A Comprehensive Survey of Voice over IP Security Research

We present a comprehensive survey of Voice over IP security academic research, using a set of 245 publications forming a closed cross-citation set. We classify these papers according to an extended version of the VoIP Security Alliance (VoIPSA) Threat Taxonomy. Our goal is to provide a roadmap for researchers seeking to understand existing capabilities and to identify gaps in addressing the numerous threats and vulnerabilities present in VoIP systems. We discuss the implications of our findings with respect to vulnerabilities reported in a variety of VoIP products. We identify two specific problem areas (denial of service, and service abuse) as requiring significant more attention from the research community. We also find that the overwhelming majority of the surveyed work takes a black box view of VoIP systems that avoids examining their internal structure and implementation. Such an approach may miss the mark in terms of addressing the main sources of vulnerabilities, i.e., implementation bugs and misconfigurations. Finally, we argue for further work on understanding cross-protocol and cross-mechanism vulnerabilities (emergent properties), which are the byproduct of a highly complex system-of-systems and an indication of the issues in future large-scale systems

Security for Decentralised Service Location - Exemplified with Real-Time Communication Session Establishment

Decentralised Service Location, i.e. finding an application communication endpoint based on a Distributed Hash Table (DHT), is a fairly new concept. The precise security implications of this approach have not been studied in detail. More importantly, a detailed analysis regarding the applicability of existing security solutions to this concept has not been conducted. In many cases existing client-server approaches to security may not be feasible. In addition, to understand the necessity for such an analysis, it is key to acknowledge that Decentralised Service Location has some unique security requirements compared to other P2P applications such as filesharing or live streaming. This thesis concerns the security challenges for Decentralised Service Location. The goals of our work are on the one hand to precisely understand the security requirements and research challenges for Decentralised Service Location, and on the other hand to develop and evaluate corresponding security mechanisms. The thesis is organised as follows. First, fundamentals are explained and the scope of the thesis is defined. Decentralised Service Location is defined and P2PSIP is explained technically as a prototypical example. Then, a security analysis for P2PSIP is presented. Based on this security analysis, security requirements for Decentralised Service Location and the corresponding research challenges -- i.e. security concerns not suitably mitigated by existing solutions -- are derived. Second, several decentralised solutions are presented and evaluated to tackle the security challenges for Decentralised Service Location. We present decentralised algorithms to enable availability of the DHTs lookup service in the presence of adversary nodes. These algorithms are evaluated via simulation and compared to analytical bounds. Further, a cryptographic approach based on self-certifying identities is illustrated and discussed. This approach enables decentralised integrity protection of location-bindings. Finally, a decentralised approach to assess unknown identities is introduced. The approach is based on a Web-of-Trust model. It is evaluated via prototypical implementation. Finally, the thesis closes with a summary of the main contributions and a discussion of open issues

TLS Adaptation for Virtualized Border Gateway

WiFi radio access technology is being adopted as a part of the current small cell solutions of mobile networks. Any WiFi network with Internet connectivity can be used by the mobile device to access packet-based LTE services like voice calling and instant messaging. This service traffic is strictly confidential and needs to be protected with encryption when an untrusted access, i.e., a public hotspot access, is used. This new scenario requires a new network element that terminates the encrypted service connection. For Nokia Networks this element is called the Border Gateway. At the same time the telecommunications industry is moving towards cloud computing so network elements are being virtualized to operate on virtual machines running in the cloud instead of the current embedded systems. This thesis begins by discussing the current industry landscape and how both the WiFi small cells and the cloud-based network infrastructure are partly answering the problem of rapidly growing mobile data consumption. The focus of the thesis is studying the capabilities of the Border Gateway on the context of non-real-time service traffic encryption, with an emphasis on the virtualized platform. Also a general network security related validation is performed, as this element exists for providing security features. The virtualized Border Gateway proved to be ten times more capable than the original embedded system, because the current x86-based processors used in the cloud offer significantly more performance than the digital signal processors in the embedded system. The fact that the Unix operating system and related software in the cloud are mostly open source, proved that security related testing only needed to be performed on the embedded platform, as there the platform software is closed-source and not already verified by the masses

High availability of busines voice communications

Zaradi zahtevnega konkurenčnega trga, kjer ima visoka razpoložljivost prednost pred konkurenco, je omogočanje redundance poslovnih govornih sistemov ena izmed metod za doseganje večje stabilnosti in zanesljivosti operaterjev VoIP. Zato sem se odločil, da na podlagi predznanja ter razumevanja problematike, omogočim in vpeljem operaterski sistem zaznavanja izpada povezave (signalizacije), kakor tudi zaznavanje prezasedenosti govornih kanalov. S tem lahko omogočim brezprekinitveno delovanje vseh podvojenih poslovnih sistemov, kar je dandanes na tržišču precejšnja konkurenčna prednost. S tehničnega stališča sem se pri tem problemu oprl na robnega nadzornika sej, ki preko namensko določenih protokolov uravnava usmerjanje signalizacije SIP do končne točke vpetja sistema VoIP. Potrebno je bilo namreč razviti logiko, ki pri prekinitvi signala zazna izpad linije ter slednjega preusmeri na podvojeno povezavo. Kakor bomo videli v nadaljevanju, je prednost tovrstnega sistema predvsem avtomatizirano ohranjanje številčnega prostora, možnost ohranjanja naslovnega prostora IP, kapacitet linije in najpomembneje, ohranitev aktivne zveze.Due to the challenging and competitive market where high availability conquer the competition, redundancy for business voice systems is one of the methods for achieving greater stability and reliability of VoIP operators. Therefore I decided to enable and implement operating system signalisation failure detection, as well as the detection of congestion for voice channels that basis of prior knowledge and understanding of the problem. This can enable uninterrupted operation of all duplicate operating system, which is now commercially significant competitive advantage. From a technical point of view of this problem I relay on the session border controller (SBC), which via a dedicated set of protocols controls the routing of SIP signaling endpoints to VoIP system. It was necessary to develop the logic how to divert the interruption of the signal detected by the loss of the line to the fallback system. As is seen below, the advantage of such a system is particularly automated conservation of numbering plan, the possibility of preserving the IP address, voice channels and most important, leaving active voice line uninterupted

Prospects of peer-to-peer SIP for mobile operators

Tämän diplomityön tarkoituksena on esitellä kehitteillä oleva Peer-to-Peer Session Initiation Protocol (P2PSIP), jonka avulla käyttäjät voivat itsenäisesti ja helposti luoda keskenään puhe- ja muita multimediayhteyksiä vertaisverkko-tekniikan avulla. Lisäksi tarkoituksena on arvioida P2PSIP protokollan vaikutuksia ja mahdollisuuksia mobiilioperaattoreille, joille sitä voidaan pitää uhkana. Tästä huolimatta, P2PSIP:n ei ole kuitenkaan tarkoitus korvata nykyisiä puhelinverkkoja. Työn alussa esittelemme SIP:n ja vertaisverkkojen (Peer-to-Peer) periaatteet, joihin P2PSIP-protokollan on suunniteltu perustuvan. SIP mahdollistaa multimedia-istuntojen luomisen, sulkemisen ja muokkaamisen verkossa, mutta sen monipuolinen käyttö vaatii keskitettyjen palvelimien käyttöä. Vertaisverkon avulla käyttäjät voivat suorittaa keskitettyjen palvelimien tehtävät keskenään hajautetusti. Tällöin voidaan ylläpitää laajojakin verkkoja tehokkaasti ilman palvelimista aiheutuvia ylläpito-kustannuksia. Mobiilioperaattorit ovat haasteellisen tilanteen edessä, koska teleliikennemaailma on muuttumassa yhä avoimemmaksi. Tällöin operaattoreiden asiakkaille aukeaa mahdollisuuksia käyttää kilpailevia Internet-palveluja (kuten Skype) helpommin ja tulevaisuudessa myös itse muodostamaan kommunikointiverkkoja P2PSIP:n avulla. Tutkimukset osoittavat, että näistä uhista huolimatta myös operaattorit pystyvät näkemään P2PSIP:n mahdollisuutena mukautumisessa nopeasti muuttuvan teleliikennemaailman haasteisiin. Nämä mahdollisuudet sisältävät operaattorin oman verkon optimoinnin lisäksi vaihtoehtoisten ja monipuolisempien palveluiden tarjoamisen asiakkailleen edullisesti. Täytyy kuitenkin muistaa, että näiden mahdollisuuksien toteuttamisten vaikutusten ei tulisi olla ristiriidassa operaattorin muiden palveluiden kanssa. Lisäksi tulisi muistaa, että tällä hetkellä keskeneräisen P2PSIP-standardin lopullinen luonne ja ominaisuudet voivat muuttaa sen vaikutuksia.The purpose of this thesis is to present the Peer-to-Peer Session Initiation Protocol (P2PSIP) being developed. In addition, the purpose of this thesis is to evaluate the impacts and prospects of P2PSIP to mobile operators, to whom it can be regarded as a threat. In P2PSIP, users can independently and easily establish voice and other multimedia connections using peer-to-peer (P2P) networking. However, P2PSIP is not meant to replace the existing telephony networks of the operators. We start by introducing the principles of SIP and P2P networking that the P2PSIP is intended to use. SIP enables to establish, terminate and modify multimedia sessions, but its versatile exploitation requires using centralized servers. By using P2P networking, users can decentralize the functions of centralized servers by performing them among themselves. This enables to maintain large and robust networks without maintenance costs resulted of running such centralized servers. Telecommunications market is transforming to a more open environment, where mobile operators and other service providers are challenged to adapt to the upcoming changes. Subscribers have easier access to rivalling Internet-services (such as Skype) and in future they can form their own communication communities by using P2PSIP. The results show that despite of these threats, telecom operators can find potential from P2PSIP in concurrence in adaptation to the challenges of the rapidly changing telecom environment. These potential roles include optimization of the network of the operator, but as well roles to provide alternative and more versatile services to their subscribers at low cost. However, the usage of P2PSIP should not conflict with the other services of the operator. Also, as P2PSIP is still under development, its final nature and features may change its impacts and prospects

Internet traffic classification for high-performance and off-the-shelf systems

Tesis doctoral inédita, leída en la Universidad Autónoma de Madrid, Escuela Politécnica Superior, Departamento de Tecnología Electrónica y de las Comunicaciones, 2013

On SIP Server Clusters and the Migration to Cloud Computing Platforms

This thesis looks in depth at telephony server clusters, the modern switchboards at the core of a packet-based telephony service. The most widely used de facto standard protocols for telecommunications are the Session Initiation Protocol (SIP) and the Real Time Protocol (RTP). SIP is a signaling protocol used to establish, maintain, and tear down communication channel between two or more parties. RTP is a media delivery protocol that allows packets to carry digitized voice, video, or text. SIP telephony server clusters that provide communications services, such as an emergency calling service, must be scalable and highly available. We evaluate existing commercial and open source telephony server clusters to see how they differ in scalability and high availability. We also investigate how a scalable SIP server cluster can be built on a cloud computing platform. Elasticity of resources is an attractive property for SIP server clusters because it allows the cluster to grow or shrink organically based on traffic load. However, simply deploying existing clusters to cloud computing platforms is not good enough to take full advantage of elasticity. We explore the design and implementation of clusters that scale in real-time. The database tier of our cluster was modified to use a scalable key-value store so that both the SIP proxy tier and the database tier can scale separately. Load monitoring and reactive threshold-based scaling logic is presented and evaluated. Server clusters also need to reduce processing latency. Otherwise, subscribers experience low quality of service such as delayed call establishment, dropped calls, and inadequate media quality. Cloud computing platforms do not guarantee latency on virtual machines due to resource contention on the same physical host. These extra latencies from resource contention are temporary in nature. Therefore, we propose and evaluate a mechanism that temporarily distributes more incoming calls to responsive SIP proxies, based on measurements of the processing delay in proxies. Availability of SIP server clusters is also a challenge on platforms where a node may fail anytime. We investigated how single component failures in a cluster can lead to a complete system outage. We found that for single component failures, simply having redundant components of the same type are enough to mask those failures. However, for client-facing components, smarter clients and DNS resolvers are necessary. Throughout the thesis, a prototype SIP proxy cluster is re-used, with variations in the architecture or configuration, to demonstrate and address issues mentioned above. This allows us to tie all of our approaches for different issues into one coherent system that is dynamically scalable, is responsive despite latency varations of virtual machines, and is tolerant of single component failures in cloud platforms

Creation of value with open source software in the telecommunications field

Tese de doutoramento. Engenharia Electrotécnica e de Computadores. Faculdade de Engenharia. Universidade do Porto. 200

SECURITY MEASUREMENT FOR LTE/SAE NETWORK DURING SINGLE RADIO VOICE CALL CONTINUITY (SRVCC).

Voice has significant place in mobile communication networks. Though data applications have extensively gained in importance over the years but voice is still a major source of revenue for mobile operators. It is obvious that voice will remain an important application even in the era of Long Term Evolution (LTE). Basically LTE is an all-IP data-only transport technology using packet switching. Therefore, it introduces challenges to satisfy quality of service expectations for circuit-switched mobile telephony and SMS for LTE capable smartphones, while being served on the LTE network. Since 2013, mobile operators have been busy deploying Voice Over LTE (VoLTE). They are relying on a VoLTE technology called Single Radio Voice Call Continuity (SRVCC) for seamless handover between packet-switch domain to circuit-switch domain or vice versa. The aim of thesis is to review and identify the security measurement during SRVCC and verify test data for ciphering and integrity algorithm.fi=Opinnäytetyö kokotekstinä PDF-muodossa.|en=Thesis fulltext in PDF format.|sv=Lärdomsprov tillgängligt som fulltext i PDF-format

System and Methods for Detecting Unwanted Voice Calls

Voice over IP (VoIP) is a key enabling technology for the migration of circuit-switched PSTN architectures to packet-based IP networks. However, this migration is successful only if the present problems in IP networks are addressed before deploying VoIP infrastructure on a large scale. One of the important issues that the present VoIP networks face is the problem of unwanted calls commonly referred to as SPIT (spam over Internet telephony). Mostly, these SPIT calls are from unknown callers who broadcast unwanted calls. There may be unwanted calls from legitimate and known people too. In this case, the unwantedness depends on social proximity of the communicating parties. For detecting these unwanted calls, I propose a framework that analyzes incoming calls for unwanted behavior. The framework includes a VoIP spam detector (VSD) that analyzes incoming VoIP calls for spam behavior using trust and reputation techniques. The framework also includes a nuisance detector (ND) that proactively infers the nuisance (or reluctance of the end user) to receive incoming calls. This inference is based on past mutual behavior between the calling and the called party (i.e., caller and callee), the callee's presence (mood or state of mind) and tolerance in receiving voice calls from the caller, and the social closeness between the caller and the callee. The VSD and ND learn the behavior of callers over time and estimate the possibility of the call to be unwanted based on predetermined thresholds configured by the callee (or the filter administrators). These threshold values have to be automatically updated for integrating dynamic behavioral changes of the communicating parties. For updating these threshold values, I propose an automatic calibration mechanism using receiver operating characteristics curves (ROC). The VSD and ND use this mechanism for dynamically updating thresholds for optimizing their accuracy of detection. In addition to unwanted calls to the callees in a VoIP network, there can be unwanted traffic coming into a VoIP network that attempts to compromise VoIP network devices. Intelligent hackers can create malicious VoIP traffic for disrupting network activities. Hence, there is a need to frequently monitor the risk levels of critical network infrastructure. Towards realizing this objective, I describe a network level risk management mechanism that prioritizes resources in a VoIP network. The prioritization scheme involves an adaptive re-computation model of risk levels using attack graphs and Bayesian inference techniques. All the above techniques collectively account for a domain-level VoIP security solution