Wrote Ing. Pavel Rosman, Ph.D. – Department of Informatics and Statistics, Faculty of Management and Economics, Tomas Bata University in Zlín, e-mail: rosman@fame.utb.cz

This thesis deals with problems of Internet telephony security. It also contains description of basic properties and characteristics of Voice over IP technology. There are also categorized possible threats and attacks and included their short descriptions and specified basic requirements on safe and secure operation. Next part deals with tested attacks with respect to information the clients send to the Internet about their users. The last part of the thesis is concluded with a list of selected implemented security mechanisms.

INTRODUCTION
Voice over Internet Protocol, also called VoIP, IP Telephony, internet telephony, Broadband telephony, Broadband Phone and Voice over Broadband is the routing of voice conversations over the Internet or through any other IP-based network. VoIP is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money and offering increased features and productivity. All these benefits come at a price, vulnerability. It is easier to attack and exploit a voice and data network. VoIP will need extra security measures beyond the standard security that is typically implement for a computer network. Many issues need to be addressed such as type of attacks, security, quality of service and VoIP protocols.

1. FUNCTIONALITY
VoIP can facilitate tasks that may be more difficult to achieve using traditional networks:

• Ability to transmit more than one telephone call down the same broadband-connected telephone line. This can make VoIP a simple way to add an extra telephone line to a home or office.
• Many VoIP packages include PSTN features that most telcos (telecommunication companies) normally charge extra for, or may be unavailable from your local telco, such as 3-way calling, call forwarding, automatic redial, and caller ID.
• VoIP can be secured with existing off-the-shelf protocols such as Secure Real-time Transport Protocol. Most of the difficulties of creating a secure phone over traditional phone lines, like digitizing and digital transmission are already in place with VoIP. It is only necessary to encrypt and authenticate the existing data stream.

Companies providing VoIP service are commonly referred to as providers, and protocols which are used to carry voice signals over the IP network are commonly referred to as Voice over IP or VoIP protocols. There are two types of PSTN to VoIP services: Direct Inward Dialing (DID) and access numbers. DID will connect the caller directly to the VoIP user, while access numbers require the caller to input the extension number of the VoIP user.

2. RELIABILITY
Conventional phones are connected directly to telephone company phone lines, which in the event of a power failure are kept functioning by back-up generators or batteries located at the telephone exchange. However, household VoIP hardware uses broadband modems and other equipment powered by household electricity, which may be subject to outages in the absence of an uninterruptible power supply or generator. Early adopters of VoIP may also be users of other phone equipment, such as PBX and cordless phone bases, which rely on power not provided by the telephone company. Even with local power still available, the broadband carrier itself may experience outages as well. While the PSTN has been matured over decades and is typically extremely reliable, most broadband networks are less than 10 years old, and even the best are still subject to intermittent outages. Furthermore, consumer network.

Fig. 1 An overview of how VoIP works
technologies such as cable and DSL often are not subject to the same restoration service levels as the PSTN or business technologies such as T-1 connection

3. VoIP PROTOCOLS
There are many VoIP protocols in the market. Some are proprietary while others are open standards. The two most popular open protocols are H.323 and SIP. They were designed by two different organizations and operate slightly differently. They both have problems with the use of random ports problems with NAT translations and firewalls.H.323 is an International Telecommunication Union standard for audio and video communication across a packet network (National Institute of Standards and Technology 2005). There are four types of devices under H.324: terminals, Gateways, Gatekeepers and Multi-Point Conference Units. The terminals are phones and computers. Gateway provides an exit to other networks. The Gatekeeper handles addressing and call routing while the MCU provided conference call support. H.323 is a complicated protocol and uses other protocols to perform other vital tasks.

Fig. 2 Protocols of the VoIP

Session Initiation Protocol (SIP) is a signaling protocol for Internet conferencing, telephony, presence, events notification, and instant messaging (Schulzrinne 2006). SIP is an application layer protocol that uses TCP and UDP. The protocol is designed to work with servers and endpoints such as phones. The Internet Engineering Task Force developed this VoIP protocol. Another typical feature on a network is Network Address Translation. NAT provides a method of changing private IP address in to public ones. It also allows for port translation. It is a method to conserve IP addresses and add another layer of security.

There three types of servers. The location server maintains a database of the location of all endpoints. The proxy server passes the calls between networks while the registrar server authenticates all traffic.

4. SECURITY VULNERABILITIES
A secure telephone is a telephone that provides voice security in the form of end-to-end encryption for the telephone call, and in some cases also the mutual authentication of the call parties, protecting them against a man in the middle attack. All Voice over IP traffic should be routed on separate VLANs than the data networks. This while make it harder to have both your data network and VoIP network compromised. Viruses will have a harder time infecting both sides of your network. It also makes it more difficult to sniff, intercept, or eavesdrop on traffic when it is divided up into separate VLANs.VoIP has many security vulnerabilities that need to be protected. Encryption, Virtual LANs and Firewalls are a necessity on all networks that deploy VoIP. Also Network Address Translation should be avoided. These are a few important features that need to be addressed.

Fig. 3 Communication – VoIP traffic

There are many different methods that VoIP can be attacked or exploited. Some attacks try to steal information while others attempt to shut down your network. The attacks include eavesdropping, spoofing, denial of service, call redirection, and replay attacks.Encryption helps protect your privacy and authenticates the message. Transport Layer Security and IPsec are the two main encryption methods. IP security is used to encrypt call setup and control messages. TLS is an alternative to IPsec and is based off the SSL protocol. It is used is used to provided an secure call setup. Many different algorithms can be used such as DES, 3DES, AES, RC4, and RC5. The simpler encryption results in better performance. It is an effective measure against eavesdropping and protects sensitive information.Eavesdropping is the unauthorized interception of voice packets and the decoding of the conversations. It is relatively easy and simple. There are many free network analyzer, snifters and packet capture tools that can convert VoIP traffic to wave files. This allows you to save the files and play them back on a computer.Vomit (Voice over Misconfigured Internet Telephones) is an example of such a tool. Typically eavesdropping is restricted to the subnet the phone is attached to and the path it takes to the destination. The National Security Agency is able to eavesdrop on all international calls coming into or out of the United States.Replay attacks are used to gain more information about the source network. A packet is captured and retransmitted into the network to generate more traffic to be captured and analyzed. This allows for more information about the network. These attacks are often a prelude to other attacks such as man-in-the-middle and spoofing.Packet spoofing uses a false source address on the IP packets. The network data such as a VoIP call will appear from a different often trust source than where it originated. This is also known as masquerading. Spoofing can change caller ID number, hide the origin of attacks, and pretend to be a trusted host. Several services available allow you to spoof your phone number.Call redirection occurs when a call is intercepted and rerouted through a different path before reaching the destination. This could lead to eavesdropping, call fraud, and illegal use of your networks. If your network is compromised, the call could be redirected through the network to hide the source or to charge the phone calls to your company.Denial of Service is a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. VoIP is more susceptible to DOS than a typical computer network. Not only does it suffer from the standard DoS attacks of flooding the network with traffic to the point it crashes but it also has its our specific vulnerabilities. VoIP specific DoS attacks use setup and “cancellation of pending call set up signals … including sending a CANCEL, GOODBYE or PORT UNREACHABLE message” (Roberts 2005). This causes the phones not being able to complete calls or hang up. With DoS there is a chance that both you data network goes down along side of your phone services provided through VoIP.The many consumer VoIP solutions do not support encryption yet, although having a secure phone is much easier to implement with VoIP than traditional phone lines. As a result, it is relatively easy to eavesdrop on VoIP calls and even change their content. There are several open source solutions that facilitate sniffing of VoIP conversations. A modicum of security is afforded due to patented audio codec’s that are not easily available for open source applications; however such security through obscurity has not proven effective in the long run in other fields. Some vendors also use compression to make eavesdropping more difficult. However, real security requires encryption and cryptographic authentication which are not widely available at a consumer level.

The Voice VPN solution provides secure voice for enterprise VoIP networks by applying IPSec encryption to the digitized voice stream. If you are considering using VoIP or digital phone service, please be aware of the following:

• VoIP requires continuous power. If you lose power, you will not be able to use any phone connected to VoIP. More importantly, the security system will not send a signal to the Allied Fire & Security’s monitoring center.
• If you change your telephone number to take advantage of VoIP savings, it is important that you immediately advise Allied so we may update your account with accurate information.
• If the Allied alarm system has a line cut feature, it may NOT sound the alarm if the communication line on the outside of your premise is cut. The alarm panel checks the telephone line for voltage that is currently supplied by your telephone company. Certain characteristics of VoIP may lower the voltage and affect the security features of your alarm.
• Allied may lose the ability to download software changes to your alarm system (adding/deleting users, pass numbers, etc). A chargeable service call may be necessary to visit your premise to make these changes.
• Any changes or upgrades made to your VoIP service could impact the ability of the security system to transmit signals. You should always retest the system after any upgrades to your VoIP service.

Other issues with VoIP include:

• VoIP does not offer the same quality of service as direct telephony connections do. There are problems with connectivity, security, disability access, and emergency access.
• Many VoIP connections may not properly handle outgoing calls from fax machines, TiVO boxes, satellite television receivers, conventional modems or fax modems. These devices depend on conventional voice-grade telephone lines for some or all of their functionality.

5. SECURE YOUR WIRELESS VOIP SYSTEM
WiFi networks provide a tempting entry point for hackers and other unauthorized users.Many enterprises are discovering the cost and productivity benefits wireless VoIP provides. As a result, a growing number of enterprises are installing wireless hotspots inside office buildings, warehouses, shipping yards, corporate campuses and various other facilities, allowing employees with wireless IP handsets and other compatible devices to talk to each other, as well as the outside world, without relying on desktop phones.

Yet wireless VoIP technology is not without risk. Unsecured voice packets can be intercepted and WiFi networks provide a tempting entry point for hackers and other unauthorized users. Wireless VoIP security is always the network operator’s responsibility, since mobile device users have no control over where their signals go. As with VoIP security in general, gaining control over wireless VoIP systems is challenging work. But careful planning and analysis will help ensure that your enterprise’s VoIP traffic flows steadily and securely. Here are five ways to make that happen:

• Look for Equipment That Incorporates Wireless Security Standards. The first wireless network security standard – Wired Equivalent Privacy (WEP) – was a rather weak and vulnerable technology. But newer specifications, such as WiFi Protected Access (WPA), WPA2 and IEEE 802.11i are powerful and security benchmarks. Make sure your network devices take full advantage of a least one of these technologies.
• Take Advantage of Encryption and Authentication WPA, WPA2 and IEEE 802.11i all offer built-in advanced encryption/authentication technologies that can help secure a wireless VoIP system. WPA2 and 802.11i both support the Advanced Encryption Standard (AES), which provides U.S. government-level protection.
• Use Multilevel Protection. Embed security within security. An IP handset, for example, may send encrypted audio while IEEE 802.11ii authenticates and encrypts the wireless connection.
• Use a VoIP Firewall. A well-configured firewall will block hackers trying to enter an enterprise VoIP system through a wireless device. Firewalls are a standard security feature on networks. They protect the network from attacks by inspecting each packet that travels to and from the network. Firewalls have trouble filtering VoIP traffic due to dynamic port assignments through out the call.
• Provide Adequate Training Wireless VoIP users should be alerted to security threats and encouraged to report any unusual or suspicious activities they detect.

7. CONCLUSION
Security is a necessary part of any computer network. VoIP has many security vulnerabilities to attacks such as Spoofing, Eavesdropping, and Denial of Service. Encryption, Virtual LANs and Firewalls are a necessity on all networks that deploy VoIP. Also Network Address Translation should be avoided. These are a few important features that need to be addressed. Encryption helps protect your privacy and authenticates the message.VoIP needs to be protected beyond the standard measures. VLANs and Firewalls need to be configured to support VoIP traffic. Encryption should be used while NAT is avoided. All security measures needs to balance protect with quality of service of the network.

BIBLIOGRAPHY AND ONLINE SOURCES

[1] EDWARDS, John: A Guide to Understanding the VoIP Security Threat [online]. [cit. 2007-08-20 ]. Dostupné na WWW: < http://www.voip-news.com/feature/voip-security-threat-021407/>
[2] JAŠEK, Roman: Computer Crime and its Present Forms. In Vybrané pohledy na bezpečnost podnikání a života. Zeszyty naukowe EAS Nr.5. Kraków-Zlín: European Association for Security, 2005. 29 s. ISBN 83-919932-4-8>
[3] PISCITELLO, David: Chraňte si svou síť VoIP – Hrozby .Computerworld – informační zdroj pro IT profesionály [online]. [cit. 2007-06-27 ]. Dostupné na WWW:
[4] PŘIBYL, Tomáš: Bezpečnost VoIP – Komunikace [online]. In PC WORLD – magazín digitálního věku, 2006, č. 6-7. [cit. 2007-07-17]. Dostupné na WWW:
[5] Van HEESCH, Tom: Bezpečnost VoIP. In Business World – IT strategie pro manažery. Praha: IDG Czech, leden 2007, č. 1, s. 46-50, ISSN 1213-1709
[6] WALLINGFORD, Ted: Switching to VoIP. O´REILLY, 2005. ISBN 0-596-00868-6