VoIP Security: Vulnerabilities, Exploits, and Defenses
作者: Xinyuan Wang , Ruishan Zhang
DOI: 10.1016/B978-0-12-385514-5.00001-X
关键词: Mobile communications over IP 、 Voice over IP 、 Telephony 、 Landline 、 Softswitch 、 Information sensitivity 、 Computer security 、 Computer science 、 The Internet 、 Telephone network
摘要: Abstract Telephone network is an important part of the critical information infrastructure. Traditional Public Switched Telephony Network (PSTN) has been shown to be reliable and hard tampered with by normal people. The general public put a lot trust on landline telephone, they are relying voice communication for many sensitive (e.g., emergency 911 calls, calls financial institutions) exchange. Voice over IP (VoIP) emerging technology that allows carried Internet instead traditional PSTN. While more shifting from PSTN VoIP, most people not aware security vulnerabilities introduced VoIP keep trusting same as In this chapter, we systematically study issues present state art security. Specifically, discuss requirements people's expectations existing mechanisms. We identified known potential exploits those vulnerabilities. only impact infrastructure itself but also implications users. inherent technical challenges open problems in securing VoIP.
sci-hub.se 参考文章(14)
Dipak Ghosal, Brennen Reynolds, Secure IP Telephony using Multi-layered Protection. network and distributed system security symposium. ,(2003)
F. Andreasen, B. Foster, Media Gateway Control Protocol (MGCP) Version 1.0 RFC. ,vol. 3435, pp. 1- 210 ,(2003)
J. Arkko, A. Niemi, G. Camarillo, V. Torvinen, T. Haukka, Security Mechanism Agreement for the Session Initiation Protocol (SIP) RFC. ,vol. 3329, pp. 1- 24 ,(2003)
Radmilo Racic, Denys Ma, Hao Chen, Exploiting MMS Vulnerabilities to Stealthily Exhaust Mobile Phone's Battery 2006 Securecomm and Workshops. pp. 1- 10 ,(2006) , 10.1109/SECCOMW.2006.359550
SIP: Session Initiation Protocol RFC3261. ,vol. 2543, pp. 1- 151 ,(2002) , 10.1201/9781420070910-13
V. Jacobson, R. Frederick, H. Schulzrinne, S. Casner, RTP: A Transport Protocol for Real-Time Applications RFC 1889. ,vol. 1889, pp. 1- 104 ,(2003)
J. Franks, P. Hallam-Baker, A. Luotonen, S. Lawrence, J. Hostetler, L. Stewart, P. Leach, HTTP Authentication: Basic and Digest Access Authentication RFC2617. ,vol. 2617, pp. 1- 34 ,(1999)
H. Sengar, D. Wijesekera, Haining Wang, S. Jajodia, VoIP Intrusion Detection Through Interacting Protocol State Machines dependable systems and networks. pp. 393- 402 ,(2006) , 10.1109/DSN.2006.73
Antonio Nappa, Aristide Fattori, Marco Balduzzi, Matteo Dell’Amico, Lorenzo Cavallaro, Take a deep breath: a stealthy, resilient and cost-effective botnet using skype international conference on detection of intrusions and malware and vulnerability assessment. pp. 81- 100 ,(2010) , 10.1007/978-3-642-14215-4_5
William Enck, Patrick Traynor, Patrick McDaniel, Thomas La Porta, Exploiting open functionality in SMS-capable cellular networks Proceedings of the 12th ACM conference on Computer and communications security - CCS '05. pp. 393- 404 ,(2005) , 10.1145/1102120.1102171