Andy Huckridge

Test for VoIP security

Converge Magazine. July 1st, 2006

The growing popularity of IP telephony services is stimulating concern over VoIP security, with potential security threats including attacks that disrupt service and attacks that steal confidential information. Denial-of-service (DoS) attacks, viruses, worms and legal, but unwanted, spam impact the quality of VoIP services or make them unavailable. DoS attacks can be specific to known VoIP protocols or applications, or they can be general in nature.

Given the distributed nature of VoIP networks, there is also the potential for intruders to eavesdrop on confidential phone conversations. Attackers might try to monitor the signaling to track call patterns and discover identity, affiliation, presence and usage of callers. Or, the data stream itself might be recorded. Calls also can be hijacked to gain access to private information exchanged during sessions between a VoIP endpoint and the network. The hijacked transactions may be signaling, media or both.

The sophistication of security testing for these next generation telephony networks should ensure that VoIP networks can withstand real-world conditions. Furthermore, VoIP security testing should move beyond mere conformance testing and into performance-centric testing.

At a basic level, VoIP security testing should establish that the equipment conforms to the high-level call-signaling protocols, either H.323 or session initiation protocol, that define VoIP networks. If the technology does not meet the specifications, it opens loopholes that can be exploited by hackers.

Testing should be performed under real-world, voice-stream load generation to assess the robustness of the network. Many VoIP network components may maintain a secure posture under artificially light traffic loads generated in a test environment, but fail under the strain of live service deployment. Meeting the specification with conformance testing and assuring the network will not fail under real-world traffic loads are minimal standards for network security.

Advances in security testing mirror those in voice-quality testing. The key to assuring network performance is drilling down from the high-level VoIP signaling protocols to test specific layers and component standards that address security, user authentication and encryption. An effective security testing methodology should analyze at the media and transport layers, as well as the signaling layer.

Security test capabilities will move beyond gateway signaling and begin testing implementations of transport layer security (TLS) and secure real-time protocol (SRTP) that address the transport layer and the media stream, respectively. The TLS standard provides authentication on both ends of a VoIP call to counter DoS and flooding attacks. The SRTP standard encrypts the transmitted data or the conversation part of the VoIP call to prevent eavesdropping.

Although security testing is a natural follow-on to voice-quality assurance testing in stimulating market adoption of VoIP telephony, security measures place additional burdens on network performance. IT managers should deploy more intelligent firewalls that are VoIP aware, along with other deep-packet inspection engines, such as intrusion-detection and intrusion-prevention systems to ensure that malicious traffic does not impact communications.

Testing is necessary to properly assess the latency impact that this additional inspection is adding to the network. Delay and jitter are the two biggest impacts on VoIP voice quality. Here again, real-world testing should emulate high loads of converged traffic.

Andy Huckridge is product marketing manager at Spirent Communications