Which of the following best describes voip (voice over internet protocol)?

Abstract

The VoIP system is one of the most widely used voice communications systems for the delivery of voice communications and multimedia sessions over the Internet by using the Internet Protocol (IP). G.729 is the speech coding scheme in VoIP. In this chapter, a model for VoIP-based covert communications is put forward based on the analysis of the characteristics of VoIP, and an approach of embedding secret speech information into VoIP G.729 speech flows is proposed based on matrix coding. In the approach, 2.4 kbps MELP speech is used as secret speech, and G.729 coding speech is used as the public carrier. The implementation of embedding and extraction algorithms is presented. Experimental results show that this approach achieves a high data embedding rate of up to 2.4 kbps with nice imperceptibility and low complexity.

5 Summary

With today's dedicated VoIP handsets, a separate voice VLAN provides a reasonable amount of security. Going forward, as nondedicated devices become more commonplace, more rigorous security mechanisms will gain importance. This will begin with encrypted signaling and encrypted media and will evolve to include spam protection and enhancements to SIP to provide cryptographic assurance of SIP call and message routing.

As VoIP continues to grow, VoIP security solutions (see checklist, “An Agenda for Action for VoIP's Security Challenges”) will have to consider consumer, enterprise, and policy concerns. Some VoIP applications commonly installed on PCs, such as Skype, may be against corporate security policies. One of the biggest challenges with enabling encryption is with maintaining a PKI and the complexities involved in distributing public key certificates that would span to end users27 and key synchronization between various devices belonging to the same end user agent.28

An Agenda for Action for Voice Over Internet Protocol's Security Challenges

The following are some tips for ensuring a secure VoIP (check all tasks completed):

Choose the VoIP protocols carefully.

Turn off unnecessary protocols.

Remember that each element in the VoIP infrastructure, accessible on the network like any computer, can be attacked.

Divide and conquer works well for VoIP networks.

Authenticate remote operations.

Separate VoIP servers and the internal network.

Make sure the VoIP security system can track the communications ports by reading inside the signaling packets to discover the ports selected and enable two endpoints to send media packets to each other.

Use NAT, even if in some cases it poses a special problem for VoIP. NAT converts internal IP addresses into a single, globally unique IP address for routing across the Internet.

Use a security system that performs VoIP-specific security checks.

Using IPsec for VoIP tunneling across the Internet is another option; however, it is not without substantial overhead.29 Therefore, end-to-end mechanisms such as SRTP are specified for encrypting media and establishing session keys.

VoIP network designers should take extra care in designing intrusion detection systems that are able to identify never-before-seen activities and react according to the organization's policy. They should follow industry best practices for securing endpoint devices and servers. Current softphones and consumer-priced hardphones use the “haste-to-market” implementation approach and therefore become vulnerable to VoIP attacks. Therefore VoIP network administrators may evaluate VoIP endpoint technology, identify devices or software that will meet business needs and can be secured, and make these the corporate standards. With P2P–SIP, the lack of central authority makes authentication of users and nodes difficult. Providing central authority would dampen the spirit of P2P–SIP and would conflict with the inherent features of distributed networks. A decentralized solution such as the reputation management system, where the trust values are assigned to nodes in the network based on prior behavior, would lead to a weak form of authentication because the credibility used to distribute trust values could vary in a decentralized system. Reputation management systems were more focused on file-sharing applications and have not yet been applied to P2P–SIP.

Finally, let's move on to the real interactive part of this Chapter: review questions/exercises, hands-on projects, case projects, and optional team case project. The answers and/or solutions by chapter can be found in the Online Instructor's Solutions Manual.

Is the system vulnerable?

The main problem is that the users of VoIP systems do not generally understand the technology they are using. Users see a phone on their desk, or occasionally a “softphone” on their computer. As a user, it is sometimes best to know what to do, but the chances are unlikely to really know how the whole solution works.

The question of how much vulnerability exists is something that no author can answer for sure. This book’s goal is to raise awareness of the risks. While VoIP servers are an amazing technology, they’re also exposed to hackers from around the world. How vulnerable the VoIP system is depends on many factors. Have a conversation with the IT staff and VoIP providers about the examples described above. The rule is simple: demand accountability.

Ask a lot of questions from those who install the servers and solutions – and the VoIP providers. They should have anomaly detection systems in place to notice if usage and spending goes up dramatically in a relatively short period of time. They should also block expensive destinations unless asked for them to be unblocked. Later on in this book, several risky area codes and calling zones will be discussed. Target them to be blocked unless there is a vital business reason not to block them.

VoIP hacking is like most other forms of hacking – if there is not enough attention to security details, then the “bad guys” will get in and the onus is not on them. The Internet can still be considered the Wild West, and only with due diligence and awareness will the VoIP system and the organization be safe.

It is estimated that the worldwide cost of telecommunications fraud over the past year (2013) is $13 billion. VoIP fraud is bringing that number up significantly, and it’s still growing. Interestingly, it’s probably the cleanest form of money laundering possible – the telephone companies are a key part of it.

VoIP hacking isn’t like having your web page defaced, or having a server hacked that needs to be rebuilt. It is the loss of real money straight from the organization’s bottom line. The tools available to the hackers showing how easily VoIP systems can be hacked are readily available and typically shown on YouTube. Some of the tools that are commonly used and displayed on the web are (to name only a few)3:

Viproy

SIPDump

SIPCrack

SIPAutohack

SIPVicious

The best rule of thumb is to prepare for the worst and hope for the best!

The benefits of VoIP

VoIP allows users to make phone calls over the Internet, or any other IP network, using the packet-switched network as a transmission medium rather than the traditional circuit transmissions of the PSTN. If a quality Internet connection is available, phone service can be delivered through this Internet connection instead of from the local phone company. This assumes that the Internet connection is from someone else other than the local telephone company such as a CATV company or a wireless provider.6 As the technology has become more reliable in recent years, enterprise organizations and residential customers have been moving to VoIP for a number of reasons:

Consolidation of voice and data on one network reduces costs and results in a lower network total cost of ownership (TCO).

Operating expense savings include lower long-distance charges, reduced support costs, and savings via workforce virtualization.

Newer and increased functionality, specifically automatic routing of calls to the VoIP phone set no matter where it may be.

Using an ATA users can talk and surf the web at the same time on a single connection.7

Companies also use the migration to VoIP as an opportunity to replace aging telephony equipment with feature-rich technology such as teleconferencing and collaboration/multimedia applications.

VoIP supports increased mobility, since remote workers have the same access to voice features as corporate office employees.

Abstract

Voice over Internet Protocol (VoIP) quality measurement modeling is an active field of research. An objective and nonintrusive approach is preferred because it is faster and easier than a subjective or intrusive method. This chapter provides a brief overview of the bio-inspired methods used thus far in VoIP speech quality modeling. Then it compares several models such as Perceptual Evaluation of Speech Quality (PESQ)/E-model, nonlinear surface regression, neural network, and REPTree to model the conversational quality. Simulated data sets are generated by varying network impairments (packet loss and delay), codecs, languages, and gender to build and test the models. The bio-inspired neural network and the decision-tree-based REPTree models show highly reliable results for both network and nonnetwork impairment cases. In addition, the accuracy of the model is not only dependent on codec and network impairment, but the nonnetwork factors also have an impact on the performance of a speech quality prediction model.

12.5 HOW VOICE OVER INTERNET PROTOCOL (VoIP) WORKS

Voice Over Internet Protocol (VoIP) can be defined simply as the transmission of voice over IP networks. Originating and terminating devices can be traditional telephones, fax machines, multimedia personal computers (PCs), or a new class of “Internet-aware” telephones with Ethernet interfaces. Even though the above definition holds true in general, the technology can be categorized into three classes:

PSTN gateways that provide carrier-based dial-tone solutions

VoIP gateways that provide enterprise-based dial-tone solutions

IP telephony gateways that provide enterprise-value additions and route the data over the Internet

12.5.1 PSTN Gateways

PSTN gateways provide an IP interface to PSTN voice services. The main requirement of these gateways is that they are virtually indistinguishable from the PSTN services in terms of voice quality. Consumers may be willing to tolerate minor inconveniences such as two-stage dialing if they perceive that they are obtaining significant price reductions. These gateways are configured with the called number to destination IP address and route the call based on the routing table entries.

From a system perspective, PSTN gateways need to be deployed in large scale. They have termination points close to the majority of the call destinations and can attract enough traffic to gain economies of scale sufficient to achieve low cost. They should offer high density—hundreds of ports per system—at the lowest possible per-port cost. They also require real-time monitoring tools and a sophisticated billing system. Figure 12.9 shows a PSTN gateway.

FIGURE 12.9. PSTN gateway.

All the voice and fax calls are routed to the gateway via the trunk interface to the Central Office (CO). The gateway performs some or all of the following functions:

•

Call signaling and routing: Progressing the incoming and outgoing calls to the remote gateway that is closest to the destination phone/fax number with the standard signaling procedures like H.323 and routing the calls to multiple IP networks with different routing algorithms

•

Voice/fax compression: Using any of the standard coding algorithms, such as G.711, G.723, ADPCM, or fax relay

•

Packetization: Formatting the compressed data into IP packets that contain routing and sequence information

•

Quality management: A variety of techniques, including buffering, interleaving, and bandwidth reservation through RSVP that compensate for delay, packet loss, and congestion that may occur in IP-based networks

•

Management interface: Signaling Network Management Protocol (SNMP) or Common Management Information Protocol (CMIP) interface for routing and resource configurations and to support value-added applications

12.3.1 Statistical Model for Conversational Speech

Voice-over-Internet Protocol (VoIP) refers to real-time delivery of coded voice packets across networks using Internet protocols. A VoIP session is defined as the entire user call time. Several robust voice codecs for encoding conversational speech have been developed, such as ITU-T G.729 (8 kbps) [14] and 3GPP Adaptive Multi-Rate (AMR) codec (4.75–12.2 kbps) [9,10]. A typical conversation is characterized by periods of active speech or talk spurts followed by silent periods. Figure 12-2 illustrates a two-state Markov model for conversational speech.

The steady-state condition of the model requires that P0 = a/(a + c) and P1 = c/(a + c) where P0 and P1 are the probability of being in state 0 and state 1, respectively. As shown in Figure 12-2, the probability of a transition from state 1 (the active speech state) to state 0 (the inactive state) while in state 1 is equal to a, whereas the probability of a transition from state 0 to state 1 while in state 0 is c. The model is updated at the speech encoder frame rate R = 1/T, where T is the encoder frame duration, typically 20 ms for most speech encoders. Packets are generated at time intervals iT + τ, where τ is the packet arrival delay jitter, and i denotes the encoder frame index. During the active state, packets of fixed size are generated at these time intervals, while the model is updated at regular frame intervals. The size of packet and the rate at which the packets are sent depends on the corresponding voice codecs and compression schemes. The voice activity factor λ is given as λ = P1 = c/(a + c). A talk-spurt is defined as the time period τTS between entering the active state and leaving the active state. The probability that a talk spurt has duration m speech frames is given by P(τTS = n) = a(1 − a)n−1,n = 1,2,…, whereas the probability that a silence period has a duration of n speech frames is given as P(τSP = m) = c(1 − c)m−1,m = 1,2,…. The average talk spurt duration μTS (in number of speech frames) is defined as μTS = E[τTS ] = 1/a; the mean silence period duration μSP (in number of speech frames) is given by μSP = E[τSP ] = 1/c. The distribution of the time period τAE (in number of speech frames) between successive active state entries is defined as the convolution of the distributions of τSP and τTS:

(12-12)P(τAE=n)=cc−aa(1−a)n−1+aa−cc(1−c)n−1n=1,2,⋯

It must be noted that τAE can be further considered as the time between MAC-layer resource reservations, provided that a single reservation is made per user per talk spurt. Note that in practice, very small values of τAE may not result in separate reservation requests. Since the transitions from state 1 to state 0 and vice versa are independent, the mean time μAE between active state entries is the sum of the mean time in each state; i.e., μAE = μTS + μSP. Therefore, the mean rate of arrival R¯AEof transitions into the active state is given as R¯AE=1/μAE.

The voice capacity assumes the use of a 12.2 kbps mode of 3GPP AMR codec with a 50% voice activity factor, provided that the percentage of users in outage is less than 2%, where a user is defined to have experienced outage if more than 2% of the VoIP packets are dropped, erased, or otherwise not delivered successfully to the user within the delay bound of 50 ms. The packet delay is defined based on the 98th percentile of the CDF of all individual users’ 98th percentiles of packet delay (i.e., the 98th percentile of the packet delay CDF first determined for each user, and then the 98th percentile of the CDF that describes the 98th percentiles of the individual user’s delay is obtained). VoIP capacity is measured as active users/MHz/cell. It is the minimum of the capacity calculated for either downlink or uplink divided by the effective bandwidth in the respective direction. In other words, the effective bandwidth is the operating bandwidth normalized appropriately considering the uplink/downlink ratio.

During each VoIP session, a user will be in the active or inactive state. The duration of time that the user stays in each state is exponentially distributed. In the active or inactive state, packets of fixed sizes will be generated at intervals of iT + τ seconds, where T is the voice frame size equal to 20 ms, τ is the network delay jitter in the downlink and i is the VoIP frame index. In the uplink direction, τ is equal to 0. As the range of the delay jitter is limited to 120 ms, the model may be implemented by generating packets at times iT + τ′ seconds, where τ′ = τ + 80 ms is a positive value. The air interface delay is the time elapsed from the packet arrival time iT + τ′ to successful reception and decoding of the packet. Statistical distribution and parameters associated with the VoIP traffic model are summarized in Table 12-4. The assumptions that were used for VoIP capacity calculation are shown in Table 12-5.

TABLE 12-4. VoIP Traffic Model Parameters [8]

VoIP Model AttributeStatistical DistributionParametersProbabilistic DistributionActive/inactive state durationExponentialμ = 1.25 sfx=λe−λx,x≥0λ=1/μProbability of state transitionN/Ac = 0.01, d = 0.99N/A

Packet arrival delay jitter (downlink only)

TABLE 12-5. Assumptions for VoIP Capacity Calculation [6,8,9,10]

ParameterCharacterizationCodec3GPP AMR12.2 kbpsEncoder Frame Length20 msVoice Activity Factor (VAF)50%PayloadActive: 33 bytes (octet-aligned mode)
Inactive: 7 bytes
SID Packet is sent every 160 ms during silence intervalsProtocol Overhead with Compressed Header10 bits + padding (RTP-pre-header)
4 bytes (RTP/UDP/IP)
2 bytes (RLC/security)
16 bits (CRC)

VoIP

Voice over Internet Protocol (VoIP) carries voice via data networks, a fundamental change from analog POTS (Plain Old Telephone Service), which remains in use after over 100 years. VoIP brings the advantages of packet-switched networks, such as lower cost and resiliency, to the telephone.

Recently, many organizations have maintained at least two distinct networks: a phone network and a data network, each with associated maintenance costs. The reliability of packet-switched data networks has grown as organizations have made substantial investments. With the advent of VoIP, many organizations have lowered costs by combining voice and data services on packet-switched networks.

Common VoIP protocols include Real-time Transport Protocol (RTP), designed to carry streaming audio and video. VoIP protocols such as RTP rely upon session and signaling protocols including SIP (Session Initiation Protocol, a signaling protocol) and H.323. SRTP (Secure Real-time Transport Protocol) may be used to provide secure VoIP, including confidentiality, integrity, and secure authentication. SRTP uses AES for confidentiality and SHA-1 for integrity.

While VoIP can provide compelling cost advantages (especially for new sites, without a large legacy voice investment), there are security concerns. If the network goes down, both voice and network data go down. Also, there is no longer a true “out of band” channel for wired voice. If an attacker has compromised a network, they may be able to compromise the confidentiality or integrity of the VoIP calls on that network. Many VoIP protocols, such as RTP, provide little or no security by default. In that case, eavesdropping on a VoIP call is as simple as sniffing with a tool like Wireshark (a high-quality free network protocol analyzer, see http://www.wireshark.org), selecting the “Telephony → VoIP Calls” menu, choosing a call and pressing “Player,” as shown in Figure 5.19.

Organizations that deploy VoIP must ensure reliability by making sufficient investments in their data networks, and in staff expertise required to support them. In the event of network compromise, use other methods such as cell phones for out-of-band communication. Finally, any VoIP traffic sent via insecure networks should be secured via SRTP, or other methods such as IPsec. Never assume VoIP traffic is secure by default.

What best describes VoIP Voice Over Internet Protocol?

Which one of the following statements best describes VoIP?

Which of the following are VoIP protocols?

What is the voice over Internet Protocol?