International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

A Closer Look on Challenges and Security Risks of Voice Over Internet Protocol Infrastructures

  • Omari, Ahmed H. Al (Department of Computer Science, Collage of Science, Northern Border University) ;
  • Alsariera, Yazan A. (Department of Computer Science, Collage of Science, Northern Border University) ;
  • Alhadawi, Hussam S. (Department of Computer Techniques Engineering, Dijlah University College) ;
  • Albawaleez, Mahmoud A. (Deanship of Information Technology, Northern Border University) ;
  • Alkhliwi, Sultan S. (Department of Computer Science, Collage of Science, Northern Border University)
  • Received : 2022.02.05
  • Published : 2022.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Voice over Internet Protocol (VoIP) has grown in popularity as a low-cost, flexible alternative to the classic public switched telephone network (PSTN) that offers advanced digital features. However, additional security vulnerabilities are introduced by the VoIP system's flexibility and the convergence of voice and data networks. These additional challenges add to the normal security challenges that a VoIP system's underlying IP data network infrastructure confront. As a result, the VoIP network adds to the complexity of the security assurance task faced by businesses that use this technology. It's time to start documenting the many security risks that a VoIP infrastructure can face, as well as analyzing the difficulties and solutions that could help guide future efforts in research & development. We discuss and investigate the challenges and requirements of VoIP security in this research. Following a thorough examination of security challenges, we concentrate on VoIP system threats, which are critical for present and future VoIP deployments. Then, towards the end of this paper, some future study directions are suggested. This article intends to guide future scholars and provide them with useful guidance.

Keywords

Acknowledgement

The work reported in this study is funded by the Deanship of Research for the project No.: SCI-2018-3-9-7572, from the Northern Border University (NBU), KSA. We thank NBU for the contribution and support. Additionally, the first author would like to thank NBU for its invaluable supports to this study.

References

  1. Chakraborty, T., I.S. Misra, and R. Prasad, Overview of VoIP Technology, in VoIP Technology: Applications and Challenges. 2019, Springer. p. 1-24.
  2. Prasad, J.K. and B.A. Kumar. Analysis of SIP and realization of advanced IP-PBX features. in 2011 3rd International Conference on Electronics Computer Technology. 2011. IEEE.
  3. Shin, D.-H., What makes consumers use VoIP over mobile phones? Free riding or consumerization of new service. Telecommunications Policy, 2012. 36(4): p. 311-323. https://doi.org/10.1016/j.telpol.2012.01.004
  4. Akinbami, J., S. Virtanen, and P. Sainio, Developing Best Practices for Securing VoIP Communication for a non-profit Organization. 2018.
  5. Martin, M.V., P.C. Hung, and A. Brown, Security Issues of VoIP, in VoIP Handbook. 2018, CRC Press. p. 379-400.
  6. Chakraborty, T., I.S. Misra, and R. Prasad, VoIP Technology: Applications and Challenges. 2019: Springer.
  7. Dwivedi, H., Hacking VoIP: protocols, attacks, and countermeasures. 2009: No Starch Press.
  8. Dantu, R., et al., Issues and challenges in securing VoIP. computers & security, 2009. 28(8): p. 743-753. https://doi.org/10.1016/j.cose.2009.05.003
  9. Sarker, Z., et al., RTP Control Protocol (RTCP) Feedback for Congestion Control. Internet RFC, 2021(8888).
  10. Kumar, V. and O.P. Roy. Security and Challenges in Voice over Internet Protocols: A Survey. in IOP Conference Series: Materials Science and Engineering. 2021. IOP Publishing.
  11. Ahmed, H.A.S., N. Sulaiman, and M.N. Mohammed, Performance Analysis of VoIP Quality of Service in IPv4 and IPv6 environment. International Journal of Digital Content Technology and its Applications, 2014. 8(2): p. 40.
  12. Kolhar, M., A. Alameen, and M. Gulam, Performance evaluation of framework of VoIP/SIP server under virtualization environment along with the most common security threats. Neural Computing and Applications, 2018. 30 (9): p. 2873-2881. https://doi.org/10.1007/s00521-017-2886-y
  13. Kumar, V. and O. Roy, Reliability and security analysis of VoIP communication systems, in Rising Threats in Expert Applications and Solutions. 2021, Springer. p. 687-693.
  14. Anderson, R., et al., Measuring the changing cost of cybercrime. 2019.
  15. Alabdan, R., Phishing attacks survey: types, vectors, and technical approaches. Future Internet, 2020. 12(10): p. 168. https://doi.org/10.3390/fi12100168
  16. Iqbal, M.S., et al., Development of origin-destination matrices using mobile phone call data. Transportation Research Part C: Emerging Technologies, 2014. 40: p. 63-74. https://doi.org/10.1016/j.trc.2014.01.002
  17. Rathore, M.M., et al., Exploiting encrypted and tunneled multimedia calls in high-speed big data environment. Multimedia Tools and Applications, 2018. 77(4): p. 4959-4984. https://doi.org/10.1007/s11042-017-4393-7
  18. Zhang, R., et al., Billing Attacks on SIP-Based VoIP Systems. WOOT, 2007. 7: p. 1-8.
  19. Naeem, M.M., I. Hussain, and M.M.S. Missen, A survey on registration hijacking attack consequences and protection for Session Initiation Protocol (SIP). Computer Networks, 2020. 175: p. 107250. https://doi.org/10.1016/j.comnet.2020.107250
  20. Malik, J.K. and S. Choudhury, A Brief review on Cyber Crime-Growth and Evolution. Pramana Research Journal, 2019. 9(3): p. 242.
  21. Sheoran, A., et al. NASCENT: Tackling caller-ID spoofing in 4G networks via efficient network-assisted validation. in IEEE INFOCOM 2019-IEEE Conference on Computer Communications. 2019. IEEE.
  22. Sahin, M., et al. Sok: Fraud in telephony networks. in 2017 IEEE European Symposium on Security and Privacy (EuroS&P). 2017. IEEE.
  23. Ahson, S.A. and M. Ilyas, SIP Security: Threats, Vulnerabilities and Countermeasures, in SIP Handbook. 2018, CRC Press. p. 453-474.
  24. Mullet, V., P. Sondi, and E. Ramat, A Review of Cybersecurity Guidelines for Manufacturing Factories in Industry 4.0. IEEE Access, 2021. 9: p. 23235-23263. https://doi.org/10.1109/ACCESS.2021.3056650
  25. Jang-Jaccard, J. and S. Nepal, A survey of emerging threats in cybersecurity. Journal of Computer and System Sciences, 2014. 80(5): p. 973-993. https://doi.org/10.1016/j.jcss.2014.02.005
  26. Conti, M., N. Dragoni, and V. Lesyk, A survey of man in the middle attacks. IEEE Communications Surveys & Tutorials, 2016. 18(3): p. 2027-2051. https://doi.org/10.1109/COMST.2016.2548426
  27. Geneiatakis, D., et al., Survey of security vulnerabilities in session initiation protocol. IEEE Communications Surveys & Tutorials, 2006. 8(3): p. 68-81. https://doi.org/10.1109/COMST.2006.253270
  28. Ehlert, S., D. Geneiatakis, and T. Magedanz, Survey of network security systems to counter SIP-based denial-of-service attacks. computers & security, 2010. 29(2): p. 225-243. https://doi.org/10.1016/j.cose.2009.09.004
  29. Coulibaly, E. and L.H. Liu. Security of Voip networks. in 2010 2nd International Conference on Computer Engineering and Technology. 2010. IEEE.
  30. Simonson, E.L. and B. McDaniel, Protecting the Telephone System Against Toll Fraud, in The Network Manager's Handbook. 2021, Auerbach Publications. p. 305-318.
  31. Chakraborty, T., I.S. Misra, and R. Prasad, VoIP over wireless LANs-Prospects and challenges, in VoIP Technology: Applications and Challenges. 2019, Springer. p. 71-93.
  32. Butcher, D., X. Li, and J. Guo, Security challenge and defense in VoIP infrastructures. IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews), 2007. 37(6): p. 1152-1162. https://doi.org/10.1109/TSMCC.2007.905853
  33. Hubballi, N. and N. Tripathi, A closer look into DHCP starvation attack in wireless networks. Computers & Security, 2017. 65: p. 387-404. https://doi.org/10.1016/j.cose.2016.10.002
  34. Thomas Porter, C., C. CCNP, and M. Gough, How to cheat at VoIP security. 2011: Syngress.
  35. Tiwari, N. and O. Rishi. Quality Efficiency of VoIP Application Using Hybrid Co-ordination Function. in Data Driven Approach Towards Disruptive Technologies: Proceedings of MIDAS 2020. 2021. Springer Singapore.
  36. Hamdaqa, M. and L. Tahvildari. ReLACK: a reliable VoIP steganography approach. in 2011 Fifth International Conference on Secure Software Integration and Reliability Improvement. 2011. IEEE.
  37. Tang, J., Y. Cheng, and Y. Hao. Detection and prevention of SIP flooding attacks in voice over IP networks. in 2012 Proceedings IEEE INFOCOM. 2012. IEEE.
  38. Ahmad H. Al-Omari, A Lightweight Dynamic Crypto Algorithm for Next Internet, Engineering, Technology & Applied Science Research, Vol. 9 No. 3 (2019): June, 2019, eISSN: 1792-8036, Greece
  39. Ahmad H. Al-Omari, Dynamic Crypto Algorithm for Real-Time Applications DCA-RTA, Key Shifting, International Journal of Advanced Computer Science and Applications (IJACSA), Volume 7 Issue 1, 2016, ISSN: 2156-5570, UK