Abstract— The increasing demand of Voice Over Internet Protocol (VOIP)
and its support to internet made it as a mainstream and being
implemented with a large number of service providers and networks. The integration
of security standards with SIP based VOIP we have to check the effects of
firewall & VPN techniques which should maintain quality to the business
environment. The main goal is to understand the capabilities and to identify
gaps in addressing the vulnerabilities in present VoIP systems. The specific
problem like (Denial of Service (DoS) and Service Abuse) are major
vulnerabilities considered during implementation of VOIP systems in enterprise.
This paper,address the issue of denial of service attacks and its
vulnerabilities which targeting the hardware and software of voice over IP
servers or by misusing specific signaling protocol features. As a signaling
protocol we investigate here the Session Initiation Protocol.
Terms—voice over Internet Protocol (VOIP), Session Initiation Protocol (SIP),
Denial of Service (DoS).
VOICE OVER Internet Protocol (VOIP) is one of the fastest growing Internet
applications. VOIP is a technology that allows users to make telephone calls
using a broadband Internet connection instead of an analog phone line. VOIP
holds great promise for lowering the cost of telecommunications and increasing
the flexibility for both businesses and individuals. VOIP leverages existing
IP-based packet-switched networks to replace the circuit-switched networks used
for voice communications since the invention of the telephone as shown in
In an open environment such as the Internet,
mounting an attack on a telephony server is, however, much simpler. This is due
to the fact that (VOIP) services are
based on standardized and open technologies using servers reachable through the
Internet, implemented in software and provided often over general-purpose
computing hardware. Such services can suffer from similar security threats as
HTTP-based services. Instead of generating thousands of costly voice calls, the
attacker can easily send thousands of
VOIP invitations in a similar
manner to attacks on Web servers. These attacks are simple to mount and, with
flat rate Internet access, are also cheap.
(a) Typical VoIP network structure.
Denial-of-Service (DoS) attacks are explicit
attempts to disable a target thereby preventing legitimate users from making
use of its services. DoS attacks continue to be the main threat facing network
operators. As telephony services move to Internet Protocol (IP) networks and
Voice over IP (VOIP) becomes more prevalent across the world, the Session
Initiation Protocol (SIP) infrastructure components, which form the core of
VoIP deployments, will become targets in order to disrupt communications, gain
free services, or simply to make a statement. Since DoS attacks are attempts to
disable the functionality of the target, as opposed to gaining operational
control, they are much more difficult to defend against than traditional
invasive exploits, and are practically impossible to eliminate.
Fig. 1: (b) Voice data processing
of the VOIP.
To make things worse, attackers have developed
tools to coordinate distributed attacks from many separate sites, also known as
distributed denial of service (DDoS) attacks. Besides launching brute force
attacks by generating a large number of useless VoIP calls, attackers can use
certain features of the used VoIP protocol to incur higher loads at the
servers. This might involve issuing requests that must be authenticated,
require database lookups by the VoIP servers, or cause an overhead at the
servers in terms of saved state information or incurred calculations.
In this paper, session initiation protocol is used
for investigating possibilities of launching denial of service attacks on SIP
servers and proposes preventing ways which reduce the effects of such attacks.
The Session Initiation Protocol (SIP) is establishing itself as the standard
for VoIP services in the Internet and next generation networks. SIP is a
text-based protocol designed to establish or terminate a session between two
partners. The message format is similar to HTTP, with message headers and