COMP3013 CONFERENCE COMPUTING - INTRODUCTION TO
VOIP TECHNOLOGY AND ITS SECURITY ISSUES
Aikaterini Gkritsi
Electronics & Computer Science Department The University of Southampton
Southampton SO17 1BJ [email protected] http://users.ecs.soton.ac.uk/ag2006/
A
BSTRACT
Over the past few years Voice over IP (VoIP) technology has seen an impressive growth. The aim of this paper is to introduce the reader into VoIP by presenting the evolution of the technology, the way that it works and overview the protocols that are used. It then looks at the security issues that might arise by its usage and the possible ways to protect against these threats. Finally, the paper focuses on the features of a good Quality of Service (QoS) in a digital network like this and closes with its future applications and trends.
Keywords
VoIP, Protocols, Security, QoS
1. I
NTRODUCTION
Nowadays VoIP technology is becoming more and more popular because of the broadband availability and the many exciting features that are offered. This emerging technology allows users to make free calls between computers and among devices that have access to the Internet and are equipped with the appropriate software, independently of the location of their users. There is also the possibility of making international or long-distance calls at very low rates unlike normal phone lines.
As Condie notes, some of the most common applications of VoIP are computer to computer connection where two or more computers are connected via an IP network (Figure 1),
Figure 1 [1]
computer to telephone connection where the communication is established via a Public Switched Telephone Network (PSTN) through a PSTN-to-IP gateway (PIG) (Figure 2) and telephone to telephone connection. [1]
Figure 2 [1]
This paper discusses briefly on section 2 the history of VoIP; it gives a description of how this technology works and it presents the most popular protocols that this technology uses in order to establish a call. Section 3 examines the possible threats and security issues that might arise by the usage of such a technology and examines the available options in order to protect against these potential threats. Further, section 4 introduces all the features that are necessary for a good QoS in a technology like this and it proposes possible ways to improve it. Section 5 gives some interesting future features of VoIP and finally section 6 concludes the paper.
2. O
VERVIEW OF
V
O
IP
2.1 History
The history of VoIP starts around 1970’s where the first technology and ideas about it where established. [2] The first company that launched Internet phone software was Vocaltec on 1995. The new software was called “Internet Phone” and it required two users running the software on their computers. Internet phone was used like the PC phones that are used today with microphone, speakers and sound card. Because the connection between computers was made via modem, the
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. To copy otherwise, to republish, to post on servers or to redistribute to lists, requires prior specific permission.
4th Annual Multimedia Systems, Electronics and Computer Science, University of Southampton
© 2003 Electronics and Computer Science, University of Southampton
quality of the voice was very poor. However, as broadband availability was getting bigger and while Internet and Web were growing, more and more people started using VoIP.
2.2 How It Works
In VoIP technology voice is transmitted digitally in data packets. Special codecs convert voice into bits and bytes. When a user tries to contact another user using VoIP services, their voice is compressed and converted into digitalised signal and broken into packets (1500 bytes). The signal is transmitted into public or private IP networks over the Internet. Each of the packets contains information about the place the packet was sent, its destination and timestamp which is necessary in order to reconstruct the packet in the correct order. When packets reach their receiving source, they are decoded and the other user is able to hear what the first user said. (Figure 3) [3]
Figure 3 [4]
2.3 Protocols
In order to function, VoIP uses a number of protocols and standards to create, establish, maintain and terminate conversations between users. Some of the most important protocols are H.323 from the International Telecommunication Union, Session Initiation Protocol (SIP) and Media Gateway Control Protocol (MGCP) from a branch of the Engineering Task Force.
2.3.1 H.323 Standard
H.323 standard is used in many different applications and one of them is VoIP. H.323 standard consists of four components: terminals, gateways, gatekeepers and Multipoint Control Unit (MCU). [2] As terminals, it is possible to characterise any type of devices that support multimedia applications and the H.323 standard. Gateways are the means by which two different types of networks like PSTN and all circuit switched
networks can be connected. Gatekeepers, even though they are not an essential part of the H.323 standard, they are responsible for the bandwidth management and the authentication process between the terminals and the gateways. Also, MCU allows simultaneous conferences between the terminals that are connected to it. (Figure 4) As Swale states, H.323 protocol is a very powerful standard. It has the ability to switch on and off many of its features, so it can be tailored to each network. [5]
Figure 4 [6]
2.3.2 SIP Protocol
SIP protocol is again another application layer protocol which is responsible for creating, modifying and terminating VoIP applications among terminals. SIP makes use of User Agents (UA) which represents the end user and proxy servers. “The proxy server is the intermediate server that acts on behalf of UA to forward the SIP messages to its destination”. [7] As Swale says again, SIP is very easy to implement, powerful and it offers control to adjust it to big networks because of its simple like-HTTP request-respond format. [5]
2.3.3 MGCP Protocol
Finally, MGCP protocol is similar to H.323 standard and is capable of controlling the communication between gateways and call agents. In this protocol, all the functionalities like call control and the management of the gateways have been assigned to the call agents and not to the endpoint.
Comparing these three protocols it is easy to conclude that all of them are designed to establish and support multimedia communication but they are not always compatible with each other. H.323 is a combination of individual protocols (other for data like G.729, video like H.263, audio and transport). It operates better with PSTN and it supports video better since it was designed for video conferencing voice and other additional services [1]. Unlike H.323, SIP is more lightweight protocol. It was designed specially to support VoIP applications. It is
easy to design and debug and it provides many functionalities to the users like call forwarding, call identification etc. MGCP focuses more on the endpoint control (like call waiting) and it incorporates functionalities of both H.323 and SIP. The protocols that are mostly used are H.323 and SIP but H.323 is considered to be better since it is more robust and independent of the transport protocols that it runs on. It can also support multimedia conferences without the use of an MCU like SIP and it provides bandwidth management ensuring that video and audio traffic will have priority over other applications.
3. S
ECURITY
I
SSUES
VoIP applications when first designed, they were created in order to provide the best service quality available to users. Because the first and most important feature of the VoIP systems was that, the vulnerabilities and the security issues that could occur by their usage played a secondary role. PSTN was considered secure and because VoIP applications relied on it, it was believed that VoIP would be as secure as that. The fact is that because Internet is vulnerable against attacks and VoIP is depending on the Internet, this makes VoIP technology vulnerable against these attacks as well.
3.1 Security Issues of VoIP
VoIP packetizes phone calls through the same routes used by network and Internet traffic and is consequently prone to the same cyber threats that plague data networks today. These threats include denial of service attacks, worms, viruses, and hacker exploitation. [8] Apart from that, PSTN lines can be wiretapped so the attacker can keep a log of the users’ calls. [9]
In particular, one of the most common attacks is Man-In-The-Middle (MITM). By using this method, the attacker can hijack users’ emergency calls, access their voicemail and either accept voicemail messages or redirect the caller to another phone number. Then, as Blake states toll fraud is one of the five most common threats in VoIP networks. [10] In that, a company’s phone system is violated and it is used illegally from a third party from a long-distance location. Another common attack is brute force where an attacker is trying to overcome all the security checks of a system by applying all the possible combinations of keywords. Also, by using Denial of Service (DoS) the attacker floods the network with useless and malfunctioned packets until it cannot process any more requests. This situation results to resource exhaustion, long term busy calls and sessions that disconnect unexpectedly. Spoofing is another method by which attackers are able to use the IP address of an authorised user in order to gain access to the host of the system. Eavesdropping on a VoIP networks means that a third party is monitoring users’ calls,
conversations, stealing email or passwords etc without the consent for the user. Last but not least, VoIP systems are vulnerable against viruses. This is because all the devices that use VoIP applications are connected to the Internet this means that they are at risk. [10]
3.2 How to Protect
Nowadays, there are several ways by which users and systems can be protected against the threats that were mentioned above. A method that is able to protect against several attacks (DoS, eavesdropping, toll fraud) is the usage of Virtual Local Area Networks (VLAN). Voice and data packets should be separated. This way it is much easier to prioritise voice traffic over data. The traffic of the network is hidden so it cannot be eavesdropped or be attacked from DoS. Another way to prevent attacks is by using encryption. Secure Real Time Protocol (SRTP) and Transport Level Security (TLS) are the most common used protocols for encryption. The first protocol encrypts the communication between the end users and the second encrypts the entire call process. Furthermore, Virtual Private Networks (VPN) can be effective because all the transactions are encrypted and they provide secure access. Finally, IP Security (IPSec) “supports network-level peer authentication, data origin authentication, data integrity, data confidentiality (encryption) and replay protection.” [11]
4. Q
UALITY OF
S
ERVICE
The term Quality of Service (QoS) describes how satisfying is the experience that the user has while using any VoIP application. It measures the quality of the conversation e.g. how natural it is, if there is any delay, echo or corruption of the conversation by unexpected reasons. “Internet gives a very variable Quality of Service (QoS) when this term is applied to speech performance.” [1] For this reason some requirements have been set in order to measure the QoS. First, the performance of the call should have low delay which means that the delay of the delivery of the transmitted packet should be small enough so it does not interfere with normal voice conversations. Also, the number of packets that are lost during transmission should be low so it will not affect the quality of the call. Then, the time when a user dials the last digit of the number and the confirmation that the connection was successful should be short, as well as the delay from the time that the other user accepts the call and the voice path being cut through.
4.1 QoS Problems
“QoS (quality of service) is an important issue for IP-based multimedia services.” [12] Some of the most common technical issues that occur in VoIP are delay in the transmission of the voice and latency.
VoIP quality depends on many aspects like the quality of the audio peripherals that are used and the codecs that are used for the encoding and the decoding of the voice signal. Quality is also affected by the software scheduling by the operating system that the device or computer uses, how much delay or jitter occurs in the network and finally the number of packets that is lost during the transmission of the signal from one endpoint to the other. [13]
Latency during a VoIP session occurs because of the traffic that exists in the network which leads to late delivery of the packets to their destination. Also, another reason of latency is the route that a packet has to go through in order to reach its destination. The more routers, switches or gateways packets have to go through, the more time it takes for their delivery. Lastly, significant role to latency plays the size of the delivered packet. [2]
Jitter occurs when voice and data packets are transmitted at the same time so they interfere. This leads to a need of a buffer which will store temporarily the packets and transmit them again with some delay. [14] The case of packet loss during the transmission process will lead to delay in the delivery of the signal to the other end. If the delay is more than 200 milliseconds, the quality of the voice is considered unacceptable and very poor. “Data packets travelling through the Internet may not be secure and may require encryption, adding overhead by increasing the necessary bit rate beyond 14Kbps, hence reducing the bit rate advantage of VoIP over PSTN. Encryption also increases the end-to-end latency caused by the processing delay for encryption and decryption.”[2] Finally, another problem that affects the quality of a call is the presence of echo. This phenomenon occurs by the reflection of the signal during the call. If the delay is some milliseconds long, it leads to echo.
4.2 Improvements
There are many ways by which the QoS can be improved. In particular, in order to overcome the jitter occurrence, it is possible to perform data packet fragmentation and voice packet prioritisation. The first technique will ensure that the packets that are delivered are not of varied size. All the packets should not contain large data in order to avoid queuing delays. The other feature prioritises the delivery of voice packets over the data packets. This way latency can be eliminated by sending messages to routers over the networks to find out which is the fastest route and with less traffic, which will lead to better quality of the voice. To this contributes the fact that nowadays the routers and gateways are much faster than before; which means that more packets can be transmitted simultaneously. Also, a choice of a codec that has the ability to encode and decode the voice digitally in high quality and with short encoding-decoding
time will have big impact on the quality of the call. Another effective way of improving the quality of voice is Resource Reservation Protocol (RSVP) and IP version 6 (IPv6). With the combination of these protocols voice packets are prioritised over the IP network. [14] Finally, improvements on PSTN-to-IP connection and introduction of protocols and standards help the situation.
5. A
PPLICATIONS AND
F
UTURE
T
RENDS
Because VoIP is an emerging technology that evolves all the time, there are many very promising applications and there is plenty of space for further development in different areas.
5.1 Mobile VoIP
First and foremost, there has been a lot of discussion on mobile VoIP. This means that a mobile phone is capable of supporting VoIP calls while connected on a wireless network. Nowadays, there are many mobile devices that have this technology embedded, but because wireless network has very limited coverage, users are restricted to use it only at places where they can have access to wireless networks. As the wireless coverage expands and the number of hotspots multiplies, more and more people tend to perform VoIP calls instead of regular ones because it is much easier and makes significant difference to the final cost. To provide more freedom and better network coverage to users, the issue of adopting a technology similar to Wi-Fi but with more capabilities arises. For this reason WiMAX (Worldwide Interoperability for Microwave Access) networks need to be used. WiMAX is again a wireless network which “is intended for wireless "metropolitan area networks". It provides broadband wireless access (BWA) up to 30 miles (50 km) for fixed stations, and 3 - 10 miles (5 - 15 km) for mobile stations. In contrast, the Wi-Fi wireless local area network standard is limited in most cases to only 100 - 300 feet (30 - 100m).”1 Businesses and customers already benefit from the low cost services that VoIP technology offers. Characteristically it was estimated that nowadays more than 4 million UK citizens are VoIP users, excluding businesses.2 This figure shows how much impact the evolution of this technology will have in everyday life.
5.2 IP PBX
As mentioned earlier, VoIP also plays a significant role on businesses. In particular, these days companies tend to replace their common phone
1 http://www.wimax.com/education, Last accessed:
December 2009
2
http://alliantdatatel.com/2009/10/26/what-does-the-future-hold-for-voip.html, Last accessed: December 2009
lines with VoIP compatible PBX (Private Branch Exchange). PBX is a private branch telephone network that enterprises use. With this, employees use a certain number of external land lines. This way of connection is very cost effective because there is not the need of mapping an external phone line to every employee. The advantage of IP PBX over conventional PBX is the fact that it supports services like video or data but over data networks rather than PSTN.
5.3 Hosted IP communications
Hosted IP communications from a service provider is a voice service targeted for all kinds and sizes of enterprises. This service is available to users independently of their location at the time. This service gives companies the possibility to add new users and new locations or even to move users between locations and implement business plans. As David Perry, the senior manager of Nortel’s Carrier VoIP & Applications Solutions says, because of the global recession this solution is very effective for businesses. This is because with this service enterprises will not need to buy, manage, maintain and upgrade their PBX. Instead, a service provider will be responsible for offering a service package for per-user, per-month fee. These packages will include services concerning call diversion, voicemail, instant messaging, video conferencing and collaboration etc. 3
5.4 IPTV
A very promising future application of VoIP technology is IPTV. This feature is an ambition from Nortel. With this service users will be able to receive calls at home. The TV will automatically pause live broadcasting in order to show to users the details of the caller and allow them to accept the call or send it to voicemail only by pressing a button on the remote control. 3
5.5 Voice-to-text transcription
Another very promising application of VoIP is the conversion of voicemail messages into text so users are able to read their voicemail in a form of text message instead. This way users are able to avoid listen to all their messages in sequence and pressing buttons to interact with the operator. 4
5.6
HD Voice
Finally, a very interesting future feature of VoIP is the incorporation of HD (High Definition) Voice capability into IP phones. HD voice in contrast with simple voice on phones is that audio is twice the rate and it transmits a much wider range of sound
3
http://www.itp.net/542644-the-future-of-voip-where-can-it-take-you, Last accessed: December 2009 4
http://www.voip-news.com/feature/voip-trends-2009-010509/, Last accessed: December 2009
frequencies. In order for this feature to work, end-users need to have devices that support this kind of technology. 4
6. C
ONCLUSION
This paper covered the fundamental issues concerning VoIP and its aim was to inspire readers look further in this very interesting technology. Judging from the architecture and the variety of possible applications of VoIP technology, it is easy to conclude that this technology will play a significant role in many aspects of everyday life. Despite the fact that there are many security issues with this technology, there are plenty of ways to prevent and eliminate them so VoIP continues its growth.
7. R
EFERENCES
[1] S J T Condie et al., ‘VoIP applied – lab bench to multimedia service’, BT Technology Journal, Volume 19, Number 2 / April, 2001, Springer Netherlands, 2004
[2] Upkar Varshney et al., ‘Voice over IP’, Communications of the ACM , Volume 45 Issue 1, ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), January 2002
[3] Vesselin Iossifov et al., ‘Experiences in VoIP telephone network security policy at the University of Applied Sciences (FHTW) Berlin’,
CompSysTech '07: Proceedings of the 2007 international conference on Computer systems and technologies, ACM, June 2007
[4] Federal Communications Commission: http://www.fcc.gov/cgb/consumerfacts/voip.pdf, last accessed: November 2009
[5] Swale, R.P. (2001) ‘VoIP – panacea or PIG’s ear?’ BT Technology Journal, Volume 19, Number 2 / April, 2001, Springer Netherlands [6] International Engineering Consortium:
http://www.iec.org/online/tutorials/h323/index.as p, last accessed November 2009
[7] Ruishan Zhang, et al., (2009) ‘An Empirical Investigation into the Security of Phone Features in SIP-Based VoIP Systems’, vol. 5451/2009, Lecture Notes in Computer Science, Springer Link, pp. 59-70
[8] Insu, K. and Keecheon, K. (2007) ‘Secure Session Management Mechanism in VoIP Service’ Book Series Lecture Notes in Computer Science, vol. 4743/2007, pp. 96-104, Springer Berlin / Heidelberg
[9] Jill Slay, Matthew Simon, ‘Voice over IP Forensics’, e-Forensics '08: Proceedings of the 1st international conference on Forensic applications and techniques in telecommunications, information, and
multimedia and workshop, ICST (Institute for Computer Sciences, Social-Informatics and Telecommunications Engineering), January 2008
[10] Errol A. Blake, ‘Network security: VoIP security on data network--a guide’, InfoSecCD '07: Proceedings of the 4th annual conference on Information security curriculum development,
ACM, September 2007 [11] Microsoft TechNet:
http://technet.microsoft.com/enus/network/bb53 1150.aspx Last Accessed: November 2009
[12] Ahuja, S. R. and Ensor R., (2004) ‘VoIP: What is it good for?’ Queue, Volume 2 Issue 6, ACM [13] Barke, A. (2006) ‘ Intel VoIP over WLAN
Architecture’ WICON '06: Proceedings of the 2nd annual international workshop on Wireless internet, 2-5 August, Boston, MA, US, ACM [14] Thorne, D. J. (2001) ‘VoIP – the access
dimension’ Journal BT Technology Journal, vol. 19, Number 2 / April, 2001, pp. 33-43, Springer Netherlands
