Total views : 1057

A Comprehensive Survey of Security Issues and Defense Framework for VoIP Cloud

Affiliations

  • School of Computing Science and Engineering, VIT University, Chennai - 600127, Tamil Nadu, India

Abstract


Voice over Internet Protocol (VoIP) is an advanced telecommunication technology which transfers the voice/video over high speed network that provides advantages of flexibility, reliability and cost efficient advanced telecommunication features. Still the issues related to security are averting many organizations to accept VoIP cloud environment due to security threats, holes or vulnerabilities. So, the novel secured framework is absolutely necessary to prevent all kind of VoIP security issues. This paper points out the existing VoIP cloud architecture and various security attacks and issues in the existing framework. It also presents the defense mechanisms to prevent the attacks and proposes a new security framework called Intrusion Prevention System (IPS) using video watermarking and extraction technique and Liveness Voice Detection (LVD) technique with biometric features such as face and voice. IPSs updated with new LVD features protect the VoIP services not only from attacks but also from misuses.

Keywords

Defense Mechanisms, Liveness Voice Detection, VoIP Cloud, Voice over Internet Protocol, VoIP Security Issues

Full Text:

 |  (PDF views: 867)

References


  • Hartpence B. Introduction to voice over the internet protocol. Packet Guide to Voice over IP. Oram A, Gulick M, editors. O’Reilly: Sebastopol, CA; 2013.
  • Devi GU, Kaushik KV, Sreeveer B, Prasad KS. VoIP over Mobile Wi-Fi hotspot. Indian Journal of Science and Technology. 2015 Jan; 8(S2):195–9. DOI: 10.17485/ijst/2015/v8iS2/58751.
  • Patinge SA, Soni PD. Metamorphosis in VoIP cloud computing services used in VoIP. International Journal of Application Innovation in Engineering Management. 2013; 2(2):236–9.
  • Mahmood Z. Cloud computing: characteristics and deployment approaches. 11th IEEE International Conference Computer and Information Technology (CIT); Pafos: Cyprus; 2011. p. 121–6.
  • Shyamala K, Rani TS. An analysis on efficient resource allocation mechanisms in cloud computing. Indian Journal of Science and Technology. 2015 May; 8(9):814–21. DOI: 10.17485/ijst/2015/v8i9/50180.
  • Kim D. A survey of balloon networking applications and technologies. Available from: http://www.cse.wustl.edu/~jain/cse570-13/ftp/balloon/index.html. [Cited 2014 Aug].
  • Butcher D, Li X, Guo J. Security challenge and defense in VoIP infrastructures. IEEE Transactions on Systems Man and Cybernetics Part C: Applications Reviews. 2007; 37(6):1152–62.
  • Graves K. Certified ethical hacker study guide, 4th ed. Wiley: Danvers, MA; 2010.
  • Sawada H, Higashimoto T. A mechanical voice system and its adaptive learning for the mimicry of human vocalization. Proceedings IEEE International Symposium on Computational Intelligence Robotics and Automation; Cobe, Japan; 2003. p. 1040–45.
  • Hatkar AA, Varade GA, Hatkar AP. Media access control spoofing techniques and counter measures. International Journal Scientific & Engineering Research. 2012; 2(6):1–5 .
  • Nam SY, Kim D, Kim J. Enhanced ARP: preventing ARP poisoning-based Man-in-the-Middle Attacks. IEEE Communications Letters. 2010; 14(2):187–9.
  • Ma Y. An effective method for defense against IP spoofing attack. IEEE 6th International Conference on Wireless Communications Networking and Mobile Computing (WiCOM); Chengdu: China; 2010. p. 1–4.
  • Barbhuiya FA, Roopa S, Ratti R, Biswas S, Nandi S. An active detection mechanism for detecting ICMP based attacks. IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications; Liverpool: England; 2012. p. 51–58.
  • Haris SHC, Ahmad RB, Ghani MAHA, Wal GM. TCP SYN flood detection based on payload analysis. Proceedings IEEE Student Conference on Research and Development (SCOReD); Putrajaya: Malasia; 2010. p. 149–53.
  • Bardas AG, Zomlot L, Sundaramurthy SC. Classification of UDP traffic for DDoS detection. USENIX 5th International Workshop on Large-Scale Exploits and Emergent Threats (LEET); San Jose: CA; 2012. p. 1–8.
  • Ali FHM, Yunos R, Alias MAM. Simple port knocking method against TCP replay attack and port scanning. IEEE International Conference on Cyber Security. Cyber Warfare and Digital Forensic (CyberSec); Kuala Lumpur: Malasia; 2012. p. 247–52.
  • Stalling W. Transport-level security. Cryptography and Network Security. Horton M, editor, 5th ed., Pearson: Upper Saddle River, NJ; 2011. p. 485–20.
  • Geneiatakis D, Kambourakis G, Lambrinoudakis C, Dagiuklas T, Gritzalis S. A frame for protecting a SIP-based infrastructure against malformed message attacks. Computer Network. 2007; 51(10):2580–93.
  • Zhang G, Pallares JJ, Rebahi Y, Fischer-Hubner S. SIP proxies: New reflectors in the internet. Communications Multimedia Security; Springer : Verlag Heidelberg; 2010.
  • SuM Y, Tsai CH. An approach to resisting malformed and flooding attacks on SIP servers. Journal of Networks. 2015; 10(2):77–84.
  • Hartpence B. The real-time transport protocol and the real-time control protocol. Packet Guide to Voice over IP, Oram A, Gulik M, editors, 1st ed.; O’Reilly: Sebastopol, CA; 2013.
  • Fu D, Shi F. Buffer overflow exploit and defensive techniques. IEEE International Conference on Multimedia Information Networking and Security (MINES); Nanjing, China; 2012. p. 87–90.
  • Ransome JF, Rittinghouse JR. VoIP security risks. VoIP Security, Casey E, editor; Elsevier: Burlington, MA; 2005.
  • Hardening the operating system. Available from: http://cdn.ttgtmedia.com/searchEnterpriseLinux/downloads/466_HTC_Linux_02.pdf. [Citied 2014 Oct].
  • Filiol E. Taxonomy, techniques and tools. Computer Viruses: From Theory to Applications, 1st ed.; Springer: Verlag, France; 2004.
  • Shar LK, Tan HBK. Defeating SQL injection. IEEE Computer: Gender Diversity in Computing. 2013; 46(3):69–77.
  • Natan RB. Application security. Implementing Database Security and Auditing; Elsevier: Burlington, MA; 2005.
  • Mohamed NN, Mashim H, Yussoff YM. Compression and encryption technique on securing TFTP packet. IEEE Symposium on Computer Application Industrial Electronics (ISCAIE); Penang, Malaysia; 2014. p. 198–202.
  • Dinu DD, Togan M. DHCP server authentication using digital certificates. Proceedings IEEE 10th International Conference Communications (COMM); Bucharest, Romania; 2014. p. 1–6.
  • Keromytis AD. A comprehensive survey of Voice over IP security research. IEEE Communications Surveys & Tutorials. 2012; 14(2):514–37.
  • Graves K. Physical site security. Certified Ethical Hacker Study Guide, Parsons K, Carson C, 4th ed.; Wiley: Danvers, MA; 2010.
  • Yang M, WangY, Ding H. Design of WinPcap based ARP spoofing defense system. IEEE 4th International Conference on Instrumentation Measurement Computer, Communication Control (IMCCC); Harbin, Heilongjiang; 2014. p. 221–5.
  • Kaczmarek J, Wrobel MR. Operating system security by integrity checking and recovery using write-protected storage. IET Information Security. 2014; 8(2):122–31.
  • IEEE 802.1X port-based authentication, CISCO. Available from: http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/122SX/configuration/guide/book/dot1x.html#wp1133592. [Cited 2015 Jan].
  • deGraaf R, Aycock J, Jacobson M. Improved port knocking with strong authentication. Proceeding. IEEE 21st Annual Computer Security Applications Conference (ACSAC); Tucson, Arizona; 2005. p. 453–62.
  • Sehgal PK, Nath R. An encryption based dynamic and secure routing protocol for mobile Ad-hoc network. International Journal of Computer Science Security. 2009; 3(1):16–22.
  • Chacon S, Benhaddou D, Gurkan D. Secure Voice over Internet Protocol (VoIP) using Virtual Private Networks (VPN) and Internet Protocol Security (IPSec). IEEE Region 5 Tech. Professional and Student Conference (TPSC); San Antonio: TX; 2006. p. 218–22.
  • Danforth A, Gould K. Method to block unauthorized access to TFTP server configuration files, U.S. Patent 7293282 B2, 2007.
  • Kilinc HH, Yanik T. A survey of SIP authentication and key agreement schemes. IEEE Communications Survey and Tutorials. 2014;16(2):1005–23.
  • Anderson R. Cryptography. Security Engineering: A Guide to Building Dependable Distributed Systems, Long C, 2nd ed., Wiley: Indianapolis, IN; 2008. p. 73–14.
  • Stalling W. Key management and distribution. Cryptography and Network Security. Horton M, 5th ed., Pearson: Upper Saddle River, NJ; 2011. p. 410–43.
  • Liao HJ, Lin CHR, Lin YC, Tung KY. Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications. 2013; 36(1):16–24.
  • Audiopedia. Honeypot (computing). Available from: https://www.youtube.com/watch?v=2fXAw33jOBk. [Cited 2014 Dec].
  • Goel R, Sardana A, Joshi RC. Wireless honeypot: framework, architectures and tools. International Journal of Network Security. 2013; 15(5):373–83.
  • Li Z, Grochulla M, Thormahlen T. Multiple active speaker localization based on audio-visual fusion in two stages. Proceedings IEEE International Conference on Multisensor Fusion Integration Intelligence Systems (MFI); Hamburg: Germany; 2012. p. 262–68.
  • Zhu ZY, He QH, Feng XH, Xiongli Y, Wang ZF. Liveness detection using time drift between lip movement and voice. Proceedings IEEE International Conference on Machine Learning Cybernetics (ICMLC); Tianjin: China; 2013. p. 973–78.
  • Chetty G. Biometric liveness detection based on cross modal fusion. IEEE 12th International Conference on Information Fusion (FUSION). Seattle: WA; 2009. p. 2255–62.

Refbacks

  • There are currently no refbacks.


Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.