01-11-2016, 03:33 PM
1463108857-ieee.docx (Size: 19.11 KB / Downloads: 5)
Summary
Now a day’s most important aspect of many people and businesses daily is VoIP communication.
In this paper we have discussed attacks on VoIP and other related internet threats and observed that attacks on telephony systems are increasing in huge amounts against them.
In this paper we have discussed the quality of being new and original VoIP specific security architecture. Looking at several methods for the implementation of end user VoIP IDS and centralized event correlation engines we will obtain much more gain in security by maintaining much good performance results. Apart from this we can get better results than stand-alone systems with a combination of end-user and centralized systems.
To check the improvement in security and performance we have to check proposed architecture against VoIP data from the real world networks.
Background
Now a days Voice over IP (Telephone) is widely used and most of the computer networks are often integrated with it. As the computer systems are attacked by virus, worms and some automated agents in the same way VoIP systems also have threat with malicious software. This raises security challenge against such attacks where most of the network intelligence is focused on access environment and edge devices. This paper will discuss use of virtual machines to eliminate vulnerable clients and servers by implementing a VoIP security architecture which evaluates and mitigates malicious traffic. To mitigate attacks on voice over IP we design a new architecture which interacts with the VoIP end users and backend which provides users information about the ongoing and new unknown attacks. This security architecture provides protection for the client entire network by using well known security methods to identify attack on VoIP network. Security architecture uses some associated tools which includes VoIP honeypot to detect attack rate of VoIP systems and retrieves data usage which includes performance and improvement of security.
The purpose of this paper is to provide a new architecture which uses all the known computer security and network type of methods which can detect an attack in any part of the VoIP network such that to improve and give protection for entire networks to the client.
Analysis
The use of regular security measures like protocol independent end to end encryption or secure real time protocol will assist but there may be many reasons which are simple and easy but they do not work often on large scale networks with loads of users which include
• Limiting power end devices processing
• Missing of trust model certificates and keys
• Implementing incompatible protocols
In this paper we will discuss about security of VoIP architecture and tools associated with implementation of honeypot VoIP which is used to get data for rate of attack on VoIP and usage of the systems.
Design of Proposed Architecture
Thispaperwill propose a relevant architecture which when compared to other architectures mainly focuses on attack vectors and systems namely email attachments, websites but our security architecture will examine particular VoIP traffic characteristics as SIP and RTP packets. Apart from this event correlation rules and IDS will be specifically monitored which identifies particular threats which are classified into general classes of attacks.
GoalsandExpected Conclusions:
A VoIP module for interaction honeypot dionaea is developed to get the amount of statistics of VoIP traffic. Main objective of this module is to capture vulnerabilities which are exposed by the services offered by a network and the goal is to retrieve copy of malware.
This module for dionaea is used to expose a SIP server to the network. Python scripting language is used in writing in order to gain flexibility and quick development cycles. This module offers a variety of ways to log the actions by the attackers. This is also used to exchange data between other honeypots
The SIP server which is exposed responds to REGISTER AND OPTIONS requests and will establish multimedia sessions for in response to the INVITE requests. The main goal of the dionaea is to analyze the attacks and the scans of the huge networks such as internet as sophisticated attacks are not common yet on VoIP.