Presentation on theme: "1 MITP 458 : Information Security and Assurance VOIP Xeon Group Rohit Bhat Ryan Hannan Alan Mui Irfan Siddiqui."— Presentation transcript:
1 MITP 458 : Information Security and Assurance VOIP Xeon Group Rohit Bhat Ryan Hannan Alan Mui Irfan Siddiqui
2 VOIP I.Overview - What is VOIP? II.Business Concern III.Security Issues IV.Availability V.Attack example VI.Current solution
3 Overview VOIP Protocol optimized for the transmission of voice through the Internet or other packet switched networks Often used abstractly to refer to the actual transmission of voice (rather than the protocol implementing it) Also referred to as IP telephony, Internet telephony, voice over broadband, broadband telephony, and broadband phone.
4 Business Concern Highly complex communication Critical communication should remain confidential Data should remain accurate Compliance issues along with privacy of users
5 Security Issues Confidentiality Broadband pipe serving the VOIP and data center services must offer transmission confidentiality. Authenticity Access to the data servers must offer fool-proof authentication. Integrity Voice quality and data accuracy is critical to the success of service offerings. Availability VOIP and data center servers must have industry standard uptime.
6 Availability Why is it important Emergency Business Sale Communication They type of attacks to VOIP DoS Attack Spit (Spam) Fraud
7 Attack example DoS attack The most serious threat to VoIP is a distributed denial of service (DoS) attack Can effect any internet-connected device Floods networks with spurious traffic or server requests. Usually generated by machines that have been compromised by a virus or other malware Servers grind to a halt and ignore/cant process new requests due to increased traffic
8 Current Solution vLAN Isolate VoIP calls from other traffic in the network by creating a segregated vLAN Also used to prioritize voice traffic and keep it up and running during a DoS attack. Cons Wasted bandwidth Cost to implement and monitor
Current Solution Effective monitoring Monitoring geographic destinations of VoIP traffic Sudden changes in the overall geographic distribution of network traffic originating from inside the VoIP network could indicate that unauthorized users are abusing the system to commit toll fraud Cons Increased cost due to labor intensive monitoring False positive readings 9
Current solution Redundancy Setup switches that will re-route the VOIP traffic when the main router/network is down. In he event of a DOS attack all VOIP traffic will be switched to another network to prevent service interruption. Cons Setup will require extra hardware and therefore more maintenance, cost, and labor Load balancers, switches… 10