Security analysis of VoIP architecture for identifying SIP vulnerabilities

Voice over Internet Protocol (VoIP) is an emerging technology that changes the way of communication services over IP networks. It provides flexible and low cost services to the users, which make it more popular than the existing Public Switch Telephone Network (PSTN). With the popularity of this technology, it became targeted victim of different attacks. In this paper we analyzed VoIP architecture, both theoretically and practically with more emphasizes on security of Session Initiation Protocol (SIP). In order to analyze theoretically, we performed a literature survey related to SIP security and classified it in term of existing SIP attacks and defenses. Our theoretical analysis reveals that most attacks on VoIP architecture were successful due to weaknesses of SIP, especially the authentication mechanism used in the session establishment phase. For practical analysis, we used open source Asterisk and pen-test it in different attacking scenarios using Kali Linux distribution. Our practical analysis studies revealed that open source asterisk server is still vulnerable to several attacks, which includes eavesdropping, intentional interruption, social threats, interception and modification, and unintentional interruption. We also provide a concise mitigating scheme based on Single Sign-On (SSO), which provides an efficient and reliable authentication mechanism for securing SIP.