Voice over Internet Protocol

Voice Over Internet Protocol (VoIP)

Abstract

VoIP (voice over internet protocol) is an IP telephony term for a set of facilities used to manage the delivery of voice information over the Internet. VoIP involves sending voice information in digital form in discrete packets rather than by using the traditional circuit-committed protocols of the public switched telephone network. Before audio or video media can flow between two computers, various protocols must be employed to find the remote device and to negotiate the means by which media will flow between the two devices. The protocols that are central to this process are referred to as call-signaling protocols, the most popular of which are H.323 and Session Initiation Protocol (SIP) and they both rely on static provisioning. As VoIP is becoming more and more popular, security concerns have risen. As with any data transmitted over the internet, there is the probability of data interception or hacking. This has caused concerns about the reliability of VoIP services, since it is very difficult to secure this type of data transmission.

VoIP

Before Voice Over Internet Protocol (VoIP), telecommunications consisted of switched telephone networks, which is data traversing circuit switched connections. Millions of feet of copper cable infrastructures were put in place to keep up with the demand of telephone service. As technological advances take place, telephone companies are moving from switched connections to VoIP, which goes through the internet. The cost of VoIP both in dollars and bandwidth, compared to that of a regular telephone system (circuit switched) is encouraging companies to move towards VoIP. VoIP is a new way to receive and make calls using a broadband connection rather than a regular copper line. VoIP converts phone calls into a digital signal that travels through the internet.

The primary difference between VoIP and regular data transfer is that VoIP has a high sensitivity to quality of service (QoS) parameters. VoIP requires data packets to reach their respective destination in a more restricted time frame than other Internet Protocols out there. There are certain applications that allow packet loss or packet delay, because the information does not have to reach its destination or does not need to reach it right away. This is not the case with VoIP (Tucker, 2004). Packet loss or packet delay in VoIP can tremendously reduce the functionality of this technology; it can even make it unusable. All VoIP communications are conducted in real time and require a wide range of new infrastructure devices, protocols, and applications. Voice is a real time activity where no lag or downtime can be tolerated. With regular data transfer, these issues are fixed by retransmitting the lost data, however, that is not applicable to voice services. The only way to fix data loss in VoIP is for the caller to repeat the lost words (Materna, 2006).

VoIP sensitivity to packet loss, packet delay, and jittery makes most existing security solutions inadequate. Current firewalls cannot efficiently handle VoIP protocols which rely on dynamic port ranges and do not support network address translation effectively. For this reason, a new generation of firewalls called session border controllers is addressing most of the problems. Encryption is very important for VoIP security; unfortunately, current encryption engines introduce even more jitter and delay. According to Materna (2006), with “the hop-by-hop encryption schemas foreseen to be used by VoIP protocols, cumulative delay and jitter could easily exceed the maximum allowed values.” In addition, most current security devices rely on deep packet inspection techniques that introduce further delay and jitter. VoIP is allowed a maximum packet delay of one hundred and fifty milliseconds. The problem is that current multi layer security infrastructure adds delays that exceed acceptable values (Materna, 2006).

One concern with VoIP is latency, which is the time it takes the data packets to get from source to destination. There are two types of latency: one-way latency and round trip latency. One way latency is the time it takes for the voice of the source person to reach the destination. Round trip latency is the time it takes for the voice packets to reach the destination (from the source) and the destination’s response to reach the source. One source of latency is the encryption and decryption of the voice packets. The latency introduced has a lot to do with the complexity of the algorithm used. The size of the security key is also important in the introduction of latency (Tucker, 2004).

Another concern that is sometimes introduced in VoIP is jittery. Jitter is caused by packets having different latencies. There are several scenarios where jittery can affect VoIP. According to Tucker (2004), “most VoIP communication is done with user datagram protocol (UDP); packets that arrive out of order cannot be reassembled at the application level if the application supports it.” Jitter can be fixed by creating a buffer that would re-sequence packets as they come in and consequently passes them on to the application. “Another method of reducing jitter is to use the QoS feature of some routers, switches, and firewalls (Tucker, 2004).

In order for VoIP to fully work there are several components that are needed. The first component is end-user equipment, either a phone sitting on a desktop or a softphone. A softphone is a piece of software installed on a computer that allows a user to receive or make calls. VoIP equipment is often deployed on a protected network because for the most part the VoIP phones are not usually protected by firewalls or anti-virus software. The softphone’s vulnerabilities arise mostly because of the operating system it is running on. The OS can crash or slow down because of too many applications running. One advantage is that if new versions come out, it can be easily updated, since it is a piece of software (OnGuardOnline, 2005).

The second component of VoIP is the network component. This component includes firewalls, routers, switches, and physical cabling. The traffic added to the network is very important when considering VoIP. This traffic has priority over other traffic in the network. Furthermore, firewalls and routers need to recognize this particular traffic in order to reduce latency (Tanase). An Internet protocol network problem is network slow downs. If the network slows down, because of configuration problems, or denial of service, it might cause packet loss, jitter, or latency. If the network goes down, the phone stops working. This

...