(IJCNS) International Journal of Computer and Network Security, 41 Vol. 2, No. 5, May 2010
Security Issues for Voice over IP Systems
Ali Tahir1, Asim Shahzad2
Faculty of Telecommunication and Information Engineering, UET TAXILA, Pakistan email@example.com Faculty of Telecommunication and Information Engineering, UET TAXILA, Pakistan firstname.lastname@example.org
Abstract: Firewalls, Network Address Translation (NAT), and
encryption produce Quality of Service (QoS) issues which are the basic building block to the operations of a VOIP system. There are two major non proprietary standards used for VoIP communications. They are H.323 and Session Initiation Protocol (SIP). Firewalls, NAT, and Intrusion Detection Systems (IDS) are used to filter unwanted packets in VoIP environment. To provide defense against an internal hacker, another layer of defense is necessary at the protocol level to protect the data itself. In VOIP, as in data networks, this can be accomplished by encrypting the packets at the IP level using IPSec. As VoIP is an IP based technology that utilizes the Internet it also inherits all associated IP vulnerabilities. This research paper focus on different security issues associated with voice over IP system.
Figure 1. How VOIP works  The VoIP networks replace the traditional public-switched telephone networks (PSTNs), as these can perform the same functions as the PSTN networks. The functions performed include signaling, data basing, call connect and disconnect, and coding-decoding.
Keywords: Voice-Over Internet Protocol (VoIP), Firewalls.
1. Overview of VOIP
The Voice-Over Internet Protocol (VoIP) technology allows the voice information to pass over IP data networks. This technology results in huge savings on the amount of physical resources required to communicate by voice over long distance. It does so by exchanging the information in packets over a data network. The basic functions performed by a VoIP include - signaling, data basing, call connect and disconnect, and coding/decoding. The steps involved in originating and internet telephone call are the conversion of the analogue voice signal to digital format and compression / translation of the signal into internet protocol (IP) packets for transmission over the internet; the process is reversed at the receiving end. VoIP software’s like Vocal TEC or Net 2 Phone are available for the user . With the exception of phone to phone, the user must posses an array of equipment which should at minimum include VoIP software, an internet connection, and a multimedia computer with a sound card, speakers, a microphone and a modem .The VoIP network acts as a gateway to the existing PSTN network. This gateway forms the interface for transportation of the voice content over the IP networks. Gateways are responsible for all call origination, call detection, analogue to digital conversion of voice, and creation of voice packets.
2. Quality of Service Issues
Quality of Service (QoS) is fundamental to the operation of a VOIP network. Despite all the money VOIP can save users and the network elegance it provides, if it cannot deliver at least the same quality of call setup and voice relay functionality and voice quality as a traditional telephone network, then it will provide little added value. There are various security measures that can degrade QoS. For example blocking of call setups by firewalls, encryptionproduced latency and delay variation (jitter). QoS issues are central to VOIP security. If QoS was assured, then most of the same security measures currently implemented in today’s data networks could be used in VOIP networks. But because of the time-critical nature of VOIP, and its low tolerance for disruption and packet loss, many security measures implemented in traditional data networks just aren’t applicable to VOIP in their current form. The main QoS issues associated with VOIP that security affects are presented...
Please join StudyMode to read the full document