On VoIP security Technology of voice transmission in IP network
Source: Internet
Author: User
KeywordsSecurity VOIP
Voice Transmission (VoIP) technology based on IP network has developed into a special voice communication technology, and its application is more and more wide. But the study found that, in addition to quality of service issues, security issues are the Chief Technology Officer (CIO) in making VoIP decisions to focus on the content. In reality, many customers say that the security situation does not meet the enterprise's application standards is the reason they do not want to deploy VoIP for the time being. Currently, VoIP faces 4 security issues: Denial of service (DoS) attacks, illegal access, charges fraud or eavesdropping threats. The findings from market research institutes show that service providers in the region are spending far less on VoIP security than in the US and Europe. Asia-Pacific service providers are expected to spend less than $33 million on VoIP security in 2005, while all regions outside the region will spend $83.6 million, and the gap will increase further, In 2008, the region is expected to spend about $170 million trillion, while the total expenditure in other parts of the Asia-Pacific region will exceed $370 million trillion. This gap shows the current Asia-Pacific region's lack of awareness of VoIP security. The VoIP Security Alliance (VOIPSA) is an open organization designed to enhance public awareness of the security and confidentiality of VoIP, to identify, understand, and avoid risks associated with cybersecurity, and to focus on research and education in IP security. Its membership is very broad, including manufacturers, business providers, researchers and consultants. Its main activities are discussion lists, white papers, support for VoIP security research projects, and the development of tools and methodologies for public use, providing more comprehensive security concepts, security products, solutions, and management standards for VoIP. The two initial targets proposed in February 2005 were the development of threat classifications (threat taxonomy) and the definition of security requirements. In the near future, it is working to draft the security measures required for VoIP networks and the related file of threat patterns. The technical features of broadband telephone and the security threats it faces broadband telephony is based on broadband access, is currently the main commercial form of VoIP, its security is based on broadband access security. Broadband telephony is popular with the popularity of broadband access. Broadband access as a gradual mainstream of internet access, through different channels, in a coaxial cable or fiber to carry a number of independent channels, there is the use of cable modem (cable modem), Digital Subscriber Line (DSL) or optical fiber access mode, the rate is generally more than 1 Mbit, It has the characteristics of fixed connection address and high transmission rate. Since broadband services are generally provided on a monthly basis, smart terminals such as user PCs are permanently connected to the network, meaning that they are always online and are at risk of intrusions and attacks. Broadband connection, on the one hand, in time to provide hackers with the opportunity to try to attack, on the other hand, permanent connection often use fixed IP address, fixed target,Increases the chance of a successful attack. And because of the intelligence of the terminal function, the richness of the information content, once the hacker controls the system, they can not only steal the sensitive information, destroy the file, even use it as the springboard to launch the attack on other sites and carry on the network attack. Network security directly affects the security of broadband phones. The development and progress of information technology exceeds the actual security demand, especially for broadband telephony. At present, there is no specific attack threat to mainstream or commercial VoIP, but the threat is only a matter of time. While VoIP threats are no more severe than other Web applications, it is more critical to ensure security, which is determined by the characteristics of VoIP. For example, VoIP generally requires more than web browsing and e-mail connections, streaming media connectivity is dynamic, so security requirements more complex. Broadband networks are threatened by viruses, spam, denial of service attacks, and VoIP faces the most dangerous threats, such as call tracking, call hijacking, and eavesdropping, as well as security and privacy issues that are different from other Internet applications. Both attacks pose a risk to the security of broadband phones. Broadly speaking, the target of the broadband phone attack may be the exchange of information between the parties on the phone call, the identity of the caller and the person being called, the IP Phone function entity, the IP telephony network element, and the server, host, etc. Analysis of the security vulnerability of broadband telephone 1.IP packet network itself as an open network of vulnerable IP packet Communication network, its inherent security vulnerability of the data network, including: • Sniffer packet voice monitoring; Network identity spoofing, free use of services; Packet manipulation terminated business; User account and device spoofing, which is related to the database and IP address of the access network; Damage the integrity of the network, modify the database or replication equipment, so that voice network congestion or control; Other security threats, including the disclosure of end-user privacy, and new security challenges include intercepting, modifying call control (such as SIP) packets, or even changing the destination address and call connection of the packet. The performance of IP packet network can not reach the level of circuit switching network, and its network security fragility increases the security risk of broadband telephone. Because from the perspective of risk management, if the data network operating VoIP business suffers, the company will face the risk of losing voice and data communication at the same time, the security threat of the original data network business is extended to two systems. 2.VoIP security attack threats that require special attention in VoIP environments include: • Denial of service (DoS) attacks, such as IP telephony, VoIP gateways (SIP proxies), and other endpoints that may be attacked by SYN or ICMP packets, causing communications to be interrupted to provide a normal broadband telephony service. · Call interception: Voice or real-time Transfer Protocol (RTP) packets are subject to unauthorized tracking. • Signaling protocol tampering: As with call interception, a malicious user can monitor and tamper with a packet that is transmitted after a call is made, modify the domain in the data stream, and make the VoIP callDo not use VoIP phones, or they can make higher-rate calls (such as international calls) so that PBX thinks the call is from another user. • State theft: Fake legitimate users send and receive data. • Fee spoofing: A malicious user or intruder calls a deceptive phone. • Call processing operating system: Many call-processing software for PBX systems are based on operating system or operating system components, which may be unsafe. For example, Web configuration tools that use Microsoft IIS as PBX can introduce significant security vulnerabilities in VoIP environments. (Responsible editor: ZHAOHB) to force (0 Votes) Tempted (0 Votes) nonsense (0 Votes) Professional (0 Votes) The title party (0 Votes) passing (0 Votes) The original text: Analysis of IP network voice transmission VoIP security technology return to network security home
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.