Review and Enhancement of VoIP Security: Identifying Vulnerabilities and Proposing Integrated Solutions.

Ramly, Athirah Mohd; Zi Wei Ng; Yahya Khamayseh; Shwu Chen Kwan, Charis; Amphawan, Angela; Tse-Kian Neo

The prolific use of Voice over Internet Protocol (VoIP) causes this system's vulnerabilities to become a major concern for individuals or organizations. Based on this concern, this paper aims to provide a comprehensive analysis of the cyber threats and attacks in VoIP systems. VoIP offers several benefits and advantages; however, it poses significant security risks which can cause serious consequences. At the beginning of this paper, an overview of VoIP, including its architecture, components, protocols and advantages are discussed. Following this, attack vectors and component vulnerabilities are examined, and types of security threats are categorized into different sections for clarity. The types of attacks under discussion involved Denial-of-Service (DoS) and Man-in-the-Middle (MITM) attacks, spoofing threats, registration and call hijacking, Spam over Internet Telephony (SPIT), vishing, malware and toll fraud. Subsequently, existing security solutions for VoIP systems are reviewed, highlighting their strengths, weaknesses and applicability. While some solutions are effective in protecting VoIP, a lack of robustness still exists. Hence, this paper proposes an enhanced security method: the combination of Virtual Private Networks (VPNs) and firewalls within VoIP systems. This combination can reduce potential cyber risk by enhancing data privacy and protection, and overall system security.

VIRTUAL private networks; DATA privacy; CYBERTERRORISM; FRAUD; DATA protection; INTERNET telephony; CYBER physical systems

Journal of Telecommunications & the Digital Economy, 2024, Vol 12, Issue 4, p109

2203-1693

Academic Journal

10.18080/jtde.v12n4.1022