Security Analysis and The Effect of Codec Changes on Quality of Service of Encrypted Voice Phones on Voice Over IP Freepbx

Asep Saepul Achmad, Muhammad Nursalman, Rizky Rachman J.

Abstract


VoIP is one of the technologies as communication with audio and video media online. The server secures voice phone data on VoIP supporting VoIP phone data encryption. In addition to security, in order to improve sound quality FreePBX also uses the latest codecs such as Alaw, Ulaw, G722, G729. The purpose of this study was to display the results of VoIP voice phone security testing on FreePBX Server, analyze the Quality of Service of voice codecs on VoIP phones, and compare encrypted and unencrypted VoIP voice phones. The Quality-of-Service criteria of voice telephony consist of packet loss, jitter, and delay or delta. Then, test VoIP security using the Man in The Middle Attack (ARP Poisioning) attack method on the Cain and Abel application. Next, analyze the comparison between encrypted and unencrypted phones using SoftPhone SIPSoercery. Test results for QoS of encrypted VoIP phones with different audio codecs are very good and this assessment is based on the TIPHON QoS standard. The best delta value is found in the Ulaw codec and the best jitter value is found in the Alaw codec. After VoIP phones are attacked with ARP Poisoning, there is a decrease in QoS quality. For all codecs tested, the delta value decreased from 9.34% to 104.12%, the jitter value decreased from 235.49% to 767.97%, and the packet loss value decreased from 5.56% to 181.82%.

Keywords


ARP Poisoning; Codec; FreePBX; MITM; QoS; SDP; SIP Sorcery; SIP; SRTP; TLS; VoIP

Full Text:

PDF

References


Almaarif, A., and Yazid, S. (2018). ARP Cache Poisoning sebagai Teknik Alternatif untuk Membatasi Penggunaan Bandwidth berbasis Waktu. Jurnal Rekayasa Sistem and Industri (JRSI), 5(02), 108-113.

Maar, M., Sitarova, J., and Orgon, M. (2017). Enterprise network with software Asterisk PBX based on the PLC technology. International Journal of Advances in Telecommunications, Electrotechnics, Signals and Systems, 6(1), 1-10.

Chandramohan, D., Veeraiah, D., Shanmugam, M., Balaji, N., Sambasivam, G., and Khapre, S. (2012). SVIP-enhanced security mechanism for SIP based VoIP systems and its issues. In Advances in Computing and Information Technology: Proceedings of the Second International Conference on Advances in Computing and Information Technology (ACITY) July 13-15, 2012, Chennai, 1, 81-86.

Deng, D. J., Cheng, R. S., Chang, H. J., Lin, H. T., and Chang, R. S. (2009). A cross-layer congestion and contention window control scheme for TCP performance improvement in wireless LANs. Telecommunication Systems, 42, 17-27.

Gawarle, A. S. (2017). Design a Free Voice Calling System Using Raspberry Pi. International Journal of Research in Engineering and Applied Sciences (IJREAS), 7(6), 10-14.

Kang, T. G., Bae, H. J., Kim, D. Y., and Kim, D. U. (2004). SIP/SDP signaling of media gateway with transcoding function in converged network. In The 6th International Conference on Advanced Communication Technology, 2004, 2, 842-845.

McGrew, D., and Rescorla, E. (2010). Datagram transport layer security (DTLS) extension to establish keys for the secure real-time transport protocol (SRTP) (No. rfc5764).

Molitorisová, A., and Šístek, P. (2021). Reimagining Electronic Communications Regulatory Environment with AI: Self-Regulation Embedded in ‘Techno-Regulation’. European Journal of Law and Technology, 12(1), 1-27.

Ekstedt, J., Nilsson, G., and Stålberg, E. (1974). Calculation of the electromyographic jitter. Journal of Neurology, Neurosurgery and Psychiatry, 37(5), 526-539.

Sinam, T., Singh, I. T., Lamabam, P., Devi, N. N., and Nandi, S. (2014). A technique for classification of VoIP flows in UDP media streams using VoIP signalling traffic. In 2014 IEEE International Advance Computing Conference (IACC), 2014, 354-359.

Uys, L. (2009). Voice over internet protocol (VoIP) as a communications tool in South African business. African Journal of Business Management, 3(3), 89.

Sheikh, W. (2023). Jitter‐sensitive data communication in emerging wireless networks. Transactions on Emerging Telecommunications Technologies, 34(5), e4746.

Wang, X., and Zhang, R. (2011). Voip security: vulnerabilities, exploits, and defenses. In Advances in Computers, 81, 1-49.

Han, T., Zhu, G. X., Zhu, Y., and Yao, W. (1998, September). Implementation and analysis of stream-oriented protocol-based RTP/RTCP within video conference. In International Symposium on Multispectral Image Processing (ISMIP'98), 3545, 286-289.

Zheng, L., Zhang, L., and Xu, D. (2001, June). Characteristics of network delay and delay jitter and its effect on voice over IP (VoIP). In ICC 2001. IEEE International Conference on Communications. Conference Record (Cat. No. 01CH37240),1, 122-126.

Martin, M. V., and Hung, P. C. (2005, May). Towards a security policy for VoIP applications. In Canadian Conference on Electrical and Computer Engineering, 2005, 65-68.

Kazemi, N., Wijesinha, A. L., and Karne, R. (2010, April). Evaluation of IPsec overhead for VoIP using a bare PC. In 2010 2nd International Conference on Computer Engineering and Technology, 2, V2-586.

Nisar, K., Said, A. M., and Hasbullah, H. (2010, June). Enhanced performance of packet transmission using system model over VoIP network. In 2010 international symposium on information technology, 2, 1005-1008.

Balogh, Z., Koprda, Š., and Francisti, J. (2018, October). LAN security analysis and design. In 2018 IEEE 12th International Conference on Application of Information and Communication Technologies (AICT), 2018, 1-6.




DOI: https://doi.org/10.17509/jcs.v4i2.71181

Refbacks

  • There are currently no refbacks.