VoIP Security: Attacks and Countermeasures

There are numerous types of attacks, for some details see [Dwivedi 2008], [Park 2008], [Endler 2006].

Note that Denial of Service (DoS) is a major attack form against VoIP (as well as other IP based services) - this could be done by flooding a node or nodes with SIP messages, sending malformed packets (“fuzzing”), .

Some other types of attacks:

BYE attack: Attacker sends a SIP BYE to terminate a session
CANCEL attack: Attacker sends a SIP CANCEL to a proxy between the caller and callee, canceling the session setup in progress
Registration manipulation and call hijacking
Media hijacking
Directory enumeration (for example, to find targets)
An attacker might also access a VoIP gateway to steal/abuse services.

For further details of some of these (along with tools which implement them), see [Trammell 2007].

Slide Notes

Himanshu Dwivedi, Hacking VoIP: Protocols, Attacks, and Countermeasures, No Starch Press, illustrated edition, March 21, 2008, 220 pages, ISBN-10: 1593271638 or ISBN-13: 978-1593271633

Patrick Park. Voice over IP Security, Cisco Press; 1 edition, September 19, 2008, 384 pages, ISBN-10: 1587054698 or ISBN-13: 978-1587054693

David Endler and Mark Collier, Hacking Exposed VoIP: Voice Over IP Security Secrets & Solutions, McGraw-Hill Osborne Media; 1 edition, November 28, 2006, 539 pages, ISBN-10: 0072263644 or ISBN-13: 978-0072263640

Dustin D. Trammell, VoIP Attacks!, Slides from a talk at Computer Security Institute Annual Conference (CSI 2007), 6 November 2007 http://druid.caughq.org/presentations/VoIP-Attacks.pdf

Transcript

[slide420] There are lots and lots of security attacks and countermeasures. One of the biggest problems today is the problem of denial of service. So people have been trying to understand how you can prevent this, and there's all sorts of attacks that people have been doing.