Abstract—VoIP faces many emerging attacks and threats.
securing SIP based VoIP is a major challenging task, hence
confidentiality, integrity, availability, as well as authenticity
must be provided. Focusing on three main critical attacks
targeting SIP based VoIP infrastructure, which are Denial of
service (DoS), man-in-the middle attack, and Authenticity
based attacks. In this paper the main contribution is providing a
secure efficient multilayer security architecture based on open
source applications (snort, snortsam and iptables, as well as
OPENVPN Tunnel), The architecture provides a secure reliable
VoIP services for the enterprise network, that have been
deployed based on asterisk PBX. The proposed security
architecture aims to prevent the mentioned critical attacks, to
provide CIAA security services, by proposing an adaptive rule
based queuing polices. QoS is a major challenge, the paper also
provides an enhancement for the proposed architecture to
minimize the delay for more efficient secure communication, as
well as preventing zero day attacks by exploiting method and
updating Snort DB with attack signatures. QoS factors have
been measured using OPNET simulators. The proposed
architecture gives promising results when it comes to attacks
prevention with 0.01% better performance results compared to
previous work.
Index Terms—VoIP, snort, OPEN VPN, firewall, iptables,
OPNET 17.
Basma Basem is with the Arab Academy for Science, Technology &
Maritime Transport, Computer Engineering Department, Egypt (e-mail:
basmabasem@hotmail.com.com).
Atef Z. Ghalwash and Rowayda A. Sadek are with the Faculty of
Computers and Information, Helwan University, Egypt (e-mail:
{atef_ghalwash, rowayda_sadek}@yahoo.com).
[PDF]
Cite:Basma Basem, Atef Z. Ghalwash, and Rowayda A. Sadek, "Multilayer Secured SIP Based VoIP Architecture," International Journal of Computer Theory and Engineering vol. 7, no. 6, pp. 453-462, 2015.