Signaling for Internet Telephony
ICNP '98 Proceedings of the Sixth International Conference on Network Protocols
DSN '04 Proceedings of the 2004 International Conference on Dependable Systems and Networks
Tracking anonymous peer-to-peer VoIP calls on the internet
Proceedings of the 12th ACM conference on Computer and communications security
Exploiting open functionality in SMS-capable cellular networks
Proceedings of the 12th ACM conference on Computer and communications security
VoIP Intrusion Detection Through Interacting Protocol State Machines
DSN '06 Proceedings of the International Conference on Dependable Systems and Networks
An overview of some techniques to exploit VoIP over WLAN
ICDT '06 Proceedings of the international conference on Digital Telecommunications
Billing attacks on SIP-based VoIP systems
WOOT '07 Proceedings of the first USENIX workshop on Offensive Technologies
SIP security issues: the SIP authentication procedure and its processing load
IEEE Network: The Magazine of Global Internetworking
On the feasibility of launching the man-in-the-middle attacks on VoIP from remote attackers
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
An Empirical Investigation into the Security of Phone Features in SIP-Based VoIP Systems
ISPEC '09 Proceedings of the 5th International Conference on Information Security Practice and Experience
A Survey of Voice over IP Security Research
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Model-checking DoS amplification for VoIP session initiation
ESORICS'09 Proceedings of the 14th European conference on Research in computer security
On the billing vulnerabilities of SIP-based VoIP systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
The impact of TLS on SIP server performance
Principles, Systems and Applications of IP Telecommunications
The impact of TLS on SIP server performance: measurement and modeling
IEEE/ACM Transactions on Networking (TON)
| Hi-index | 0.00 |
Voice communication is fundamental to the normal operation of our society. The general public have put a lot of trust in voice communication and they have been relying on it for many critical and sensitive information exchange (e.g., emergency 911 calls, calls to customer service of financial institutions). Now more and more voice calls are carried, at least partially, over the public Internet rather than traditional Public Switched Telephone Network (PSTN). The security ramifications of using VoIP, however, have not been fully recognized. It is not clear how secure and trustworthy the currently deployed VoIP systems are, and there exists a substantial gap in the understanding of the potential impact of VoIP exploits on the VoIP users. In this paper, we seek to fill this gap by investigating the trust issues of currently deployed VoIP systems and their implications to the VoIP users. Our experiments with leading deployed VoIP services (e.g, Vonage, AT&T and Gizmo) show that they are vulnerable to a number of VoIP exploits that essentially violate the VoIP users' basic trust that their calls will reach their intended destinations only. Specifically, a MITM (man-in-the-middle) can 1) detour any chosen Vonage and AT&T VoIP call via anywhere on the Internet; 2) redirect any selected Vonage and AT&T VoIP call to any third party without authorization; 3) manipulate and set the call forwarding setting of any selected Gizmo VoIP subscriber without authorization. Such an unauthorized call diversion capability enables a new attack, called voice pharming, against VoIP users, where the attacker transparently diverts selected VoIP calls to the bogus IVR (interactive voice response) or bogus representative. In other words, voice pharming can cause selected VoIP callers to interact with the bogus IVR or representative even if they have dialed the correct phone numbers. Therefore, even the most meticulous VoIP caller could be tricked into giving out sensitive information (e.g., SSN, credit card number, PIN) to the adversary. To mitigate such imminent threats to current VoIP users, all segments along the VoIP path need to be protected and trustworthy. Our experience shows that enforcing TLS or IPSEC between the SIP phone and SIP servers could be an effective first step toward mitigation.