View
102
Download
5
Category
Tags:
Preview:
Citation preview
HAROKOPIO UNIVERSITY - DEPARTMENT OF INFORMATICS
AND TELEMATICS
MSc in Advanced Telecommunication
Systems and Applications
Data and Systems Security
Dr. Panagiotis Rizomiliotis
2
Voice over Internet Protocol
Cheaper and more flexible than PSTN
5
A technology that enables people to use the Internet as the transmission medium for telephone calls.
Works through sending digitized voice samples in packets.
SIP ≡ Session Initiation Protocol Τhe dominant signaling channel to handle multimedia sessions.
RTP ≡ Real-time Transport ProtocolΤhe voice channel
VoIP Protocols
6
An examPle of SIP call EstaBlishment and TearDown
8Incorporating Active Fingerprinting into SPIT Prevention Systems Hong
Yan et. al.
2. Security RisksSIP based VoIP services are offered in an open architecture network which makes them attractive targets.
9
10
SIP scanning attack
Accounts with vulnerabilities (i.e. poor authentication) that are brutally attacked in order to steal credentials and be compromised.
Attacks via voicemail
Hackers exploit vulnerabilities in voicemail systems in order to launch various fraudulent activities (i.e. billing)
According to the article there are two common attacks to SIP-based elements:
The Global Fraud Loss Survey 2013
12Communications Fraud Control Association
Estimated fraud losses by service type
In simple numbers...The estimated Global Fraud Loss for 2013 was $46.3 Billion:
✖ $11.08 is due to VoIP fraud
✖ 15% increased from 2011
13
e.g. August 2012Mississippi Counties were hit by hackers stealing $100.000 worth of phone calls to Central Africa
3. ProBlem & Existing SolUtionsAttackers are being masqueraded as another user
and originate calls using forged identity
14
CateGories of PropoSed SoluTions
Identity & Trust value of callers
16
Stronger authentication mechanisms
Ascertain to the real path of call source
To date, related work is being focused on three different
scopes and proposes solutions which can be the
ingredients of a general and united solution
18
Another two solutions are presented in last decade, was directly
related to the article which we are presenting today.
SoluTions till YesteRday2
phaSes of VoiP SecuriTy
User Authentication Device Authorization
Identification
Classification
Verification
Fingerprinting
20
21
A. Classification
If same class of devices look similar and have same type of hardware then there should exist common attributes, that can put it apart from other classes of devices.
B. Fingerprinting
Each device has its own unique notion of time that makes it distinct within its own class of devices.
PHAS
E 1
Identification
22
The SIP Server confirms whether the device is associated with the particular user or not.
Verification
PHAS
E 2
a. ClassiFicatIonThe analysis of RTP payloads (or packets) can reveal information about the device that created it. The article discusses the following acoustic features:
✖ Silence Energy
✖ DC Offset
✖ Dithering Pattern
24
Experimental Evaluation
25
11 Different Hardphones
5 Softphones installed on a laptop computer
All of the phones register from one access location to the SBC
5-8 calls from each phone
Analysis of Various Softphones and Hardphones
26
B. FinGerpriNting
fig. REGISTER Message Flow
A unique identity of the calling device is created by achieving a proper registration
Experimental Evaluation
27
Group of devices share the same configuration files.
Devices use same synchronization system clock
The device location remains fixed
The signaling and media streams flow through the same SBC
Different manufacturing
stamp
Handset vs Handsfree
Experimental Results
28
The experimental process concludes to the following aspects that affect device identification
Subscriber’s Behavior
Phone's manufacturing release version
Laptop connection for softphones(wifi - Ethernet)
Device Authorization
Observing the signaling and media streams in order to determine the device information
Fingerprinting a remote device with a high speed degree of accuracy
Establishing a relationship between user ID and the authorized calling device
30
Sengar suggests
32
Our Proposals Use stronger encryption where is possible
Better password management
Better collaboration between service providers and device manufacturers
Establish a unified SIP standard protocol
Recommended