• Title/Summary/Keyword: IP Security

Search Result 738, Processing Time 0.033 seconds

Factor analysis of VoIP Security Checklists using AHP (AHP를 이용한 VoIP 정보보호 점검항목의 중요도 분석)

  • Yoon, Seokung;Park, Haeryong;Yoo, Hyeong Seon
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.22 no.5
    • /
    • pp.1115-1122
    • /
    • 2012
  • VoIP service is steadily growing due to the spread of smartphones, enhanced network, and various VoIP applications. But, VoIP has many security vulnerabilities because it is based on IP network. This paper analyzes the important weight of VoIP security checklists for incident prevention and response using AHP. The results of AHP analysis showed that network security, incident response, and access control were the most important in technical, administrative, physical standpoint. This study proposes factor analysis of VoIP security checklist at first time. By doing this, it will be used helpfully when VoIP service providers establish their own security policies and inspect their VoIP environment according to their security policies.

A Study of Wired and wireless VoIP vulnerability analysis and hacking attacks and security (유무선 VoIP 취약점 분석과 해킹공격 및 보안 연구)

  • Kwon, Se-Hwan;Park, Dea-Woo
    • Journal of the Korea Institute of Information and Communication Engineering
    • /
    • v.16 no.4
    • /
    • pp.737-744
    • /
    • 2012
  • Recently VoIP has provided voice(both wired and wireless from IP-based) as well as the transmission of multimedia information. VoIP used All-IP type, Gateway type, mVoIP etc. Wired and wireless VoIP has security vulnerabilities that VoIP call control signals, illegal eavesdropping, service misuse attacks, denial of service attack, as well as wireless vulnerabilities etc. from WiFi Zone. Therefore, the analysis of security vulnerabilities in wired and wireless VoIP and hacking incidents on security measures for research and study is needed. In this paper, VoIP (All-IP type, and for Gateway type) for system and network scanning, and, IP Phone to get the information and analysis of the vulnerability. All-IP type and Gateway type discovered about the vulnerability of VoIP hacking attacks (Denial of Service attacks, VoIP spam attacks) is carried out. And that is a real VoIP system installed and operated in the field of security measures through research and analysis is proposed.

A Closer Look on Challenges and Security Risks of Voice Over Internet Protocol Infrastructures

  • Omari, Ahmed H. Al;Alsariera, Yazan A.;Alhadawi, Hussam S.;Albawaleez, Mahmoud A.;Alkhliwi, Sultan S.
    • International Journal of Computer Science & Network Security
    • /
    • v.22 no.2
    • /
    • pp.175-184
    • /
    • 2022
  • Voice over Internet Protocol (VoIP) has grown in popularity as a low-cost, flexible alternative to the classic public switched telephone network (PSTN) that offers advanced digital features. However, additional security vulnerabilities are introduced by the VoIP system's flexibility and the convergence of voice and data networks. These additional challenges add to the normal security challenges that a VoIP system's underlying IP data network infrastructure confront. As a result, the VoIP network adds to the complexity of the security assurance task faced by businesses that use this technology. It's time to start documenting the many security risks that a VoIP infrastructure can face, as well as analyzing the difficulties and solutions that could help guide future efforts in research & development. We discuss and investigate the challenges and requirements of VoIP security in this research. Following a thorough examination of security challenges, we concentrate on VoIP system threats, which are critical for present and future VoIP deployments. Then, towards the end of this paper, some future study directions are suggested. This article intends to guide future scholars and provide them with useful guidance.

Performance Evaluation of VoIP Security Protocols (VoIP를 위한 보안 프로토콜 성능 평가)

  • Shin, Young-Chan;Kim, Kyu-Young;Kim, Min-Young;Kim, Joong-Man;Won, Yoo-Jae;Ryou, Jae-Cheol
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.18 no.3
    • /
    • pp.109-120
    • /
    • 2008
  • VoIP utilizes the Internet for the services, and therefore it is vulnerable to intrusions and attacks. Because provided services deal with information related to privacy of users, it requires high level security including authentication and the confidentiality/integrity of signaling messages and media streams. However, when such a protocol is implemented in a VoIP phone, the implementation can have limitations due to the limited resources. The present study purposed to implement VoIP security protocols and to evaluate their performance in terms of connection quality and voice quality by applying them to SIP proxy and UA (User Agent). In the result of performance evaluation, the application of the security protocols did not lower voice quality, but connection quality was high in the DTLS based security protocol. As the protocol was applicable to signaling and media paths based on DTLS, we found that it can be a solution for the limited resources of VoIP phone.

A Study on Security Hole Attack According to the Establishment of Policies to Limit Particular IP Area (특정 IP 영역 제한정책 설정에 따른 보안 취약점 공격에 관한 연구)

  • Seo, Woo-Seok;Jun, Moon-Seog
    • The Journal of the Korea institute of electronic communication sciences
    • /
    • v.5 no.6
    • /
    • pp.625-630
    • /
    • 2010
  • With regard to the examples of establishing various sorts of information security, it can be seen that there are gradual, developmental procedures including Firewall and VPN (Virtual Private Network), IDS (Intrusion Detection System), or ESM(Enterprise Security Management). Each of the security solutions and equipments analyzes both defense and attack for information security with the criteria of classifying the problems of security policies by TCP/IP layers or resulted from attack patterns, attack types, or invasion through specialized security technology. The direction of this study is to examine latency time vulnerable to invasion which occurs when L2-stratum or lower grade equipments or policies are applied to the existing network through TCP/IP layer's L3-stratum or higher grade security policies or equipments and analyze security holes which may generate due to the IP preoccupation in the process of establishing policies to limit particular IP area regarding the policies for security equipments to figure out technological problems lying in it.

Security Threats and Security Requirements Analysis of VoIP and Protection Profile Development (VoIP 보안 위협과 보안요구사항 분석 및 보호프로파일 개발)

  • Hong, Won-Soon;Choi, Yong-Joon;Sung, Yune Gie;Sim, Won-Tae
    • Proceedings of the Korea Information Processing Society Conference
    • /
    • 2009.04a
    • /
    • pp.1463-1465
    • /
    • 2009
  • 인터넷망을 이용하여 음성 및 영상통화를 제공하는 VoIP(인터넷전화)서비스가 확대되고, VoIP 서비스가 인터넷망을 이용함에 따라 기존의 인터넷망에서 제기된 보안위협이 증가하고 사이버 공격에 노출되고 있다. 이에 따라 본 고에서는 국제 표준인 공통평가기준(ISO 15408)에서 규정된 방법에 따라 VoIP 서비스를 제공하는 IP Phone 및 IP PBX시스템이 노출되는 사이버 상의 보안위협사항을 도출하고, 보안목적과 VoIP 및 IP PBX 시스템 보안위협에 대응할 수 있는 보안요구사항을 정의하였다.

Development of Indicators for Information Security Level Assessment of VoIP Service Providers

  • Yoon, Seokung;Park, Haeryong;Yoo, Hyeong Seon
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.8 no.2
    • /
    • pp.634-645
    • /
    • 2014
  • VoIP (Voice over Internet Protocol) is a technology of transmitting and receiving voice and data over the Internet network. As the telecommunication industry is moving toward All-IP environment with growth of broadband Internet, the technology is becoming more important. Although the early VoIP services failed to gain popularity because of problems such as low QoS (Quality of Service) and inability to receive calls as the phone number could not be assigned, they are currently established as the alternative service to the conventional wired telephone due to low costs and active marketing by carriers. However, VoIP is vulnerable to eavesdropping and DDoS (Distributed Denial of Service) attack due to its nature of using the Internet. To counter the VoIP security threats efficiently, it is necessary to develop the criterion or the model for estimating the information security level of VoIP service providers. In this study, we developed reasonable security indicators through questionnaire study and statistical approach. To achieve this, we made use of 50 items from VoIP security checklists and verified the suitability and validity of the assessed items through Multiple Regression Analysis (MRA) using SPSS 18.0. As a result, we drew 23 indicators and calculate the weight of each indicators using Analytic Hierarchy Process (AHP). The proposed indicators in this study will provide feasible and reliable data to the individual and enterprise VoIP users as well as the reference data for VoIP service providers to establish the information security policy.

Design of User Access Authentication and Authorization System for VoIP Service (사용자 접근권한 인증을 이용한 안전한 VoIP 시스템 설계)

  • Yang, Ho-Kyung;Kim, Jin-Mook;Ryou, Hwang-Bin;Park, Choon-Sik
    • Convergence Security Journal
    • /
    • v.8 no.4
    • /
    • pp.41-49
    • /
    • 2008
  • VoIP is a service that changes the analogue audio signal into a digital signal and then transfers the audio information to the users after configuring it as a packet; and it has an advantage of lower price than the existing voice call service and better extensibility. However, VoIP service has a system structure that, compared to the existing PSTN (Public Switched Telephone Network), has poor call quality and is vulnerable in the security aspect. To make up these problems, TLS service was introduced to enhance the security. In practical system, however, since QoS problem occurs, it is necessary to develop the VoIP security system that can satisfy QoS at the same time in the security aspect. In this paper, a user authentication VoIP system that can provide a service according to the security and the user through providing a differential service according to the approach of the users by adding AA server at the step of configuring the existing VoIP session is suggested. It was found that the proposed system of this study provides a quicker QoS than the TLS-added system at a similar level of security. Also, it is able to provide a variety of additional services by the different users.

  • PDF

A Design and Implementation of IPv4/IPv6 Security Packet Analyzer (IPv4 및 IPv6 보안 패킷 분석기의 설계 및 구현)

  • Cho Jin-Ki;Kim Sang-Choon;Lee Sang-Ho
    • Journal of Korea Society of Industrial Information Systems
    • /
    • v.10 no.2
    • /
    • pp.67-75
    • /
    • 2005
  • In this paper, we design and implement real time IP security packet analyzer on IPv4 and IPv6 network. This packet analyzer sniffs and analyzes the packets generated by the protocols that are used by IPsec, IKE, IPv4 and IPv6 such as AH, ESP, ISAKMP, IP, ICMP and so on. The purpose of this analyzer is to check current security status of the network automatically. In this paper we provide implementation details and the examples of security evaluation by using our security packet analyzer system.

  • PDF

An implementation and security analysis on H.235 for VoIP security on embedded environments (임베디드 환경에서의 H.235 기반 VoIP 보안 단말 구현 및 안전성 분석에 관한 연구)

  • 김덕우;홍기훈;이상학;정수환
    • The Journal of Korean Institute of Communications and Information Sciences
    • /
    • v.29 no.7C
    • /
    • pp.1007-1014
    • /
    • 2004
  • In this paper, H.235 based security mechanism for H.323 multimedia applications was implemented in embedded environment. H.235 covers authentication using HMAC-SHAI -96, authenticated Diffie-Hellman key exchange, security capability exchange, session key management for voice encryption, and encryption functions such as DES, 3DES, RC2. H.235-based mechanisms were also analyzed in terms of its security and possible attacks.