Voice Over Internet Protocol for Security

1. Group 3
Shobhan Garg – 205113003
Rajesh Sethi – 205113013
Richa Choudhary – 205113023
Akash Hirke – 205113033
Ayaz Qureshi – 205113043
Kaushal Varshney – 205113053
Rohit Gurjar – 205113063
Jitendra Nagar – 205113073
Arun Kumar Meena - 205113077
Arpit Gupta - 205113083
VoIP Security

2. What is VoIP

3. Voice Over Internet Protocol (VoIP)
• A methodology for the delivery of Voice Communications
over Internet Protocol Networks, such as the Internet
• Also called as IP Telephony, Internet Telephony, Broadband
Telephony or Broadband Phone Service

4. Voice over Internet Protocol (VoIP)
contd…
• Similar to Traditional Digital Telephony
• Involve Signaling, Digitization of the Analog Voice Signals, and En
coding
• Traditional Digital Telephony sends the Digital Signals over a Circ
uit Switched Network
• In VoIP, the digital information is packetized, and transmission oc
curs as IP Packets over a Packet Switched Network

5. VoIP Architectures
• PC to PC
• Phone to Phone Via Internet
• PC to Phone

6. Session Initiation Protocol (SIP)
• Can be used for Two Party (Unicast) or Multiple Party (Mul
ticast) Sessions
• Each resource of a SIP Network is identified by a Uniform
Resource Identifier (URI)
• The URI is of the form
• sip:username:password@host:port

7. SIP Network Elements
• User Agent
• Proxy Server
• Registrar
• Redirect Server
• Session Border Controller
• Gateway

8. Quality of Service (QoS)
• Less Reliable as there is no mechanism to ensure that the
Data Packets are not lost and are arriving in order
• A Best Effort Network
• Latency can be introduced that may exceed the permissibl
e values
• Latency can be minimized by marking Voice Packets as bei
ng delay-sensitive

9. PSTN vs. INTERNET
• PSTN
• Voice network use circuit
switching.
• Dedicated path between
calling and called party.
• Bandwidth reserved in ad
vance.
• Cost is based on distance
and time.
INTERNET
• Data network use packet
switching.
• No dedicated path betw
een sender and receiver.
• It acquires and releases
bandwidth, as it needed.
• Cost is not based on dist
ance and time.

10. Overcoming the Challenges
 Latency
 Packet loss
 Scalability
 Jitter
 Bandwidth
 Reliability
 Security
 Interoperability

11. Latency
 Latency is the time taken for a packet to arrive
at its destination
 Packet switching overhead
 Congestion
 Latency may result in voice synchronization pro
blems
Packet Loss
 Packet loss in unavoidable
 It can be minimally tolerated in voice transmiss
ion
 It should not, in the first place, distort the audio

12. Scalability
Ability to add more telephony equipment as the company grows
Network bandwidth and other issues may have an effect on sca
lability
Jitter
Jitter is the delay experienced in receiving a packet when a packet is
expected to arrive at the end point at a certain time
Bandwidth
When bandwidth is shared between voice and computer data, certain
bandwidth may have to be allocated for voice communication on a n
etwork

13. Reliability
 Because the computer network is used, the r
eliability of the network will have an impact
on the telephony service
 In the analog telephone industry, reliability of 99
.999 percent uptime is required
 The above is known as five nines
 VoIP networks can achieve over 98 percent
reliability ?

14. Security
 As VoIP uses the Internet, for example, it is vul
nerable to the same type as security risks
 Hacking
 Denial of service
Interoperability
• IP telephony equipment manufactu
red by different vendors must be ab
le to talk to each other
– Standardized protocols are needed

15. How VoIP Works:
With VoIP, analog voice calls are converted into packets of data. The packets tra
vel like any other type of data, such as e-mail, over the public Internet and any
private Internet Protocol (IP) network.
Using a VoIP service, you can call landline or cell phones. You can also call com
puter-to-computer, with both parties speaking into a computer microphone and
listening through computer speakers or headsets.

16. • Converting the voice signal
– ADC (analog to digital)
– DAC (digital to analog)
Voice (source) - - ADC - - - Inte
rnet - - - DAC - - Voice (dest)
• Transmission of voice traffic in

18. • The 1-2-3s of VoIP
• 1. Compression – voice is compressed typic
ally with one of the following codecs, G7.11 64
k, G7.29AB 8k, G723.1 6.3k
• 2. Encapsulation – the digitized voice is wra
pped in an IP packet
• 3. Routing – the voice packet is routed thru t
he network to its final destination

19. Components
• VoIP Protocols
• VoIP Gateway
• VoIP Codecs

20. 1. VOIP Gateway
Voice over Internet Protocol (VoIP) gateway is a
device that converts analog telephony signals to
digital.
A network device that converts voice and Fax
calls, in real time, between the public switched tel
ephone network (PSTN) and an IP network.

21. Type of Gateway
• Analog
- FXS gateway
- FXO gateway
• Digital

22. Features
• Call routing, packetization and control signaling
management.
• Voice and fax compression/decompression.
• External controller interfaces.

23. VOIP Codecs
• A codec, which stands for coder-decoder, converts an audio sign
al into compressed digital form for transmission and then back i
nto an uncompressed audio signal for replay. It's the essence of
VoIP. It converts each tiny sample into digitized data and compr
esses it for transmission.
• Common VoIP Codec:
• G.711 - Delivers precise speech transmission. G.711 uses a logar
ithmic compression. It squeezes each 16-bit sa
mple to 8 bits, thus it achieves a compression ratio of 1:2. The
resulting bitrate is 64 kbit/s for one direction, so a call consume
s 128 kbit/s.
• This codec can be used freely in VoIP applications as the
re are no licensing fees. It works best in local area networks w
here we have a lot of bandwidth available.

24. • G.722 - Adapts to varying compressions and bandwid
th is conserved with network
congestion.
• G.729 - G.729 is a codec that has low bandwidth req
uirements but provides good audio qua
lity (MOS = 4.0). The codec encodes audio in frames,
each frame is 10 milliseconds long. Gi
ven the sampling frequency of 8 kHz, the 10 ms fram
e contains 80 audio samples. G.729 is a licensed
codec.
•
• G.723.1 - High compression with high quality audio. L
ot of processor power. It is a licensed codec.
•
• G.726 – An improved version of G.721 and G.723 (dif

25. PBX
Yesterday’s Networks
Circuit Switched Networks (Voice)
CO
PBX
CO
CO
Packet Switched Networks (Data)
Router
Router
Router
Router
Router
• Separated networks
• Separated applications/services

26. PBX
IP Phone
Converged Network
PSTN
CO
Gateway
Router
Router
Router
Router
• Converged network
• Separated or integrated applications
PBX
IP Phone

27. IP Network
Multimedi
a PC
Multimedi
a PC
Initially, PC to PC v
oice calls over the I
nternet
VoIP Architecture?
PSTN
(DC)
Gateway
PSTN
(NY)
Gateway
Public Switched Tele
phone Network
Gateways allow PCs
to also reach phone
s
…or phones to reac
h phones

28. VoIP Network Model
SIP
RTP, RTCP, RTSP
Transport Layer (UDP, TCP)
Network Layer (IP, IP Multicast)
Data Link Layer
Physical Layer

29. • The Session Initiation Protocol (SIP) is a communicati
ons protocol for signaling and controlling multimedia
communication sessions. The most common applicatio
ns of SIP are in Internet telephony for voice and video
calls, as well as instant messaging all over Internet Pro
tocol (IP) networks.
• The Real-time Transport Protocol (RTP) is a network p
rotocol for delivering audio and video over IP network
s. RTP is used extensively in communication and enter
tainment systems that involve streaming media, such a
s telephony, video teleconference applications, televisi
on services and web-based push-to-talk features.

30. • The Real Time Streaming Protocol (RTSP) is a netwo
rk control protocol designed for use in entertainment
and communications systems to control streaming m
edia servers. The protocol is used for establishing an
d controlling media sessions between end points.
• Higher overhead of TCP does not make sense for tele
phone call. Because audio must stream! No wait for
missing packets. Play missing part as silence.
• UDP Offerrs best-effort delivery. to handle duplication
, delay, out-of-order delivery, each RTP message cont
ains

31. IP Protocol Layering
Physical Transport (e.g, Cable Modem)
IP (Internet Protocol)
TCP UDP
Applications (e.g., email, web pages)
Email Data (1000 bytes)TCP Header
(20 bytes)
IP Header
(20 bytes)
A Typical IP Datagram

32. VoIP SIP

34. Advantages of VoIP
• Cheaper than the Traditional Telephone System
• Calls can be made from anywhere to anywhere using the
single account
• Images, Videos and Text can also be sent along with the V
oice
• The Network need not be of a particular Topology

35. Disadvantages of VoIP
• Packet Loss and Jitter can be there
• Calls cannot be made if the Internet Connection is down
• Calling Emergency Numbers using VoIP will not provide y
our location to the Emergency Response Services

36. VoIP Security

37. SECURITY BASICS
• AUTHENTICATION
• AUTHORIZATION
• AVAILABILITY (Use of different segment for VoIPs)
• ENCRYPTION

38. ATTACK VECTORS
A local subnet, such as an internal network, where VoIP is
used By
unplugging and/or sharing a VoIP hard phone’s Ethernet
connection
(usually sitting on one’s desk), an attacker can connect to the
voice
network.

39. A local network that is using wireless technology with
untrusted users,
such as a coffee shop, hotel room, or conference center
An attacker
can simply connect to the wireless network, reroute traffic,
and capture VoIP calls

40. A public or non-trusted network, such as the Internet,
where VoIP
communication is used An attacker who has access to a
public network
can simply sniff the communication and capture telephone
calls.

41. • Compromising the VOIPs phone’s configuration file
• Uploading a malicious configuration file

42. UNCONVENTIONAL VOIP SECURITY
THREATS
• VoIP Phishing
• Caller ID Spoofing
• Anonymous Eavesdropping and Call Redirection
• Spam Over Internet Telephony