Modular Test System for Determination of Protection against Attacks in VoIP Networks

Abstract

A VoIP (Voice over Internet Protocol) soft switch is essential for every IP telephony infrastructure. Frequently, it provides other services besides those related to VoIP. Very often, these switches are the target of external attackers. This article describes the system designed to test whether the targeted VoIP soft switch is sufficiently secured and protected against possible real threats. The system tests the switches for resistance to the most prevailing attacks. Based on whether the penetration is successful or not, the system assesses their overall security. The article describes applications and algorithms used by the system. The conclusion includes recommendations and principles to ensure efficient protection of a VoIP soft switch against existing threats. The system is designed as an open-source web application, allowing for access irrespective of the operation system platform, and can be extended with additional testing modules.