Security Enhancements in Voice Over Ip Networks

Voice delivery over IP networks including VoIP (Voice over IP) and VoLTE (Voice over LTE) are emerging as the alternatives to the conventional public telephony networks. With the growing number of subscribers and the global integration of 4/5G by operations, VoIP/VoLTE as the only option for voice delivery becomes an attractive target to be abused and exploited by malicious attackers. This dissertation aims to address some of the security challenges in VoIP/VoLTE. When we examine the past events to identify trends and changes in attacking strategies, we find that spam calls, caller-ID spoofing, and DoS attacks are the most imminent threats to VoIP deployments. Compared to email spam, voice spam will be much more obnoxious and time consuming nuisance for human subscribers to filter out. Since the threat of voice spam could become as serious as email spam, we first focus on spam detection and propose a content-based approach to protect telephone subscribers\u27 voice mailboxes from voice spam. Caller-ID has long been used to enable the callee parties know who is calling, verify his identity for authentication and his physical location for emergency services. VoIP and other packet switched networks such as all-IP Long Term Evolution (LTE) network provide flexibility that helps subscribers to use arbitrary caller-ID. Moreover, interconnecting between IP telephony and other Circuit-Switched (CS) legacy telephone networks has also weakened the security of caller-ID systems. We observe that the determination of true identity of a calling device helps us in preventing many VoIP attacks, such as caller-ID spoofing, spamming and call flooding attacks. This motivates us to take a very different approach to the VoIP problems and attempt to answer a fundamental question: is it possible to know the type of a device a subscriber uses to originate a call? By exploiting the impreciseness of the codec sampling rate in the caller\u27s RTP streams, we propose a fuzzy rule-based system to remotely identify calling devices. Finally, we propose a caller-ID based public key infrastructure for VoIP and VoLTE that provides signature generation at the calling party side as well as signature verification at the callee party side. The proposed signature can be used as caller-ID trust to prevent caller-ID spoofing and unsolicited calls. Our approach is based on the identity-based cryptography, and it also leverages the Domain Name System (DNS) and proxy servers in the VoIP architecture, as well as the Home Subscriber Server (HSS) and Call Session Control Function (CSCF) in the IP Multimedia Subsystem (IMS) architecture. Using OPNET, we then develop a comprehensive simulation testbed for the evaluation of our proposed infrastructure. Our simulation results show that the average call setup delays induced by our infrastructure are hardly noticeable by telephony subscribers and the extra signaling overhead is negligible. Therefore, our proposed infrastructure can be adopted to widely verify caller-ID in telephony networks

Wiretap-proof: What They Hear is Not What You Speak, and What You Speak They Do Not Hear

It has long been believed that once the voice media between caller and callee is captured or sniffed from the wire, either legally by law enforcement agencies or illegally by hackers through eavesdropping on communication channels, it is easy to listen into their conversation. In this paper, we show that this common perception is not always true. Our real-world experiments demonstrate that it is feasible to create a hidden telephonic conversation within an explicit telephone call. In particular, we propose a real-time covert communication channel within two-way media streams established between caller and callee. The real-time covert channel is created over the media stream that may possibly be monitored by eavesdroppers. However, the properly encoded media stream acts as a cover (or decoy) carrying bogus media such as an earlier recorded voice conversation. This spurious content will be heard if the media stream is intercepted and properly decoded. However, the calling and called parties protected by the covert communication channel can still directly talk to each other in privacy and real-time, just like any other normal phone calls. This work provides an additional security layer against media interception attacks, however it also exposes a serious security concern to CALEA (Communications Assistance for Law Enforcement Act) wiretapping and its infrastructure

Evaluation and Comparison of the Position of the Apical Constriction in Single-root and Multiple-root Teeth

Introduction: Precise knowledge of the location of the apical constriction is essential to root canal treatment and long-term prognosis. Considering the differences in the apical constriction and size of the roots in single- and multiple-root teeth in various races, examination and comparison of the location of the apical constriction in single-root and multiple-root teeth are of paramount importance. The present studies aimed to measure and compare the distance of the apical constriction from the apical foramen and anatomical apex in single-root and multiple-root teeth. Materials and Methods: In this cross-sectional study, 60 roots of single-rooted teeth and 60 roots of multiple-rooted teeth were collected from the patients referring to the health centers in Isfahan, Iran. After cleansing and disinfecting the surface of the roots, the surface of the teeth was washed with hypochlorite. Based on the direction of the apical foramen, a longitudinal cut was made in the same direction, and the roots were examined microscopically at the magnification of 25. Following that, the distance of the apical constriction from the apical foramen and anatomical apex was measured using a digital camera. In addition, mean and standard deviation of the obtained distance values were determined. Distances in the single-root and multiple-root teeth were compared using independent t-test, at the significance level of Results: Mean distance between the apical constriction and apical foramen was 0.86±0.33 mm in the single-root teeth and 0.072±0.27 mm in the multiple-root teeth. Mean distance between the apical constriction and anatomical apex was 1.14±0.36 mm in the single-root teeth and 1.03±0.36 mm in the multiple-root teeth. Moreover, the results of independent t-test showed the distance of the apical constriction from the apical foramen to be significant between single-root and multiple-rooted teeth (P=0.013). However, the distance between the apical constriction and anatomical apex was not considered significant in single-root and multiple-root teeth (P=0.095). Conclusion: According to the results, the termination of root canal treatment should be 0.86 and 0.024 mm shorter than the apical foramen, while it should be 1.14 and 1.03 mm shorter than the anatomical apex in single-root and multiple-root teeth, respectively