tutorial | Demo On Man In The Middle Attack | Cybersecurity Tra...
 
Secrity project keyvan
Secrity project keyvanSecrity project keyvan
Secrity project keyvan
 
CCNA Interview.pdf
CCNA Interview.pdfCCNA Interview.pdf
CCNA Interview.pdf
 
Case study about voip
Case study about voipCase study about voip
Case study about voip
 
ETE405-lec7.pdf
ETE405-lec7.pdfETE405-lec7.pdf
ETE405-lec7.pdf
 
True or False Explain Why- 1- SIP and RTP are protocols used to allow.docx
True or False Explain Why- 1- SIP and RTP are protocols used to allow.docxTrue or False Explain Why- 1- SIP and RTP are protocols used to allow.docx
True or False Explain Why- 1- SIP and RTP are protocols used to allow.docx
 
Voip
VoipVoip
Voip
 
Voice Over IP (VoIP) and STREAMING
Voice Over IP (VoIP) and STREAMINGVoice Over IP (VoIP) and STREAMING
Voice Over IP (VoIP) and STREAMING
 
How does VOIP work diagram
How does VOIP work diagramHow does VOIP work diagram
How does VOIP work diagram
 
Voip security
Voip securityVoip security
Voip security
 
T C P I P Weaknesses And Solutions
T C P I P Weaknesses And SolutionsT C P I P Weaknesses And Solutions
T C P I P Weaknesses And Solutions
 
Shahnshah Sarker 072802556
Shahnshah Sarker 072802556Shahnshah Sarker 072802556
Shahnshah Sarker 072802556
 
Computer Seminar.pptx
Computer Seminar.pptxComputer Seminar.pptx
Computer Seminar.pptx
 
Ip sec
Ip secIp sec
Ip sec
 
ETE405-lec4.pptx
ETE405-lec4.pptxETE405-lec4.pptx
ETE405-lec4.pptx
 
VoIP (Voice over Internet Protocol)
VoIP (Voice over Internet Protocol)VoIP (Voice over Internet Protocol)
VoIP (Voice over Internet Protocol)
 

Último

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .Alan Dix
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterMydbops
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditSkynet Technologies
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfNeo4j
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentPim van der Noll
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...Wes McKinney
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Alkin Tezuysal
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch TuesdayIvanti
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Mark Goldstein
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality AssuranceInflectra
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxLoriGlavin3
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfMounikaPolabathina
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Scott Andery
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersNicole Novielli
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesThousandEyes
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxLoriGlavin3
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityIES VE
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...panagenda
 

Último (20)

From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .From Family Reminiscence to Scholarly Archive .
From Family Reminiscence to Scholarly Archive .
 
Scale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL RouterScale your database traffic with Read & Write split using MySQL Router
Scale your database traffic with Read & Write split using MySQL Router
 
Manual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance AuditManual 508 Accessibility Compliance Audit
Manual 508 Accessibility Compliance Audit
 
Connecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdfConnecting the Dots for Information Discovery.pdf
Connecting the Dots for Information Discovery.pdf
 
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native developmentEmixa Mendix Meetup 11 April 2024 about Mendix Native development
Emixa Mendix Meetup 11 April 2024 about Mendix Native development
 
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
The Future Roadmap for the Composable Data Stack - Wes McKinney - Data Counci...
 
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
Unleashing Real-time Insights with ClickHouse_ Navigating the Landscape in 20...
 
2024 April Patch Tuesday
2024 April Patch Tuesday2024 April Patch Tuesday
2024 April Patch Tuesday
 
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
Arizona Broadband Policy Past, Present, and Future Presentation 3/25/24
 
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance[Webinar] SpiraTest - Setting New Standards in Quality Assurance
[Webinar] SpiraTest - Setting New Standards in Quality Assurance
 
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptxThe Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
The Fit for Passkeys for Employee and Consumer Sign-ins: FIDO Paris Seminar.pptx
 
What is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdfWhat is DBT - The Ultimate Data Build Tool.pdf
What is DBT - The Ultimate Data Build Tool.pdf
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
Enhancing User Experience - Exploring the Latest Features of Tallyman Axis Lo...
 
A Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software DevelopersA Journey Into the Emotions of Software Developers
A Journey Into the Emotions of Software Developers
 
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyesAssure Ecommerce and Retail Operations Uptime with ThousandEyes
Assure Ecommerce and Retail Operations Uptime with ThousandEyes
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptxDigital Identity is Under Attack: FIDO Paris Seminar.pptx
Digital Identity is Under Attack: FIDO Paris Seminar.pptx
 
Decarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a realityDecarbonising Buildings: Making a net-zero built environment a reality
Decarbonising Buildings: Making a net-zero built environment a reality
 
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
Why device, WIFI, and ISP insights are crucial to supporting remote Microsoft...
 

VoIP

  • 1.
  • 2.
  • 4. VoIP (Voice Over Internet Protocol) is considered to be the future replacement of PSTN (Public Switched Digital Network), So VoIP must be a reliable, secure and efficient to critical and sensitive operations as in emergency lines, business lines, police and military lines. So our goal is to Improve VoIP security by analysing threats in VoIP system and find a solution that manage us to block threads found in RTP (Real-time Transport Protocol) and make VoIP system to be more secure.
  • 5. End-of-year subscribers Total consumer annual revenue 4500 12 4000 3500 10 3000 8 2500 6 2000 1500 4 1000 2 500 0 0 2004 2005 2006 2007 2008 2009 USD ( million ) 14 Households ( million ) VoIP is a rapidly growing Internet service that replaces telephony. VoIP has become one of the most important activities for internet users. Making VoIP available and reliable has become important for big segment of people.
  • 6. Type: Qualitative Approach: Case study; we evaluate the enhancements in security for different cases of attacks. Methods: Task observation Test different security mechanisms to enhance the security level. Test different attack scenarios that may cause DOS (Denial of Service).
  • 7. Many attackers aim to make the VoIP service down they may target the backdoors of the (RTP) to make (DoS) attacks on it. So we need fully encrypted (RTP) packets as what is done in (SRTP). Since most of these solutions require far more advanced and expensive equipment and infrastructure to be available to all users of VoIP and that can't be the case we require to make VoIP available alternative for (PSTN).
  • 8. Chapter One: Introduction to VoIP (Voice over Internet Protocol). Chapter Two: Hands on Encryption in Different Systems. Chapter Three: Overview of (AES) Advanced Encryption Standard. Chapter Four: Threats and Attacks on VoIP. Chapter Five: VoIP Requirements and Protocols Architecture. Chapter Six: Recent Trends In VoIP Security. Chapter Seven: Proposed Model. Chapter Eight : Conclusion and Future Work.
  • 9. The control messages over (RTCP) and the stream over (RTP) are sent over two different sockets. So the delay due to the encryption of any of the control messages will not affect the speed of the stream. The Reception Reports may be strongly authenticated by encrypting the (SSRC) in the Reception Report by the private key of the sender. The rate of sending reception reports insures an interval between packets so that an encryption of the reception reports is possible in this interval.
  • 10. VoIP is a technology for transmitting and managing voice information over Internet Protocol. Instead of traditional analog telephone, the phone calls can be placed with for example Windows PC, and IP network. VoIP Takes analogue audio signals and turns them into digital signals, or packets. VoIP is the process of transferring the voice into data then is carried over the Internet by Packet Switching technology.
  • 11. In addition, wireless in locations such as airports, parks and cafes allow you to connect to the Internet and may enable you to use VoIP service wirelessly.
  • 12. Answering SIP UA Conne ct Call Control Logic Conne ct Originating SIP UA RTP / RTCP SIP SIP The process of creating a session between two VoIP parties. They start with signaling protocol Session Initiation Protocol (SIP) then they open Real-time Transport Protocol (RTP) session to start streaming .
  • 13. VoIP provides worldwide voice network through already exists networks so it provides wide area calls. VoIP provides advanced features like video calls and video conference. VoIP is digital technology so it is more secure than analogue systems. VoIP is cheap enough to open new segments such as small business, home users, students especially in Long distance costs. VoIP Support for an optional Bluetooth phone, Ethernet or Wi-Fi LAN.
  • 14. Internet Protocol (IP) IP is a routing protocol for the passing of data packets. Real Time Transport Protocol (RTP) RTP is used to exchange media information such as voice or video and provide end-to-end delivery services. Transmission Control Protocol (TCP) TCP resides at layer four (transport layer) and its function is to ensures that all packets are delivered to the destination and at the correct order.
  • 15. User Datagram Protocol (UDP) UDP is a simpler protocol that confirm where a packet is sent and a response is received. RTP Control Protocol (RTCP) RTCP is used to control of aspects of RTP sessions. An application may use this aspects to control quality of service parameters, perhaps by limiting flow, or using a different codec.
  • 16. Confidentiality Data confidentiality which relates to the data being kept safe and only disclosed to authorized parties that can access the information. Availability The system being available for use when needed such systems as critical systems (Financial, Banking , Police records , military records) have to remain available for use at all time. Integrity The integrity of data comes from the data being modified or destroyed by the appropriate personnel only.
  • 17. Denial of Service (DoS) A DoS attack is characterized by an attempt by attackers to prevent actual users of a service from using that service. Attacks occur when a malicious user sends an extremely large amount of random messages to one or more VoIP end-points.
  • 18. Symmetric Encryption Data can be encrypted using a private (Secret) key, both the sender and the receiver must know and use the same private key. Asymmetric encryption It is an encryption type that uses two keys, One key is said (Public) key of someone and the other key is (Private) key which derived from the public key. This process occurs every session that is take a long time so a delay in transfer packets occurs.
  • 19. Since a symmetric encryption uses one public key and no message delay occurs it is our choice encryption algorithm to apply with a VoIP. Types of Symmetric Encryption Data Encryption Standard (DES) DES applies a (56-Bit) key to each (64-Bit) block of data. The process can run in several modes and involves (16-Rounds) or operations. Both the sender and the receiver must know and use the same private key.
  • 20. Triple DES(3-DES) This method is the same process as DES but instead of going for one single round of encryption reapplied to the cipher-text for two extra times making it a three times the power of ordinary DES. The data is encrypted with the first key, decrypted with the second key, and finally encrypted again with the third key. Triple DES runs three times slower than ordinary DES, but it is much more secure if used properly.
  • 21. Advanced Encryption Standard (AES) AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. AES algorithm used (128,192,256-bit) keys to encrypt and decrypt (128-bit) block of data. AES algorithm is based on permutations and substitutions. Permutations are re-arrangements of data, and substitutions replace one unit of data with another.
  • 22. Comparison of Cipher text and Plain Text Block sizes of (DES),(3-DES), (AES) DES 3-DES AES Plaintext block size (bits) 64-bits 64-bits Cipher text Block size (bits) 64-bits 64-bits 128-bits Key size (bits) 56-bits 112 or 156 bits 128,192or256 bits 128-bits
  • 23. Advantages of AES AES provides more security due to larger block size and longer keys, Where AES uses 128 bit fixed block size and works with 128, 192 and 256 bit keys. AES used in commercial applications such as banking and financial transactions, telecommunications, and private and Federal information.
  • 24. After studying of (VoIP), it is clearly that (VoIP) is very important technology that is considered to replace (PSTN). VoIP system is still at this moment needs more strong secure techniques. After studying some of encryption algorithms we found that (AES) encryption algorithm is the best one.
  • 25. (RTP) not encrypted. Any Third-Party can be one of the members of session easily and can make (DOS) to the actual users. Using suitable encryption algorithm (AES) can encrypt the (SSRC) number and prevent any attacker to reach the members of session. AES was chosen for many reasons: Suitable to work with VoIP (AES) runs much faster than any other encryption algorithms in both encryption and decryption phases. (AES) more secure due to working with (128:192:256) bit-key.
  • 26. For future updates another proposal can be made to integrate all available security solutions into a crypto package of our own or to add the (SSRC) encryption module as software in VoIPsec package making a more advanced security infrastructure for our future VoIP systems. Another Future reference is to implement (SSRC) encryption in core of the (RTP) protocol itself and provide it as a new replacement for the currently available (RTP) protocol instead of the demanding (SRTP) protocol currently used by high grade security VoIP systems.