IMPACT OF SECURITY MECHANISMS ON SIP BASED VOIP-NETWORKS

By

ACKNOWLEDGEMENT

This research would not have been possible without the support of my supervisor and my family. I would like to thank them for their utmost support in this project.

DECLARATION

I, [type your full first names and surname here], am declaring that this research has not been submitted earlier for any education or qualification and it represents my own thoughts and ideas and not of university.

Signed __________________ Date _________________

Abstract

VOIP is gaining more popularity day by day in today's communications. The purpose of my project is to analyze the security in VOIP systems and to also analyze security factors which affect the quality of VoIP-networks as more people are migrating to converged networks consisting of both voice and data. The security risks and QoS related with VoIP-networks will be analyzed when VOIP is implemented. As IP networks are not designed for real time applications, the main factors which damage the speech quality in the VoIP-network are packet loss, jitter and delay. My project mainly stresses on the underlying of SIP based VOIP protocol. SIP is becoming main signaling protocol for VoIP-networks but, though, it is vulnerable to many attacks. A literature review will be carried out regarding security of VoIP-networks and will be followed by simulation to analyze best practices and general recommendations for providing secured VoIP-networks.

TABLE OF CONTENTS

[IMPACT OF SECURITY MECHANISMS ON SIP BASED VOIP-NETWORKS]I

ACKNOWLEDGEMENTII

DECLARATIONIII

ABSTRACTIV

TABLE OF CONTENTSV

CHAPTER 1: INTRODUCTION1

Background of the study1

Problem Statement1

Research Aims and Objectives2

Significance of the Study3

Project Objectives3

Rationale/ Nature of the study4

Hypothesis/Research Question5

Limitations of VOIP6

CHAPTER 2: LITERATURE REVIEW7

Using an ATA:10

Using an IP Phone:10

VoIP joining directly:11

Advantages of VoIP11

Lower costs:11

VoIP-network:12

H.235v2 (November 2000)12

H.235v313

Session Initiation Protocol (SIP)13

VoIP Infrastructure Risks13

VoIP Infrastructure Risks14

SIP Vulnerabilities15

Hijack registration15

Impersonation of server15

Message body exploitation16

Risks within the instruction of the VoIP Service16

IP phone hijacking16

Modification of reporting data16

Phone backed DDoS17

Change caller ID17

Identity theft17

Session hijacking17

Insertion of content17

VoIP Availability, Confidentiality and Integrity18

Countermeasures indoor the VoIP-network19

Physical security19

Encryption of traffic19

Segmentation19

Duplicate TCP/IP services19

Filter traffic19

Separation of traffic20

Deployment of appeal for vocation aware filters20

Signal and Voice Paths20

Voice and Video Transmission in VoIP21

SIP as the Signalling Protocol22

Sip-network safety measures24

CHAPTER 3: METHODOLOGY31

The Method to Be Employed by the Project31

Data Collection and Analysis32

How the Method of the Project to be Illustrated Validated or Evaluated32

Resource Requirements34

Risk Management Strategy35

CHAPTER 4: DISCUSSION AND ANALYSIS37

Password and Access Controls37

Encryption37

Authentication and Authorization39

Strict Routing40

Security answers for SIP management42

CHAPTER 5: CONCLUSION46

REFERENCES47

Chapter 1: Introduction

Background of the study

In this age of information communication, Voice over Internet Protocol (VOIP) has taken the major portion of the interactions and it is dominating in modern daily life. In the future, VOIP will be going to dominate our lives. The basic infrastructure for conventional VoIP-network is fiber optic data cable.

There are basically 3 methods through which VOIP technology can be fixed to make phone calls:

Using ATA (Analogue Telephone adapter) - It Uses Ethernet jack for connecting analogue telephone to VoIP-network. It often implies SIP protocol.

Using an IP phone It uses Ethernet port for directly connecting IP phone to the VOIP server.

VOIP connecting directly

Problem Statement

The most employed migration strategy from PSTN to Universal Mobile Telecommunication Systems (UMTS) is through ...