On The Ip Network Voip Voice Transmission Security Technology-ip Network, Voice Transmission,
Technology has now developed into a specialized voice communication technology, its use more widely. But the study found that, in addition to service quality issues, the security is corporate chief technology officer (CIO) are doing VoIP to consider the contents of the key decisions. In reality, many customers that the security situation can not achieve the standard business applications is that they temporarily do not want to deploy VoIP reason. Currently, VoIP security issues facing the main four: Denial of Service (DoS) attacks, illegal access, Huafei fraud or threats such as eavesdropping.
Market research survey showed that service providers in Asia Pacific VoIP security spending lags far behind the U.S. and Europe. Asia-Pacific region in 2005 is expected to service providers in the VoIP security spending less than 33 million U.S. dollars, while all regions outside the Asia-Pacific region will be spending 83.6 million U.S. dollars, and this gap will further increase is expected in 2008 Asia-Pacific District expenditures in this area is about 170 million U.S. dollars, while the Asia-Pacific region other than the total expenditure will be more than 370 million U.S. dollars. This gap shows that the current VoIP security in the Asia-Pacific region lack of awareness.
VoIP Security Alliance (VoIPSA) is designed to raise public awareness of VoIP security and confidentiality awareness of open organization, aims to find, understand and avoid VoIP security risks associated with, focused on VoIP security research and education. Its members a wide range of sources, including manufacturers, service providers, researchers and consultants. Its main activity is the discussion list approach, the White Paper in support of VoIP security research projects, and development for public use of the tools and methods for VoIP to provide a more comprehensive safety concept, safety products, solutions and management standards. February 2005, to the two initial goals is to develop a threat category (threattaxonomy) and the definition of security requirements. Recently, working on drafting the VoIP network requires security measures and threat model documents.
Technical characteristics of broadband telephone and security threats
Broadband phone is based on the realization of broadband access, is the main commercial form of VoIP, its security is based on broadband access security. Broadband phone with broadband access universal and popular. Gradually become the mainstream of broadband access as a form of Internet access through different channels, in a coaxial cable or optical fiber carrying multiple independent channels, use of cable modem (cablemodem), digital subscriber line (DSL) or fiber and other access methods, its rate is generally more than 1Mbit / s, with the connection address fixed transmission rate higher characteristic.
As broadband services are generally provided with a monthly subscription, the user PC and other smart devices connect to the network using a permanent way, which means always online, so, there is always likely to be the threat of invasion and attack. Broadband connection, on the one hand in time for hackers trying to attack the opportunities provided; on the other hand, often use a permanent fixed IP address to connect, target fixation, increased probability of successful attacks. The terminal functions as intelligence, information rich content, once the hackers control of the system, they not only stole sensitive information, destroy files, or even use it as a springboard to attack other sites, to network attacks. Network Security directly affects the security of broadband telephone. Development and progress of information technology over the real security needs, broadband telephony in particular. Currently, there is no mainstream or commercial VoIP specific attack threat, but the threat of the emergence of a matter of time. Despite the threat of no less than other VoIP Web applications face severe, but is more difficult to ensure safety, which is determined by the characteristics of VoIP. Such as VoIP generally requires more than Web browsing and E-mail for more connections, streaming media connection is dynamic, more complex security needs.
Broadband network from viruses, spam, denial of service attacks and other threats, VoIP and other Internet applications also face different security and privacy issues, such as call tracking, call hijacking, and eavesdropping, the most dangerous threats. Threat of attack both gave broadband phone security risks.
Generally speaking, broadband phones are targeted telephone calls may be exchanged between the parties, the information content, the identity of the caller and the called party, IP telephony entities, IP telephone network elements, as well as servers, hosts, etc. .
Broadband telephony security vulnerability analysis 1.IP the vulnerability of sub-network itself
IP packet communication network as an open network, data network inherent security vulnerabilities, including:
Voice packet sniffer monitoring; Network identity fraud, to free services;
Packet manipulation discontinued operations; User accounts and equipment to deceive, which access network and IP address of the database;
Undermine the integrity of the network, modify the database or copying equipment to make voice network congestion or control;
Other security threats, including end-user privacy leakage; new security challenges, including interception, modification call control (eg SIP) packets, and even change the packet destination address and call connections.
IP packet network performance can not reach the level of circuit-switched network, the network security has increased the vulnerability of broadband telephony security risks. Because risk management perspective, if the operator's data network, VoIP being a disaster, companies will face the same loss of voice and data communication of risk, the original single data network service security threat was extended to the two systems.
2.VoIP attacks by the security
VoIP environment, pay special attention to the threat of security attacks, including:
Denial of Service (DoS) attacks: such as IP phones, VoIP Gateway (SIP proxy) and other endpoints, may be subject to SYN or ICMP packet attacks, which interrupt communications, provides broadband telephone services can not be normal.
Call interception: voice or real-time transport protocol (RTP) packets are unauthorized tracking.
Signaling protocol tampering: with the same call interception, malicious users can control and tamper with the establishment of the call after the transfer of data packets, modify the data flow in the field, to make VoIP calls without using VoIP phone, or they can be a higher rate call (such as international calls), to IP-PBX that the call from another user.
State theft: fake legitimate users send and receive data.
Deception charges: malicious users or intrusion