Vulnerabilities and Security Limitations of current IP Telephony Systems
نویسندگان
چکیده
Within the traditional telephone system a certain level of quality and security has been established over the years. If we try to use IP Telephony systems as a core part of our future communication infrastructure (e.g. as classical PBX enhancement or replacement) continuous high availability, stable and error-free operation and the protection of the privacy of the spoken word are challenges, that definitely have to be met. Since manufacturers start deploying new end systems and infrastructure components rather fast now a critical inspection of their security features and vulnerabilities is mandatory. The critical presentation of the theoretical background of certain vulnerabilities, testing and attacking tools and the evaluation results reveals, that well-known security flaws become part of implementations in the new application area again and the security level of a number of examined solutions is rather insufficient.
منابع مشابه
A Survey of Requirements and Standardization Efforts for IP-Telephony-Security
Security as a dimension of trustworthiness in IP-Telephony systems and protocols is a main condition for the commercial success of IP-Telephony. In this work, we present a survey of security requirements and show how various standardization efforts address these requirements. We describe the basic tasks and elements of IP-Telephony systems and compare them to Telephony via PSTNs to derive some ...
متن کاملa look at VoIP vulnerabilities
Angelos Keromytis is an associate professor with the Department of Computer Science at Columbia University and head of the Network Security Lab. He is interested in all aspects of systems and network security. He received his Ph.D. from the University of Pennsylvania and his B.Sc. from the University of Crete. v o I c e o v e r I p ( v o I p ) a n d I n t e r n e t Multimedia Subsystem (IMS) te...
متن کاملVoice over IP: Risks, Threats and Vulnerabilities
Voice over IP (VoIP) and Internet Multimedia Subsystem (IMS) technologies are rapidly being adopted by consumers, enterprises, governments and militaries. These technologies offer higher flexibility and more features than traditional telephony (PSTN) infrastructures, as well as the potential for lower cost through equipment consolidation and, for the consumer market, new business models. Howeve...
متن کاملSecurity in Mobile Telephony: The Security Levels in the Different Handy Generations
In mobile telephony, there are several vulnerabilities like interception, fabrication, and denial of services. Security aspects have been improved in every new generation of mobile system. This seminar paper explains security in each generation and discusses how security is ensured in mobile telephony. This paper was written for the Security Computer Systems course held by Björn Victor at the U...
متن کاملSecurity testing of session initiation protocol implementations
The mechanisms which enable the vast majority of computer attacks are based on design and programming errors in networked applications. The growing use of voice over IP (VOIP) phone technology makes these phone applications potential targets. We present a tool to perform security testing of VOIP applications to identify security vulnerabilities which can be exploited by an attacker. Session Ini...
متن کامل