Home

A Look at VoIP Vulnerabilities

Angelos D. Keromytis

Title:
A Look at VoIP Vulnerabilities
Author(s):
Keromytis, Angelos D.
Date:
Type:
Articles
Department:
Computer Science
Volume:
35
Permanent URL:
Book/Journal Title:
;login:
Abstract:
Voice over IP (VoIP) and Internet Multimedia Subsystem (IMS) technolo¬gies offer higher flexibility than traditional telephony infrastructures and the potential for lower cost through equipment consoli¬dation and new business models. In this article, I examine the current state of affairs on VoIP/IMS security through a survey of all the 221 known/disclosed security vulner¬abilities in the Common Vulnerabilities and Exposures (CVE) database and in IETF RFCs/drafts. My key finding is that the higher complexity of VoIP/IMS systems leads to a variety of attack vectors, many of them caused by unforeseen and unexpected com¬ponent interactions. A second finding is that what people seem to worry about in VoIP (traffic interception and impersonation) bears no resemblance to the distribution of vulnerabilities actually disclosed. The article concludes with some practical suggestions for securing VoIP systems.
Subject(s):
Computer science
Item views:
256
Metadata:
text | xml

In Partnership with the Center for Digital Research and Scholarship at Columbia University Libraries/Information Services | Terms of Use