We assume that (1) we can monitor the Skype °ow from the black box to the Skype peer; (2) we can perturb the timing of the Skype °ow from the Skype peer to the black box.
Here we do not intend to track all the peer-to-peer VoIP calls from anyone to anyone, nor do we assume the global monitoring and intercepting capability. Instead we focus on ¯nding out if some parties in which we are interested have communicated via peer-to-peer VoIP calls anonymously, and we only need the capability to monitor and intercept IP °ows to and from those interested parties. This model is consistent with our understanding of the common practice of lawful electronic surveillance by the law enforcement agencies. Because the Skype VoIP °ows are encrypted from end to end, no correlation could be found from the °ow content.
Given that the Skype VoIP °ow could pass some intermediate Skype peers and some low latency anonymizing network, there is no correlation from the VoIP °ow headers. Among all the characteristics of the VoIP °ows, the inter-packet timing characteristics are likely to be preserved across intermediate Skype peers and low latency anonymizing network. This invariant property of VoIP °ows forms the very foundation for tracking anonymous, peer-to-peer VoIP calls on the Internet.
Source: gmu.edu
]]>With 2005 declared as the Voice over IP (VoIP) year and with predictions of fairly large budgets attributed to VoIP projects in the near future, this technology seems set to replace classic, circuitbased telephony in the near future. Even if they serve the same purpose, VoIP has a very different architecture from classic telephony.
In VoIP networks voice and signalling are multiplexed and travel as normal data inside LANs, WANs or the Internet whereas in classical telephony each conversation has a private, physical, circuit and a dedicated infrastructure that serves only for its transmission. VoIP sound is sampled, quantified, encoded with an appropriate codec and streamed over traditional network architectures. It is and it behaves as normal IP data but at the same time has to obey to the rules imposed by classical telephony in terms of quality of service and availability. Developing a robust architecture that respects all these constraints and is secure is not an easy task, and the fact that many companies have implemented and tried to impose proprietary architectures has added a factor of uncertainty to the strength of this new technology. In the last period however, major companies and institutions have joined in a common effort to create a basic robust standard for VoIP architectures, and security beneficed from a special emphasis with the creation of such projects as VoIPSA.
As with many new technologies, VoIP introduces new security risks and new opportunities for attack. Inheriting from both networks and telephony, VoIP is subject to security issues coming from both areas. Classical telephony security issues involving signalling protocol manipulations, phreaking (see [4] for more details) as it was dubbed in the seventies, find their mirror in VoIP specific protocol manipulations. The main purpose remains the same: fraud. Network security issues on the counterpart are far more complex and offer larger perspectives of attack than traditional phreaking. From physical layer to faulty applications, all network security items are relevant to VoIP security. In terms of exposure, the transport of voice data over the Internet, a highly insecure and unreliable environment, multiplies the attack surface and will surely lead to more attacks on this technology. Furthermore, the synergies of these two aspects of VoIP emerge to add new security threats such as signalling protocols Denial of Service.
Source: VoIP Security – A layered approach
]]>The powerful SIP client-server application supports user mobility with two operating modes: proxy and redirect. In proxy mode (shown in Figure 3), SIP clients send requests to the proxy server. The proxy server either handles the requests or forwards them to other SIP servers. Proxy servers can insulate and hide SIP users by proxying the signaling messages. To the other users on the VoIP network, the signaling invitations look as if they are coming from the proxy SIP server.
Source: Juniper Networks, Inc. White Paper
]]>The feature of VOIP that has attracted the most attention is its cost-saving potential. By moving away from the public switched telephone networks, long distance phone calls become very inexpensive. Instead of being processed across conventional commercial telecommunications line configurations, voice traffic travels on the Internet or over private data network lines.
VOIP is also cost effective because all of an organization’s electronic traffic (phone and data) is condensed onto one physical network, bypassing the need for separate PBX tie lines. Although there is a significant initial startup cost to such an enterprise, significant net savings can result from managing only one network and not needing to sustain a legacy telephony system in an increasingly digital/data centered world. Also, the network administrator’s burden may be lessened as they can now focus on a single network. There is no longer a need for several teams to manage a data network and another to mange a voice network. The simplicity of VOIP systems is attractive, one organization / one network; but as we shall see, the integration of security measures into this architecture is very complex.
2. Speed and Quality
In theory, VOIP can provide reduced bandwidth use and quality superior to its predecessor, the conventional PSTN. That is, the use of high bandwidth media common to data communications, combined with the high quality of digitized voice, make VOIP a flexible alternative for speech transmission. In practice, however, the situation is more complicated.
Routing all of an organization’s traffic over a single network causes congestion and sending this traffic over the Internet can cause a significant delay in the delivery of speech. Also, bandwidth usage is related to digitization of voice by codecs, circuits or software processes that code and decode data for transmission. That is, producing greater bandwidth savings may slow down encoding and transmission processes. Speed and voice quality improvements are being made as VOIP networks and phones are deployed in greater numbers, and many organizations that have recently switched to a VOIP scheme have noticed no significant degradation in speed or quality.
<-to be continued->
(Source: National Institute of Standards and Technology)
]]>
Making calls by using VoIP (voice over internet protocol) is much cheaper than using conventional phone companies. Here are some ways where VoIP keeps their rate low and therefore pass the savings to broadband phone users. There are many ways that you can save a lot of money by using VoIP technology to make local or international calls. It depends on the type of connection you are using and how a phone best adjusts into your life. There is no line rent for the people who have fiber optic based broadband technology. Virgin is said to be the main provider of cable broadband in UK. With this, your cable becomes completely independent and separate from your line of phone (which may or may not be of similar company). So you can easily cancel the line of phone at any time without changing your broadband cable connection.
This means that you can easily convert your calls by using VoIP technology and discard your old phone line completely. You will be making savings instantly, because you will no longer have to pay for the line rent each month. Your broadband connection may be the older ADSL copper based technology. In this case your broadband connection is connected from your provider’s telephone line. If you discard your line of telephone then you will also lose your broadband connection. If your phone line has ADSL broadband connection then you can still save considerable amount of money by using your broadband to make calls. You can also use VoIP to call from PC to PC. In this case, most of your calls will be totally free of cost. If you make a call from a PC to some landline number then you will be charged for it. The tariffs, although, said to be significantly cheaper than levied by traditional and old phone companies.
But you will be making greatest savings by using VoIP technology as your second line can be used to make your mobile or main landline calls. You could also use it to a second family line or keep it for business purposes. You will still have to pay for the line rent with your existing provider and your ongoing costs of broadband but once you have set up second phone line then you can use that phone line to make much cheaper calls. Providers of VoIP technology offer various packages to different countries. Each of them allows you to make unlimited calls anywhere in the countries mentioned in your bundle. This means that there is no need of clock-watching and no waiting until a certain phone call is picked up. Traditional phone companies may have a variety of charges. They may have different rates for a day, evening and weekend phone calls. And they usually charge by the minute. That is, the longer the call, the higher the rate of charge. The provider’s of Broadband don’t do like this. They just charge you with monthly fees.
]]>