MITP 458 : Information Security and AssuranceVOIPOverviewBusiness ConcernSecurity IssuesAvailabilityAttack exampleCurrent SolutionSlide 9Current solutionSlide 111MITP 458 : Information Security and AssuranceVOIP Xeon GroupRohit BhatRyan HannanAlan MuiIrfan Siddiqui2VOIPI. Overview - What is VOIP?II. Business ConcernIII. Security Issues IV. Availability V. Attack exampleVI. Current solution3OverviewVOIP •Protocol optimized for the transmission of voice through the Internet or other packet switched networks•Often used abstractly to refer to the actual transmission of voice (rather than the protocol implementing it)•Also referred to as IP telephony, Internet telephony, voice over broadband, broadband telephony, and broadband phone.4Business Concern•Highly complex communication•Critical communication should remain confidential•Data should remain accurate•Compliance issues along with privacy of users5Security IssuesConfidentiality• Broadband pipe serving the VOIP and data center services must offer transmission confidentiality. Authenticity • Access to the data servers must offer fool-proof authentication. Integrity• Voice quality and data accuracy is critical to the success of service offerings. Availability• VOIP and data center servers must have industry standard uptime.6AvailabilityWhy is it important•Emergency•Business•Sale•CommunicationThey type of attacks to VOIP•DoS Attack•Spit (Spam)•Fraud7Attack exampleDoS attack•The most serious threat to VoIP is a distributed denial of service (DoS) attack•Can effect any internet-connected device •Floods networks with spurious traffic or server requests. •Usually generated by machines that have been compromised by a virus or other malware •Servers grind to a halt and ignore/cant process new requests due to increased traffic8Current SolutionvLAN• Isolate VoIP calls from other traffic in the network by creating a segregated vLAN• Also used to prioritize voice traffic and keep it up and running during a DoS attack.Cons• Wasted bandwidth• Cost to implement and monitorCurrent SolutionEffective monitoring•Monitoring geographic destinations of VoIP traffic •Sudden changes in the overall geographic distribution of network traffic originating from inside the VoIP network could indicate that unauthorized users are abusing the system to commit toll fraud Cons•Increased cost due to labor intensive monitoring•False positive readings9Current solutionRedundancy•Setup switches that will re-route the VOIP traffic when the main router/network is down.•In he event of a DOS attack all VOIP traffic will be switched to another network to prevent service interruption.Cons•Setup will require extra hardware and therefore more maintenance, cost, and labor•Load balancers, switches…
View Full Document