New research aims to plug holes in VOIP before they happen
The National Science Foundation has issed four awards totaling $600,000 to the University of North Texas to lead a multi-university collaboration to develop a geographically distributed, secure test bed to analyze vulnerabilities in Voice over Internet Protocol (VoIP)--an increasingly popular technology that turns audio signals into digital data that can be transmitted over the Internet.
The three-year project will investigate voice spam prevention (VoIP phone systems can be spammed like email), attacks on networks and Internet resources that render them unavailable (denial-of-service), quality of service, and 911 service dependability. The unique test bed will also be used to discover security holes arising from operating VoIP with conventional phone networks.
"Proactively securing the next-generation infrastructure for voice communications is critical for us all," said UNT's Ram Dantu, who leads the project. "Our research will identify vulnerabilities in the technology and establish solutions--before damage is done."
VoIP allows users with a computer and a standard Internet connection to make toll-free calls any where in the world. It also handles video and instant messaging. Companies such as Vonage and AT&T are aggressively deploying the technology, and one study predicts some 24 million U.S. households will be using VoIP by 2008. Government agencies are already implementing strategies to use VoIP-based systems.
History generally credits Alexander Graham Bell with inventing the telephone in 1876, but in 1880 he devised "the greatest invention I have ever made; greater than the telephone." The photophone, patented by Bell and Charles Sumner Tainter, transmitted sound on a beam of light using the same principles as today's fiber optic communications systems.
When Bell and Tainter used the only existing photophone to communicate between two buildings in Washington, D.C., guarding the content of their message was probably not an issue, but today, secure communications systems are a top priority.
Rita Virginia Rodriguez, the NSF program director who oversees the project, said, "VoIP security requires immediate attention, and this research addresses a number of critical aspects needed to help prevent imminent threats." Rodriguez believes the work will have immediate and long-term impact for the technology, and importantly, will provide faculty and students at each university with real-life telecommunications research experience.
Since last year, NSF has supported Dantu to investigate specific methods to prevent voice spamming. Karl Levitt, who directs NSF's CyberTrust program commented, "Dantu has a keen awareness of the nation's vital need to expedite research into VoIP security. His work identifying and applying intrusion detection methods will help alleviate the nuisance created by spam and fits well with the goals of the new test bed award."
In addition to UNT, the project includes researchers and resources at Columbia University, Purdue University and the University of California-Davis.
The team is committed to disseminating their findings throughout academia, industry and government, giving all technology developers guidelines for preventing security breaches. Already, their VoIP security workshops have been well attended by organizations including the Department of Homeland Security, the Federal Communications Commission, the National Institute of Standards and Technology and the National Security Agency.
Source: National Science Foundation
