Pan African International Conference on Information Science, Computing and Telecommunications (2013)
Securing VoIP Network: An Overview of Applied
Approaches and Analysis
Michael Oche, Student Member IEEE, Mostofa Kamal Nasir, Abubakar Bello Tambawal,
Rafidah Md Noor, Member IEEE
Faculty of Computer Science and Information Technology
University of Malaya, Kuala Lumpur. Malaysia
Abstract - VoIP is becoming more and more popular and as
such a potential target for hackers. Providing security for VoIP
services is therefore pertinent for telecommunications. Without
correct mechanisms to ensure callers’ authentication,
transmission confidentiality and availability of the service,
security of the VoIP users is at risk. The fact that VoIP relies
on IP infrastructure make it vulnerable to any attack that
targets the network. Consequently, whatever may be the
nature of the attack, there is a good chance that the attacker is
capitalizing on a weakness in the VoIP protocol being used.
VoIP is different from other IP services in the sense that its
security is normally treated as one of the service properties
configurable by the user. This article provides an overview of
the VoIP security configuration requirement, aimed at
empowering public VoIP user With the strategies to mitigate
threats.
Keywords: PSTN; Security; Telephony; VoIP
I. INTRODUCTION
Voice over Internet Protocol (VoIP) is a rapidly growing
Internet service. It gained popularity as a way to cut costs of
international telephone connections by transporting voice
over public IP networks [1]. Today it is being implemented
in many IP applications, where it enables direct, and most
time free communication over the Internet to users globally,
for example free Skype to Skype international call. As a
consequence, VoIP technology slowly replaces traditional
telephony. There are numerous attack vectors when dealing
with VoIP, since VoIP depends on the IP infrastructure, any
attack that targets the network can be a potential hazard for
VoIP. Consequently, whatever may be the nature of the
attack, there is a good possibility that the attacker is
capitalizing on a weakness in the VoIP protocol being used.
Providing security for this service is therefore pertinent for
telecommunications. User private information, business
negotiation details or even state secrets could be revealed if
not well protected. Without a correct mechanism to ensure
callers’ Authentication, transmission confidentiality and
service availability, the security of VoIP users are at risk. In
view of this, it is pertinent and imperative to investigate
VOIP security problem and evaluate the service to assure
that moving telephony to a new IP-based platform does not
compromise its security [2]. In most cases “advances and
trends in information technology typically surpass the
104
corresponding realistic security requirements” . This is no
different in case of VoIP. Most efforts were till today
invested in providing more advanced services and
applications, with less attention paid to security. Another
prevailing problem lies in users' perception of VoIP
telephony, the fact that VoIP telephony idea is not
completely new, it follows the exemplification of traditional
telephony and it’s seen by the users as a replacement to
traditional telephony. A replacement users presumed should
provide similar security level. But unfortunately, VoIP is
different, in the sense that its security is usually treated as
one of the service properties configurable by the user. As
such in this paper we reviewed and analyzed basic VOIP
network security requirements, with the aim of empowering
public VoIP users and equipping them with relevant basic
tools or information on how to better secure their VOIP
telephony system.
The rest of the paper is organized as follows. In section 2,
give a detailed review of literature, include the stages of
development of traditional telephony to what is known today
as VoIP. Section 3 described the typical VoIP architecture. In
section 4, basic elements and concepts of a VoIP system was
discussed. Section 5 presents the various mitigation methods
used in securing a VoIP system. And finally in section five
present the summary and future work.
II. LITERAURE REVIEW
Voice over Internet Protocol is a somehow a different
technology, even though an average telecommunication user
know it concerns the Internet and it’s relatively cheap,
he/she probably may not know any details beyond that. The
traditional telephony system since its introduction in 1878
involved three main stages, first it existed in a form of a first
general telephone network which required a constant human
presence to switch and setup call. Later in 1891 [3] Plain
Old Telephone System (POTS) was introduced. POTS
provides for automated switching, which completely
eliminated the need for human presence. In 1970 POTS was
replaced with a more advanced system known as the Public
Switched Telephone Network (PSTN). Unlike POTS, the
PSTN uses digital signals, which allowed voice to be
transmitted as digital signal instead of the analogue signal,
 Pan African International Conference on Information Science, Computing and Telecommunications (2013)
as in the case of POTS. This development made it possible
for services such as fax and other database services to be
offered in addition to voice. The introduction of the PSTN
system marks the beginning of the digital communication
era, and to make communication even more seamless the
new PSTN was made to be compatible with the old POTS
system, which uses lower transmission bandwidth of 4KHz
despite the fact that digital services are transported on
higher frequencies [3]. The higher bandwidth brought about
as a result of digitization in the early 90’s, find their
usefulness in data network access technology. Many
Internet access services, like ISDN, DSL and ADSL were
practicable using the same access lines that were used for
PSTN [4].
III. THE ARCHITECTURE
The acronym VoIP represents, Voice over Internet
protocol, it implies that voice packet is transported using
Figure 1: VoIP/PSTN basic scenarios [5]
Points may cost the client the same amount or in some cases
even less, but in the case of traditional PSTN its different
(calls are charged based on distance). Table 1 shows the
difference in pricing for a three minute call from France and
one national long distance call made within France. It could
be observed that a call to Australia from France using
internet is by far cheaper than a call made using the PSTN
to neighboring Belgium which distance is less compared to
Australia. Also calling from France to Australia using the
Internet is three times cheaper than PSTN to the same
location.
105
Internet Protocol (IP). VoIP differs from the PSTN (a circuit
switched) in its ability to transmit information with no
requirement for full bandwidth reservation. Unlike the
PSTN which, irrespective of the amount of information to
be sent, reserved a full transmission bandwidth. VoIP is
packet switched, information is first divided into packets
before it is being transmitted. Packets may travel in different
route (dynamic routing), in the transported network, as there
is no single reserved path (circuit). As a consequence packet
arrival at the destination may be in a different sequence than
they were sent. Likewise, as there is no guaranteed
bandwidth, some packets may be lost, as the packets are just
simply being transported using the Internet Protocol (IP)
which doesn’t guarantee packet delivery. Voice
transportation using the IP works just the same way, as in
any other application similar to the World Wide Web
(WWW) or email. The internet's tariffing system is based on
a philosophy different from that of the PSTN. Tariffing is
independent of geographical distance between the sender
and receiver. Therefore, transmitting data between any two
Table 1 tariff difference using commercial Internet
telephony and PSTN from France [5].
From – to Internet tel. PSTN
France to US 0.30 US$ 1.58 US$
France to Australia 0.90 US$ 3.48 US$
France to Belgium 1.11 US$ 1.31 US$
Within France (long distance) 1.05 US$ 0.74 US$
 Pan African International Conference on Information Science, Computing and Telecommunications (2013)
Figure 1 shows four scenarios that related to the IP Network
PSTN. Figure 1.1 shows scenario 1, the first VoIP
applications, the application permits voice communication
between two users of the Internet, and it has grown so
popular to an extent that it is now used in many Instant
Messaging (IM) clients, like Skype, Messenger, etc. Voice
transmission over IP works just as any other Internet service
and fully converged with other IM applications. The next
step of VoIP development came with the calls from Internet
users to PSTN fixed subscribers figure 1.2 scenario 2. The
main advantage of such a telecommunication solution is that
information traveled through the Internet as long as possible
and are forwarded to the PSTN at the very end – as close to
the subscriber as possible. Thanks to this, even international
calls are treated as local calls by PSTN provider. The total
cost is considerably diminished [6].
The last two scenarios (figure 1.3 and figure 1.4) might be
used by providers when the need arises (whenever
circumstance requires its implementation). Unquestionably,
there are allot more complicated scenario cases in used, but
they would merely be a variation of the four presented in
Figure1.
IV. PROTOCOLS AND CONCEPTS
While introducing VoIP one has to mention some basic
elements and concepts of a VoIP system. As can be seen in
Figure 2, there are four basic elements of a VoIP System
[6].
• Terminal – In a VoIP environment it refers to the
communication devices end point, usually where
the calls are being terminated. A terminal could
either be software base or hardware based and
could also involve some automatic interaction such
as voice mails.
• Server – server is the focal point of a VoIP system.
Registration of terminals and data information such
as locations and IP are stored in the server. Also
the server performs some other operations such as
setup call routing mechanism, authorization and
accounting operation.
• Gateway – Is the outmost edge of the VoIP
network. It ensures the interoperability of the VoIP
network with other networks, such as converting
voice calls and fax calls between PSTN and IP
network.
• Conference Bridge – For multi point
communication. Allows for the functionality of
several communication points. Because of the high
resource requirement of the conference bridge it is
isolated from the server just as shown in figure 2.
106
IP terminal
(VoIP client)
IP terminal
(VoIP client)
VoIP Server
Gateway
Conference PSTN
bridge PSTN
Terminal
Terminal
VoIP provider
Fig.2: VoIP basic architecture
V. ATTACK VECTORS IN VoIP
The following described some possible attacks that could
be launched on any VoIP system.
A Toll Fraud
Toll fraud is an attack that relates to individuals using
telephone equipment to place unauthorized calls for their
personal gain, for example placing long distance calls for
which they are not permitted, security threat created relates
to integrity. The best approach proposed to mitigate this
attack is by letting VoIP application enforcing authorization
mechanism on IP network and dialing rules to groups of
users for certain times [7].
B. Denial of service (DoS)
DoS in VoIP infrastructure, is an attempt by an attacker to
prevent the phone service from operating within the normal
operating specifications. This could include the inability to
place a call or receive a call, this kind of attack affects
Network availability [8].
C. Eavesdropping
Eavesdropping requires tapping a line or penetrating a
switch. VoIP units share physical network connections with
the data network, and in many cases VoIP and data are on
the same logical portion of the network. Attaching a packet
sniffer to the VoIP network segment makes it easy to
intercept voice traffic [9]
D. Session Initiation Protocol (SIP) Attacks
SIP Attacks attempt to exploit the SIP’s use of well-
know protocol to intercept or manipulate SIP messages.
Such attacks include launching man-in-middle attack,
registration hijacking, message tampering and cancel/bye
attack, all these refer to attacks that affect integrity and
confidentiality [2]
E. Phishing
Phishing is an attack against data privacy, this involve
the victims themselves giving vital personal information
unknowingly to the attacker. It involves a situation whereby
 Pan African International Conference on Information Science, Computing and Telecommunications (2013)
an attacker sending an e-mail to user, the email appears to
be from a legitimate business and asking the user to provide
vital personal information on a web page, such as social
security number, bank or credit card and many more. And
later uses this information for fraudulent purposes [10].
VI. METHOD OF SECURING VoIP NETWORK
Much of the IP telephone infrastructure relies on a Call
Manager (CM) which is a software-based call-processing
component of an IP telephony solution. And so, to
successfully secure the IP phone, certain service properties
need to be configured by the user. Below are some
configuration and approaches required to mitigating VoIP
network security threats [11].
A. Discovery Protocol Sniffing
If an attacker is an insider or already has partial access to
one internal network, there are varieties of passive host
discovery techniques specific to a VoIP deployment that he
can perform. For example, Cisco Discovery Protocol (CDP)
[12] is a proprietary layer 2 network management protocol
built into most Cisco networking devices, including VoIP
phones. CDP is used particularly in a call manager
environment to discover and remove IP phones
dynamically, for dynamic allocation of VLANs to IP
phones’ and other management functions. CDP packets are
broadcast on the local Ethernet segment and contain a
wealth of useful reconnaissance, information about the
device that are transmitted in plain text, information such as
IP address, software versions, and VLAN assignments.
Most network sniffers can easily decode CDP traffic, Cisco
recommends turning off CDP on Cisco devices especially
where the environment is mostly static. However, in a VoIP
environment CDP can offer so much management
functionality that keeping it enabled where absolutely
necessary might be an acceptable trade-off. But from a strict
security perspective, however CDP can provide attackers
with a wealth of data about ones network and should be
disabled. Also Cisco switches and routers have security
feature called DHCP snooping that will cause the device to
act as a DHCP firewall/proxy between trusted and untrusted
network interfaces [11].
B. Protecting a VoIP Network with Security Appliances
Security appliances such as firewalls and VPN
termination devices also can be used to protect voice
networks. However, one challenge of protecting voice
networks with a firewall is that the administrator is not sure
of the UDP ports that could be used to transmit the RTT
voice packets. For example, in a Cisco environment a UDP
port for an RTP stream typically is an even number port
selected from the range of 16,384 to 32, 767. Opening this
entire range of potential ports could open unnecessary
security hole. But Cisco firewalls such as the PIX and
Adaptive security appliance (ASA) firewalls solve this
problem, because Cisco firewalls can dynamically inspect
107
call setup protocol traffic e.g. H.323 traffic to learn the UDP
port to be used for RTP flows. The firewall then temporarily
opens those UDP ports for the duration of the RTP
connection [13].
C. Hardening Voice Endpoints and Application Services
IP web access parameter in IP phones should be changed
from enabled to disabled, this is to prevent an attacker from
gaining access to a collection of configuration information
which are freely available by pointing a web browser to the
IP address of the IP phone. Also to prevent man-in-the-
middle attack, the gratuitous ARP setting should be changed
from enable to disable. By disabling the gratuitous ARP
feature, can prevent an IP phone from believing unsolicited
address resolution protocol (ARP) replies, which potentially
could have come from an attacker claiming to be the next-
hop gateway to the IP phone. Aside from voice end points,
other popular attack target on voice networks includes
application servers, such as UCM server and below are
some some hardening recommended for mitigation [14], :
• Enabling port security on switches to help mitigate
ARP spoofing. Port security is a mechanism that
allows one to allocate a legitimate MAC address of
known server and devise ahead of time specific to
each port on the switch. Thus, access to an
Ethernet, fast Ethernet, or Gigabit Ethernet port
when the MAC address detected is not on the
preassigned list should be blocked. This will help
prevent ARP spoofing attack.
• Dynamically restrict Ethernet port access with 802-
1x port Authentication. Enabling the 802.1x port
authentication protects against physical attacks,
such a situation where an attacker walking around
inside the organization plugs a laptop into an
empty network jack in order to sniff traffic.
• Enabling DHCP snooping to prevent DHCP
spoofing. DHCP snooping is a feature that blocks
DHCP responses from ports that don’t have DHCP
servers associated with them. This prevents man-
in-the-middle attack, a situation where a hacker
reroute traffic to his machine by masquerading as a
valid DHCP server. Also traffic entries should be
put in the DHCP-snooping binding table to be used
with the dynamic ARP inspection, and IP source
guard that does not use DHCP [14].
• IP source guard should be Configured on catalyst
switches. The IP source guard (IPSG) feature uses
DCHP snooping to prevent IP snooping on the
network, by closely watching all DHCP IP
allocations. The switch only allows valid IP
address that has been allocated by the DHCP server
to a particular port. This feature prevents an
attacker from spoofing an IP address on the local
segment.
• The default native VLAN value should be changed
to thwart VLAN hopping. Most switches come
 Pan African International Conference on Information Science, Computing and Telecommunications (2013)

installed with a default native VLAN ID of VLAN
1. Because attackers can sometimes perform
VLAN hopping attacks if they know the VLAN
IDs ahead of time, it is usually a good idea to never
use VLAN1 for any traffic. It is recommended to
change the default native VLAN ID for all traffic
going through the switch, from VLAN1 to
something hard to guess [15].
D. Protecting a VOIP with Auxiliary LANs
Voice and data networks should be segmented with
logically separate VLANs. This will help restrict access to
the phones and critical servers. A fundamental approach to
protecting voice traffic from attackers is to place it in a
VLAN separated from data traffic, this voice VLAN is often
called an auxiliary VLAN. VLAN separation alone protects
voice traffic from a variety of layer 2 attacks. For example,
an attacker would be unable to launch a man-in-the-middle
attack against the IP phone’s next-hop gateway. Such an
attack will be mitigated, because the attacker’s PC would be
connected to a data VLAN while the IP phone is connected
to the auxiliary VLAN. [13].
eliminated with the use of existing security measures.
Correct deployment of available security solutions can make
VoIP a service with security level very close to those known
from the PSTN, while keeping all its advantages, like
advanced services such as user control, flexibility and lower
costs. However, the biggest problem of VoIP system is that
those security solutions are actually seldom deployed. This
problem regards most of all, end users. The truth is that
most of the users do not have any idea about VoIP security
threats and countermeasures, and to make it even worse,
they do not want to know. More serious threats to VoIP
system may be realized due to weak end-devices protection
or lack of encryption. Both are caused by users' lack of
expertise and knowledge. It is, however, difficult to expect
the user to be a specialist in VoIP technology just to make a
phone call. Any service or application that is being offered
in public network should be simple and the security taken
care of by the provider. In the future researchers need to
research on better VoIP security measure that does not
involve the end user participation in the security process.
ACKNOWLEDGEMENTS

The authors would like to thank the High Impact Research

VII. CONCLUSION & FUTURE WORK of University of Malaya and Ministry of Higher Education
of Malaysia (UM.C/HIR/MOHE/FCSIT/09) for their
There are many security requirements, but from among support.
them in this paper only a few most important ones have
been chosen to describe VoIP networks: The bottom line of
the security solutions analysis is, though there are some
attacks that are extremely difficult to handle, most may be

Table 2. Summaries of mitigating methods.

Attack Mitigation
Using auxiliary VLANs
Using Firewall
Description
Auxiliary LANs transport voice traffic in a different VLAN from data traffic. This
improves voice transmission quality and assist in securing voice traffic from layer two
attacks.
Effective use of firewalls could prevent potential harmful traffic from entering a voice
network while dynamically opening suitable UDP port number of distinctive RTP flows.

Employing IPSec-protected Employing IPSec-protected VPNs to mitigate against voice signal and media packet
VPNs interception or modification.

To prevent attackers from using the web access to IP phone, to gain knowledge of other
Disabling Web Access servers such as the DHCP server, DNS and UCM server IP addresses, the web access to IP
phones should be disabled. By default this is usually enabled.

Disabling gratuitous ARP (GARP), can check against man-in-the-middle attack. This will
Disabling Gratuitous ARP prevent an attacker from sending unsolicited ARP replies to the IP phone’s next-hop
gateway in the attacker’s PC MAC address

Unneeded services such as TFTP service on a UCM server that is not acting as a TFTP
Disabling Unneeded Services
server should be disabled to close any potential security holes that might exist in a system.

108
 Pan African International Conference on Information Science, Computing and Telecommunications (2013)

Figure 3 Summaries of Threat Taxonomy.

REFERENCES

[1] A. D. Keromytis, "A Comprehensive Survey of Voice
over IP Security Research," Communications
Surveys & Tutorials, IEEE, vol. 14, pp. 514-537,
2012.
[2] D. R. Kuhn, et al., "Security considerations for voice
over IP systems," NIST special publication, pp.
800-58, 2005.
[3] K. B. Otterstedt, "Risk analysis on VoIP systems," MSc
thesis, University of Iceland, 2011.
[4] Digital subscriber line. Available:
http://en.wikipedia.org/wiki/Digital_subscriber_lin
e 553)," 2008.
[5] O. Eng, "Unclassified DSTI/ICCP/TISP(97)3/FINAL,"
1998.
[6] S. Niccolini, et al., "IP Telephony Cookbook," ed:
TERENA, 2004.
[7] P. Rowe, "VOIP-extra threats in the converged
environment," Network security, 2005.
[8] P. Hunter, "VOIP the latest security concern: DoS attack
the greatest threat," Network security, vol. 2002,
pp. 5-7, 2002.
[9] E. Edelson, "Voice over IP: security pitfalls," Network
security, vol. 2005, pp. 4-7, 2005.
[10] J. Hong, "The state of phishing attacks,"
Communications of the ACM, vol. 55, pp. 74-81,
2012.
[11] D. Endler and M. Collier, Hacking Exposed VoIP:
Tata McGraw-Hill Education, 2007.
[12] H. Abdelnur, et al., "Assessing the security of VoIP
Services," in Integrated Network Management,
2007. IM'07. 10th IFIP/IEEE International
Symposium on, 2007, pp. 373-382.
[13] M. Watkins and K. Wallace, "CCNA Security
Official Exam Certification Guide (Exam 640-
[14] T. J. Walsh and D. R. Kuhn, "Challenges in securing
voice over IP," Security & Privacy, IEEE, vol. 3,
pp. 44-49, 2005.
[15] I. Dacosta, et al., "Security Analysis of an IP Phone:
Cisco 7960G," in Principles, Systems and
Applications of IP Telecommunications. Services
and Security for Next Generation Networks. vol.
5310, H. Schulzrinne, et al., Eds., ed: Springer
Berlin Heidelberg, 2008, pp. 236-255.

109