Voice over IP (VoIP) is gaining more and more prevalence in today's networked world for companies as well as individuals. Therefore, security is an important issue in industry as well as for academic research. TU Wien and University of Duisburg-Essen joined forces to be a leader in VoIP security research. We are working intensively on VoIP security in all areas and sharing the results with the community via international research papers. Together with our partners from the industry, we use the academic knowledge to bring VoIP Security to a next level.
VoIP Systems and Security Problems
VoIP systems enable advanced communication (such as voice or video) over the Internet or other data networks and are replacing more and more traditional phone infrastructures. Nowadays, VoIP is widely used in organizations, companies and private environments, as it has the advantage of flexibility and low costs. Many existing devices and applications use standardized VoIP protocols (e.g., Session Initiation Protocol (SIP) or Real-Time Transport Protocol (RTP)).
VoIP makes it possible to communicate via IP based networks, instead of using the traditional Public Switched Telephone Network (PSTN) infrastructure. PSTN is an interconnected circuit-switched network that is built, owned and operated by private or government organizations. To connect a conventional phone service to a VoIP service a special PSTN gateway is necessary.
Today, VoIP systems are more and more replacing PSTN infrastructures due to cost factors as well as new functionality enabled by VoIP systems. This increases the dependency on available and secure VoIP systems for successful business. Attacks against VoIP systems are becoming more imaginative and many attacks can cause damage, e.g., gain money for attackers or create costs for the victim. Therefore, the risk increases that VoIP systems get attacked by hackers.
The wide use of VoIP systems in highly diverse environments represent a fruitful target for attackers. Although many attacks on VoIP systems currently executed are already known to researchers, there is, on the one hand, not enough reliable information on the probability and nature of these attacks on VoIP systems in real-world applications, and, on the other hand, we also observe new attacks again and again.
In current production VoIP systems, IT security aspects are often neglected. Therefore, to gain more knowledge on security attacks on VoIP systems, analyses and evaluations of real-world attacks are needed.
Examples for some critical VoIP attacks are:
- Identity Theft: Attackers try to get a valid identity from another user of the VoIP system. One method for identity theft are dictionary and brute force attacks. The attackers try to identify an username and/or a password of an valid SIP account.
- Fraudulent Calls: Attackers call a victim with fraudulent intention. For example, in some cases attackers try to create costs for the potential victim.
- SPIT (SPAM over Internet Telephony): Users of VoIP may get unsolicited calls, e.g., unwanted advertisement calls, due to the low cost of VoIP calls.
- DoS (Denial of Service): Attackers use DoS attacks on VoIP servers to restrict the availability of the systems, e.g., attackers want to blackmail VoIP service providers.
VoIP Security Solutions
Due to the benefit of being able to research, implement and test real-world VoIP solutions in large VoIP infrastructures, we know the security problems occuring today and know how to solve them.
We have designed different security architectures for VoIP systems, implemented various security mechanisms to enhance the security of VoIP solutions as well as tested existing applications (VoIP servers as well as VoIP clients) where we found and fixed different security vulnerabilities.
Services and Research Methods
For security testing VoIP solutions we have designed and implemented our own security test lab for VoIP, called VoIP Lab. Due to this setup we can easily test newly proposed security measures, our own test tools, new VoIP software versions and many more aspects.
Honeynets are an appropriate approach for identifying attacks against VoIP systems and to learn about the tools, tactics, and motives of attackers. Our solution of trapping attackers and analyzing malicious VoIP traffic consists of a VoIP honeynet to collect data and a reporting system to analyze these data. In combination this is a complete infrastructure to gain new insights into VoIP attacks. The overall goal is to collect as much data on attacks on VoIP infrastructure as possible. Therefore, the data collection should be conducted on several layers, e.g., collecting spoken words of callers in order to detect fraud, or collecting data packets to get information on attacks on protocol-level.
We conduct penetration tests for different, also productive, VoIP infrastructures in order to find and fix security vulnerabilities that might otherwise get exploited by attackers.
Security Test Tools
We have implemented our own security test tools we use, among other targets, for VoIP security testing.
Both universities are concerned for a long time with VoIP Security Research. Following is an excerpt of important research papers. The BibTeX entries for our publications are available as well.
The participating research groups ESSE -- Establishing Security, TU Wien, and Technik der Rechnernetze, Universität Duisburg-Essen -- both long time researchers of VoIP security -- are uniting forces to lead the VoIP security research.
Together with our industrial partner RISE we are able to research real-world security problems of large VoIP infrastructures.
For more information about our research or for industrial cooperations please contact us via e-mail to email@example.com.
Institute of Information Systems Engineering
Research Group for Industrial Software, ESSE
Wiedner Hauptstraße 76/2/2
The content (content being images, text, sound and video files, programs and scripts) of this website is copyright © TU Wien / Institute of Information Systems Engineering / Research Group for Industrial Software, ESSE and its affiliates or content and creative providers. In accessing these web pages, you agree that any downloading of content is for personal, non-commercial reference only. No part of this web site may be reproduced or transmitted in any form or by any means, electronic, mechanical, photocopying, recording or otherwise, without prior permission of the website owner.