Describe about the Security and Privacy Issues of VOIP and Skype.
Voice over Internet Protocol commonly known as VOIP is a collection of methods and technologies to exchange voice and multimedia over the network which is the Internet. It allows communication to take place in the form of various services such as fax, SMS, video conferencing and many others (Vaishnav, 2016). Skype is a popular application that makes use of VOIP and has been developed by Microsoft. Skype allows instant messaging, file sharing, audio and video conferencing and a lot more and is widely used by the home and business users to connect with each other irrespective of their geographical locations. There are a number of security and privacy issues that are present in case of Skype and VOIP applications.
Literature Review
VOIP, Skype and the other applications and services that make use of VOIP make use of Internet Protocol for their activities. For the communications to take place over VOIP there is no dedicated telephone line or system necessary and the same brings down the cost that is associated with the services. The voice and data transfer capacity that comes with VOIP based applications is also massive. Ease of access, non-stop availability and lower costs are some of the features that come handy with Skype and other VOIP applications.
However, with numerous advantages and benefits, there are a few risk areas that are also present with these applications. There are increased scenarios of data collision and congestions along with exposure to multiple security risks which may prove to be dangerous for the data and information being exchanged (Fontanini, 2016).
Research Questions
Following are the research questions that have been addressed and answered with the aid of the analysis and research done on the topic.
What is the meaning of VOIP and Skype and what are the services that are provided by each?
What are the confidentiality attacks that have an adverse impact on the security and privacy of the information exchanged over VOIP and Skype?
What are the integrity attacks that have an adverse impact on the security and privacy of the information exchanged over VOIP and Skype?
What are the availability attacks that have an adverse impact on the security and privacy of the information exchanged over VOIP and Skype?
What are the measures that can be executed and installed to keep the security and privacy of the information unaltered at all times?
There are three properties of information that must be kept safe and secure at all times and these three properties are confidentiality, integrity and availability. There are attacks that are executed that hamper these properties of data and information which in turn results in compromise on the security and privacy of the same.
Confidentiality Threats
Eavesdropping of phone conversation
Skype and other VOIP applications work on the nodes that are present in this category of communication medium. Due to the presence of a huge number of nodes, an attacker gains access to any one of them and gets a chance to eavesdrop in the conversation or exchange taking place (Xin, 2016).
Call Pattern Tracking
There is often a pattern associated with the calls that take place over Skype or VOIP services in terms of time, frequency, participants and other factors. These patterns are studied by the attackers and valuable information in retrieved from the same.
Data Mining Attacks
Attackers acquire the phone numbers or credentials through intercepted message and then execute attacks such as spam calls, fraud messages and likewise (Park, 2016).
Reconstruction Attacks
A piece of information is acquired by the attacker through unauthorized measures and the same is reconstructed to give it a misleading shape.
Integrity Attacks
Message Alteration
The messages that are exchanged over Skype or VOIP are often altered to provide them a different shape and the activity is done in an unauthorized manner. There are a number of entities that are involved in a particular call and these entities are added, deleted or modified by the attacker without the permission to do the same (Obidinnu and Ibor, 2016).
Media Alteration
The other form of the integrity attack is the alteration of the media. The media being exchanged over the VOIP channels is degraded, upgraded or modified without the required permissions to perform the same. Quality of the media is also hampered in this form of integrity attack (Lazzez, 2016).
Availability Attacks
Call Flooding
The attacker introduces a lot of unwanted traffic on the communication channel which results in breaking down of the services (Sonkar, 2016).
Media Session Hijacking
Hijacking of the media sessions is often done in which there are unauthorized re-routing and alterations involved. These activities hamper the availability of the services.
Server Impersonating
The attacker in this form of the attack impersonates as the media server and acquires the trust of the clients. The request and response cycle that is followed by this activity results in disruptions in the availability of the information and services.
QoS Abuse
Bandwidth of the connections is often exhausted in these attacks and the same cause jitters and slippages which are considered to be a negative point as far as the quality of a particular service is concerned (Shaidani, 2016).
Review 1
A blended technique has been received in the exploration by gathering the quantitative and also subjective strategy. Various elements have been utilized to ask about the data that is important to actualize the VOIP and Skype procedures in the association. The way of assaults can likewise be resolved with the assistance of gathering the data that is obtained from the different substances.
Review 2
VOIP has picked up ubiquity among the clients in the previous couple of years and a great deal of work has been accomplished for the advancement of the administrations that are made accessible by the same. Likewise, there are various dangers that are additionally created by the pernicious elements to hamper the working of the same.
There are assaults that are propelled in the expression of VOIP taking a gander at the enormous trade that happens over the medium. The achievement of these assaults permits the aggressors to get hold of the essential and imperative data that is connected with a specific association. These assaults are finished with the utilization of the system and the data security measures and are essentially executed to influence the classification, trustworthiness and accessibility of the data. Flooding, sniffing, dissent of administrations, message adjustment, media modification, listening stealthily and so forth are various such assaults that incur significant damage on the data security over VOIP. The countermeasures to these assaults are additionally grown at the same time to think of the system to moderate and control the effect of these assaults on the data. These measures are created on the premise of the assault and data classification.
Issues that were not addressed and its Impact
The research on the topic has been done well and the research questions have also been answered accurately. There could have been a little more explanation on the services and the procedure of the operations that are covered under Skype and the various VOIP applications that are present.
These would have provided a better understanding of the topic and would have allowed the reader to be engaged in a better manner. Skype is the application that is used by a huge number of users and the functioning details of its services would have added to the knowledge and clarity of the reader about the topic.
There are a number of security and privacy issues that are present with VOIP and Skype. However, the same can be prevented by making use of the measures to avoid and prevent the same.
There are various hostile to forswearing of administration measures that can be adjusted by the associations to stay safe from such assaults. The groups can make utilization of constraining of SYN rate or entrance separating also to stay away from the forswearing in the administration and keep up the accessibility of the data and correspondence at all times.
There are also many stronger measures associated with the authentication methods such as use of multi layer authentication also know as two steps or three step authentications.
Networks need to be monitored on a regular and constant basis by using measures such as network scans, network monitoring, intrusion detection and prevention.
Encryption is a powerful technique that will stay significant even if the attacker succeeds in acquiring information from the communication channel as the attacker will not be able to break in to the encrypted information. The same will be of no use in this case.
There are a number of legal and regulatory measures that can be adopted to prevent these attacks. A strong legal architecture will automatically minimize the rate and frequency of such attacks (Kulkarni, 2016).
The first and foremost measures must never be ignored such as physical security, anti-viruses, installation of firewalls and likewise (Hung, 2016).
Security reviews and audits must be a typical movement in the associations to have a check of the security systems that are taken after furthermore to comprehend the regions of change.
VOIP and Skype are not dependent upon a particular device or an operating system to be accessed and can be used on desktop as well as mobile devices. These operating systems must be updated on a regular basis to make sure that the risks that are introduced specific to a particular operating system or to a particular version are prevented.
It is also necessary to secure the wireless networks over which these applications and services are accessed. It is because these networks act as the prime source of the entry point for the attacker.
Conclusion
VOIP and Skype are the measures that provide the users an ability to interact easily with each other and perform other activities as well such as transfer of files from one system to another over the Internet. These mediums allow communications to take place in a cost effective manner and with non-stop availability and accessibility as well. However, there are a number of security and privacy issues that are associated with VOIP and Skype in the form of confidentiality threats, integrity threats and availability threats. These can be controlled and treats with the aid of a number of countermeasures that are now made available for the home as well as the business users.
References
Fontanini, P. (2016). VoIP Security. Brage.bibsys.no. Retrieved 11 September 2016, from https://brage.bibsys.no/xmlui/bitstream/handle/11250/143809/Fontanini_VOIP_Security.pdf?sequence=1
Hung, P. (2016). Through the looking glass: Security issues in VOIP applications. Retrieved 11 September 2016, from https://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.84.7089&rep=rep1&type=pdf
Kulkarni, S. (2016). VoIP Cell Phones : Security concerns and Countermeasures. Retrieved 11 September 2016, from https://www.ijser.org/researchpaper%5CVoIP-Cell-Phones-Security-concerns-and-Countermeasures.pdf
Lazzez, A. (2016). VoIP Technology: Security Issues Analysis. Retrieved 11 September 2016, from https://arxiv.org/ftp/arxiv/papers/1312/1312.2225.pdf
Obidinnu, J. & Ibor, A. (2016). A survey of Attacks on VoIP networks and Countermeasures. Ajol.info. Retrieved 11 September 2016, from https://www.ajol.info/index.php/wajiar/article/viewFile/128074/117625
Park, P. (2016). Threats Against Confidentiality > VoIP Threat Taxonomy. Ciscopress.com. Retrieved 11 September 2016, from https://www.ciscopress.com/articles/article.asp?p=1245881&seqNum=2
Shaidani, S. (2016). Attacks and Defenses Against Voice over IP (VoIP). Retrieved 11 September 2016, from https://www.cs.tufts.edu/comp/116/archive/fall2015/sshaidani.pdf
Sonkar, S. (2016). A Review Paper: Security on Voice over Internet Protocol from Spoofing attacks. Retrieved 11 September 2016, from https://www.ijarcce.com/upload/may/A%20Review%20Paper%20Security%20on%20Voice%20over%20Internet%20Protocol%20from%20Spoofing%20attacks.pdf
Vaishnav, C. (2016). Voice over Internet Protocol (VoIP): The Dynamics of Technology and Regulation. Retrieved 11 September 2016, from https://web.mit.edu/chintanv/www/Publications/MIT_TPP_Thesis_Chintan_Vaishnav_Final.pdf
Xin, J. (2016). Security Issues and countermeasure for VoIP. Sans.org. Retrieved 11 September 2016, from https://www.sans.org/reading-room/whitepapers/voip/security-issues-countermeasure-voip-1701
Essay Writing Service Features
Our Experience
No matter how complex your assignment is, we can find the right professional for your specific task. Contact Essay is an essay writing company that hires only the smartest minds to help you with your projects. Our expertise allows us to provide students with high-quality academic writing, editing & proofreading services.
Free Features
Free revision policy
$10Free bibliography & reference
$8Free title page
$8Free formatting
$8How Our Essay Writing Service Works
First, you will need to complete an order form. It's not difficult but, in case there is anything you find not to be clear, you may always call us so that we can guide you through it. On the order form, you will need to include some basic information concerning your order: subject, topic, number of pages, etc. We also encourage our clients to upload any relevant information or sources that will help.
Complete the order form
Once we have all the information and instructions that we need, we select the most suitable writer for your assignment. While everything seems to be clear, the writer, who has complete knowledge of the subject, may need clarification from you. It is at that point that you would receive a call or email from us.
Writer’s assignment
As soon as the writer has finished, it will be delivered both to the website and to your email address so that you will not miss it. If your deadline is close at hand, we will place a call to you to make sure that you receive the paper on time.
Completing the order and download