Content

Researchers take VoIP security back to school

The National Science Foundation (NSF) has issued four awards totaling $600,000 to the University of North Texas (UNT) to lead a multi-university collaboration to develop a geographically distributed, secure test bed to analyze VoIP vulnerabilities.

The three-year project will investigate voice spam prevention (VoIP phone systems can be spammed like email), attacks on networks and internet resources that render them unavailable (denial-of-service), quality of service and 911 service dependability. The test bed will also be used to discover security holes arising from operating VoIP with conventional phone networks.

"Proactively securing the next-generation infrastructure for voice communications is critical for us all," said UNT's Ram Dantu, who leads the project. "Our research will identify vulnerabilities in the technology and establish solutions--before damage is done."

He added that companies such as Vonage and AT&T are aggressively deploying the technology and cited one study predicting that some 24 million U.S. households will be using VoIP by 2008. Government agencies are already implementing strategies to use VoIP-based systems.

Rita Virginia Rodriguez, the NSF program director who oversees the project, said: "VoIP security requires immediate attention, and this research addresses a number of critical aspects needed to help prevent imminent threats."

Rodriguez said the work will have immediate and long-term impact for the technology and will provide faculty and students at each university with real-life telecommunications research experience.

Since last year, NSF has supported Dantu to investigate specific methods to prevent voice spamming. Karl Levitt, who directs NSF's CyberTrust program commented: "Dantu has a keen awareness of the nation's vital need to expedite research into VoIP security. His work identifying and applying intrusion detection methods will help alleviate the nuisance created by spam and fits well with the goals of the new test bed award."

In addition to UNT, the project includes researchers and resources at Columbia University, Purdue University and the University of California- Davis.

The team said it is committed to disseminating its findings throughout academia, industry and government, giving all technology developers guidelines for preventing security breaches.

Related

DevSecOps Scanning Challenges & Tips

There are many ways to do DevSecOps, and each organization — each security team, even — uses a different approach. Questions such as how many environments you have and the frequency of deployment of those environments are important in understanding how to integrate a security scanner into your DevSecOps machinery. The ultimate goal is speed […]

It Should Be ‘Cybersecurity Culture Month’

It’s Cybersecurity Awareness Month, but security awareness is about much more than just dedicating a month to a few activities. Security awareness is a journey, requiring motivation along the way. And culture. Especially culture.That’s the point Proofpoint Cybersecurity Evangelist Brian Reed drove home in a recent appearance on Business Security Weekly.“If your security awareness program […]

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.