A Comprehensive Survey of Security Issues and Defense Framework for VoIP Cloud

Voice over Internet Protocol (VoIP) is an advanced telecommunication technology which transfers the voice/video over high speed network that provides advantages of flexibility, reliability and cost efficient advanced telecommunication features. Still the issues related to security are averting many organizations to accept VoIP cloud environment due to security threats, holes or vulnerabilities. So, the novel secured framework is absolutely necessary to prevent all kind of VoIP security issues. This paper points out the existing VoIP cloud architecture and various security attacks and issues in the existing framework. It also presents the defense mechanisms to prevent the attacks and proposes a new security framework called Intrusion Prevention System (IPS) using video watermarking and extraction technique and Liveness Voice Detection (LVD) technique with biometric features such as face and voice. IPSs updated with new LVD features protect the VoIP services not only from attacks but also from misuses.

[1]  Mihai Togan,et al.  DHCP server authentication using digital certificates , 2014, 2014 10th International Conference on Communications (COMM).

[2]  Lwin Khin Shar,et al.  Defeating SQL Injection , 2013, Computer.

[3]  R.B. Ahmad,et al.  TCP SYN flood detection based on payload analysis , 2010, 2010 IEEE Student Conference on Research and Development (SCOReD).

[4]  Ming-Yang Su,et al.  An Approach to Resisting Malformed and Flooding Attacks on SIP Servers , 2015, J. Networks.

[5]  Driss Benhaddou,et al.  Secure voice over Internet Protocol (voIP) using virtual private networks (VPN) and Internet Protocol Security (IPSec) , 2006, 2006 IEEE Region 5 Conference.

[6]  Hideyuki Sawada,et al.  A mechanical voice system and its adaptive learning for the mimicry of human vocalization , 2003, Proceedings 2003 IEEE International Symposium on Computational Intelligence in Robotics and Automation. Computational Intelligence in Robotics and Automation for the New Millennium (Cat. No.03EX694).

[7]  Costas Lambrinoudakis,et al.  A framework for protecting a SIP-based infrastructure against malformed message attacks , 2007, Comput. Networks.

[8]  Zhifeng Wang,et al.  Liveness detection using time drift between lip movement and voice , 2013, 2013 International Conference on Machine Learning and Cybernetics.

[9]  Ramesh Chandra Joshi,et al.  Wireless Honeypot: Framework, Architectures and Tools , 2013, Int. J. Netw. Secur..

[10]  Chun-Hung Richard Lin,et al.  Intrusion detection system: A comprehensive review , 2013, J. Netw. Comput. Appl..

[11]  John W. Rittinghouse,et al.  VoIP Security Risks , 2005 .

[12]  Fakariah Hani Mohd Ali,et al.  Simple port knocking method: Against TCP replay attack and port scanning , 2012, Proceedings Title: 2012 International Conference on Cyber Security, Cyber Warfare and Digital Forensic (CyberSec).

[13]  Santosh Biswas,et al.  An Active Detection Mechanism for Detecting ICMP Based Attacks , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[14]  Girija Chetty,et al.  Biometric liveness detection based on cross modal fusion , 2009, 2009 12th International Conference on Information Fusion.

[15]  Angelos D. Keromytis,et al.  A Comprehensive Survey of Voice over IP Security Research , 2012, IEEE Communications Surveys & Tutorials.

[16]  Zaigham Mahmood Cloud Computing: Characteristics and Deployment Approaches , 2011, 2011 IEEE 11th International Conference on Computer and Information Technology.

[17]  John Aycock,et al.  Improved port knocking with strong authentication , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[18]  Desheng Fu,et al.  Buffer Overflow Exploit and Defensive Techniques , 2012, 2012 Fourth International Conference on Multimedia Information Networking and Security.

[19]  Simone Fischer Hübner,et al.  SIP Proxies: New Reflectors? Attacks and Defenses , 2010 .

[20]  Ge Zhang,et al.  SIP Proxies: New Reflectors in the Internet , 2010, Communications and Multimedia Security.

[21]  Thorsten Thormählen,et al.  Multiple active speaker localization based on audio-visual fusion in two stages , 2012, 2012 IEEE International Conference on Multisensor Fusion and Integration for Intelligent Systems (MFI).

[22]  G. Usha Devi,et al.  VoIP over Mobile Wi - Fi Hotspot , 2015 .

[23]  Ross J. Anderson Security engineering - a guide to building dependable distributed systems (2. ed.) , 2001 .

[24]  Michal R. Wróbel,et al.  Operating system security by integrity checking and recovery using write-protected storage , 2014, IET Inf. Secur..

[25]  Xinming Ou,et al.  Classification of UDP Traffic for DDoS Detection , 2012, LEET.

[26]  Tugrul Yanik,et al.  A Survey of SIP Authentication and Key Agreement Schemes , 2014, IEEE Communications Surveys & Tutorials.

[27]  Yusnani Mohd Yussoff,et al.  Compression and encryption technique on securing TFTP packet , 2014, 2014 IEEE Symposium on Computer Applications and Industrial Electronics (ISCAIE).

[28]  Yunji Ma An Effective Method for Defense against IP Spoofing Attack , 2010, 2010 6th International Conference on Wireless Communications Networking and Mobile Computing (WiCOM).

[29]  Bruce Newsome Physical (Site) Security , 2014 .

[30]  Dongwon Kim,et al.  Enhanced ARP: preventing ARP poisoning-based man-in-the-middle attacks , 2010, IEEE Communications Letters.

[31]  K. Shyamala,et al.  An Analysis on Efficient Resource Allocation Mechanisms in Cloud Computing , 2015 .

[32]  Jinhua Guo,et al.  Security Challenge and Defense in VoIP Infrastructures , 2007, IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews).