IMPACT OF SECURITY MECHANISMS ON SIP BASED VOIP-NETWORKS
By
ACKNOWLEDGEMENT
This research would not have been possible without the support of my supervisor and my family. I would like to thank them for their utmost support in this project.
DECLARATION
I, [type your full first names and surname here], am declaring that this research has not been submitted earlier for any education or qualification and it represents my own thoughts and ideas and not of university.
Signed __________________ Date _________________
Abstract
VOIP is gaining more popularity day by day in today's communications. The purpose of my project is to analyze the security in VOIP systems and to also analyze security factors which affect the quality of VoIP-networks as more people are migrating to converged networks consisting of both voice and data. The security risks and QoS related with VoIP-networks will be analyzed when VOIP is implemented. As IP networks are not designed for real time applications, the main factors which damage the speech quality in the VoIP-network are packet loss, jitter and delay. My project mainly stresses on the underlying of SIP based VOIP protocol. SIP is becoming main signaling protocol for VoIP-networks but, though, it is vulnerable to many attacks. A literature review will be carried out regarding security of VoIP-networks and will be followed by simulation to analyze best practices and general recommendations for providing secured VoIP-networks.
TABLE OF CONTENTS
[IMPACT OF SECURITY MECHANISMS ON SIP BASED VOIP-NETWORKS]I
ACKNOWLEDGEMENTII
DECLARATIONIII
ABSTRACTIV
TABLE OF CONTENTSV
CHAPTER 1: INTRODUCTION1
Background of the study1
Problem Statement1
Research Aims and Objectives2
Significance of the Study3
Project Objectives3
Rationale/ Nature of the study4
Hypothesis/Research Question5
Limitations of VOIP6
CHAPTER 2: LITERATURE REVIEW7
Using an ATA:10
Using an IP Phone:10
VoIP joining directly:11
Advantages of VoIP11
Lower costs:11
VoIP-network:12
H.235v2 (November 2000)12
H.235v313
Session Initiation Protocol (SIP)13
VoIP Infrastructure Risks13
VoIP Infrastructure Risks14
SIP Vulnerabilities15
Hijack registration15
Impersonation of server15
Message body exploitation16
Risks within the instruction of the VoIP Service16
IP phone hijacking16
Modification of reporting data16
Phone backed DDoS17
Change caller ID17
Identity theft17
Session hijacking17
Insertion of content17
VoIP Availability, Confidentiality and Integrity18
Countermeasures indoor the VoIP-network19
Physical security19
Encryption of traffic19
Segmentation19
Duplicate TCP/IP services19
Filter traffic19
Separation of traffic20
Deployment of appeal for vocation aware filters20
Signal and Voice Paths20
Voice and Video Transmission in VoIP21
SIP as the Signalling Protocol22
Sip-network safety measures24
CHAPTER 3: METHODOLOGY31
The Method to Be Employed by the Project31
Data Collection and Analysis32
How the Method of the Project to be Illustrated Validated or Evaluated32
Resource Requirements34
Risk Management Strategy35
CHAPTER 4: DISCUSSION AND ANALYSIS37
Password and Access Controls37
Encryption37
Authentication and Authorization39
Strict Routing40
Security answers for SIP management42
CHAPTER 5: CONCLUSION46
REFERENCES47
Chapter 1: Introduction
Background of the study
In this age of information communication, Voice over Internet Protocol (VOIP) has taken the major portion of the interactions and it is dominating in modern daily life. In the future, VOIP will be going to dominate our lives. The basic infrastructure for conventional VoIP-network is fiber optic data cable.
There are basically 3 methods through which VOIP technology can be fixed to make phone calls:
Using ATA (Analogue Telephone adapter) - It Uses Ethernet jack for connecting analogue telephone to VoIP-network. It often implies SIP protocol.
Using an IP phone It uses Ethernet port for directly connecting IP phone to the VOIP server.
VOIP connecting directly
Problem Statement
The most employed migration strategy from PSTN to Universal Mobile Telecommunication Systems (UMTS) is through ...