VoIP is here to stay. In fact many incumbent telecommunication carriers have started offering VoIP service for sometime and several new VoIP service providers have emerged. Aside from issues such as quality of service, the aspect of security, or lack thereof, is misunderstood by some of the VoIP service providers.
This purpose of this article is to discuss two of the most well known attacks that can be carried out in current VoIP deployments. The first attack demonstrates the ability to hijack a user’s VoIP Subscription and subsequent communications. The second attack looks at the ability to eavesdrop in to VoIP communications. Although VoIP is implemented using various signaling protocols, this article focuses on attacks associated with the SIP (Session Initiation Protocol), an IETF standard (RFC 3261). The two attacks, among others such as DoS, have been discussed in various research papers but they haven’t been acknowledged publicly as active attacks.
Industry experts believe that these attacks will become more apparent with the wider adoption and understanding of VoIP. The next section provides a brief introduction to the SIP protocol which is used to set up and tear down Internet multimedia sessions (including VoIP). The later sections of this article focus on user registration or session hijacking.
