Research Article
BibTex RIS Cite
Year 2021, Volume: 1 Issue: 1, 36 - 45, 28.02.2021

Abstract

References

  • [1] Hallock J.A. Brief history of VoIP. Evolution and Trends in Digital Media Technologies, 2004. http://www.joehallock.com/edu/pdfs/Hallock_J_VoIP_Past.pdf.
  • [2] Bell, P. (2019). No Lifeline for Wireline: Fixed Voice Continues to Fall. https://blog.telegeography.com/no-lifeline-for-wireline.
  • [3] Coulibaly, E., Liu,L. Security of VoIP networks. In: 2nd International Conference on Computer Engineering and Technology (ICCET) 2010, pp. 104-108. http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5485790
  • [4] Thermos,P., Takanen, A., Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures. Boston, USA. Adison-Wesley, 2007.
  • [5] Porter, T. Threats to VoIP Communications Systems'. Syngress Force Emerging Threat Analysis. 2006, pp. 3-25.
  • [6] Mirjalili, M., Nowroozi, A., & Alidoosti, M. A survey on web penetration test. Advances in Computer Science: An International Journal, 3(6), No.12, November 2014, pp. 107-121
  • [7] Samant, N. Automated penetration testing. PhD, San Jose State University, United States, 2011.
  • [8] Bhatt, P., Yano, E., & Gustavsson, P. Towards a framework to detect multi-stage advanced persistent threats attacks. 2014 IEEE 8th international symposium on service oriented system engineering. IEEE, 2014.
  • [9] Guerrero-Saade, J.A., Raiu, C., Moore, D., & Rid, T. Technical Report. Penquin’s moonlit maze: The Dawn of Nation-State Digital Espionage. Kaspersky Lab. 2017.
  • [10] Deibert, R. J., Rohozinski, R, Manchanda, A, Villeneuve, N., & Walton, G. Tracking ghostnet: Investigating a cyber espionage network. 2009.
  • [11] McClure, S., Gupta, S., Dooley, C., Zaytsev, V., & Chen, X.B., Kaspersky, K., Spohn, M., Permeh, R., 2010. Protecting your critical assets-lessons learned from operation aurora. Technical Report, 2010.
  • [12] Accessed: 2020-12-29, https://msrc-blog.microsoft.com/2019/08/05/corporate-iot- a- path- to- intrusion/.
  • [13] Alshamrani, A., Myneni, S., Chowdhary, A., & Huang, D. A survey on advanced persistent threats: Techniques, solutions, challenges, and research opportunities. IEEE Commun. Surveys and Tutorials, 2019: 21(2), 1851–1877. doi: 10.1109/COMST.2019.2891891.
  • [14] Chen, P., Desmet, L., & Huygens, C. A. study on advanced persistent threats. IFIP International Conference on Communications and Multimedia Security. 2014, Springer, pp. 63–72.
  • [15] McWhorter, D. Mandiant exposes APT1 - One of China’s cyber espionage units & releases 3,000 indicators. Mandiant February 18, 2013.
  • [16] Ussath, M., Jaeger, D., Cheng, F., & Meinel, C. Advanced persistent threats: Behind the scenes. Annual Conference on Information Science and Systems (CISS). 2016, IEEE, pp. 181–186.
  • [17] VoIP Penetration Testing. (2019, November 8). Essential Infosec Private Limited. https://www.essentialinfosec.com/services/voip-penetration-testing/
  • [18] R. Pepper. The History of VoIP and Internet Telephones. https://getvoip.com/blog/2014/01/27/history-of-voip-and-internet-telephones/, 2014.
  • [19] Vice. How 1.5 Million Connected Cameras Were Hijacked to Make an Unprecedented Botnet. https://www.vice.com/en/article/8q8dab/15-million-connected-cameras-ddos-botnet-brian-krebs 2016.

Penetration testing for VoIP

Year 2021, Volume: 1 Issue: 1, 36 - 45, 28.02.2021

Abstract

Thanks to its economic advantages and flexibility, VoIP technology is spreading dramatically in recent years. This increase is happening much faster, especially due to the recent COVID-19 restrictions. However, the rapid spread also brings along some security threats. So, it is inevitable to take security measures specific to VoIP technology. These security measures specific to VoIP systems and devices will increase the benefit in terms of cost and performance. In this context, penetration tests to determine the required security measures should also be made specific to VoIP. In this paper, we proposed a penetration testing strategy for VoIP which ensure and analyzes the VoIP vulnerabilities. Furthermore, it provides an aspect of view on VoIP security precautions for VoIP administrators. This strategy provides proactivity to VoIP administrators before a possible attack. In our future studies, we aim to analyze them by implementing in a test environment.

References

  • [1] Hallock J.A. Brief history of VoIP. Evolution and Trends in Digital Media Technologies, 2004. http://www.joehallock.com/edu/pdfs/Hallock_J_VoIP_Past.pdf.
  • [2] Bell, P. (2019). No Lifeline for Wireline: Fixed Voice Continues to Fall. https://blog.telegeography.com/no-lifeline-for-wireline.
  • [3] Coulibaly, E., Liu,L. Security of VoIP networks. In: 2nd International Conference on Computer Engineering and Technology (ICCET) 2010, pp. 104-108. http://ieeexplore.ieee.org/xpls/abs_all.jsp?arnumber=5485790
  • [4] Thermos,P., Takanen, A., Securing VoIP Networks: Threats, Vulnerabilities, and Countermeasures. Boston, USA. Adison-Wesley, 2007.
  • [5] Porter, T. Threats to VoIP Communications Systems'. Syngress Force Emerging Threat Analysis. 2006, pp. 3-25.
  • [6] Mirjalili, M., Nowroozi, A., & Alidoosti, M. A survey on web penetration test. Advances in Computer Science: An International Journal, 3(6), No.12, November 2014, pp. 107-121
  • [7] Samant, N. Automated penetration testing. PhD, San Jose State University, United States, 2011.
  • [8] Bhatt, P., Yano, E., & Gustavsson, P. Towards a framework to detect multi-stage advanced persistent threats attacks. 2014 IEEE 8th international symposium on service oriented system engineering. IEEE, 2014.
  • [9] Guerrero-Saade, J.A., Raiu, C., Moore, D., & Rid, T. Technical Report. Penquin’s moonlit maze: The Dawn of Nation-State Digital Espionage. Kaspersky Lab. 2017.
  • [10] Deibert, R. J., Rohozinski, R, Manchanda, A, Villeneuve, N., & Walton, G. Tracking ghostnet: Investigating a cyber espionage network. 2009.
  • [11] McClure, S., Gupta, S., Dooley, C., Zaytsev, V., & Chen, X.B., Kaspersky, K., Spohn, M., Permeh, R., 2010. Protecting your critical assets-lessons learned from operation aurora. Technical Report, 2010.
  • [12] Accessed: 2020-12-29, https://msrc-blog.microsoft.com/2019/08/05/corporate-iot- a- path- to- intrusion/.
  • [13] Alshamrani, A., Myneni, S., Chowdhary, A., & Huang, D. A survey on advanced persistent threats: Techniques, solutions, challenges, and research opportunities. IEEE Commun. Surveys and Tutorials, 2019: 21(2), 1851–1877. doi: 10.1109/COMST.2019.2891891.
  • [14] Chen, P., Desmet, L., & Huygens, C. A. study on advanced persistent threats. IFIP International Conference on Communications and Multimedia Security. 2014, Springer, pp. 63–72.
  • [15] McWhorter, D. Mandiant exposes APT1 - One of China’s cyber espionage units & releases 3,000 indicators. Mandiant February 18, 2013.
  • [16] Ussath, M., Jaeger, D., Cheng, F., & Meinel, C. Advanced persistent threats: Behind the scenes. Annual Conference on Information Science and Systems (CISS). 2016, IEEE, pp. 181–186.
  • [17] VoIP Penetration Testing. (2019, November 8). Essential Infosec Private Limited. https://www.essentialinfosec.com/services/voip-penetration-testing/
  • [18] R. Pepper. The History of VoIP and Internet Telephones. https://getvoip.com/blog/2014/01/27/history-of-voip-and-internet-telephones/, 2014.
  • [19] Vice. How 1.5 Million Connected Cameras Were Hijacked to Make an Unprecedented Botnet. https://www.vice.com/en/article/8q8dab/15-million-connected-cameras-ddos-botnet-brian-krebs 2016.
There are 19 citations in total.

Details

Primary Language English
Subjects Computer Software
Journal Section Research Articles
Authors

Şevki Gani Şanlıöz 0000-0003-4534-8898

Muhammed Karabay 0000-0002-2524-439X

Aytuğ Boyacı 0000-0003-1016-3439

Publication Date February 28, 2021
Acceptance Date February 10, 2021
Published in Issue Year 2021 Volume: 1 Issue: 1

Cite

Vancouver Şanlıöz ŞG, Karabay M, Boyacı A. Penetration testing for VoIP. Computers and Informatics. 2021;1(1):36-45.