The National Science Foundation (NSF) has issued four awards totaling $600,000 to the University of North Texas (UNT) to lead a multi-university collaboration to develop a geographically distributed, secure test bed to analyze VoIP vulnerabilities.
The three-year project will investigate voice spam prevention (VoIP phone systems can be spammed like email), attacks on networks and internet resources that render them unavailable (denial-of-service), quality of service and 911 service dependability. The test bed will also be used to discover security holes arising from operating VoIP with conventional phone networks.
"Proactively securing the next-generation infrastructure for voice communications is critical for us all," said UNT's Ram Dantu, who leads the project. "Our research will identify vulnerabilities in the technology and establish solutions--before damage is done."
He added that companies such as Vonage and AT&T are aggressively deploying the technology and cited one study predicting that some 24 million U.S. households will be using VoIP by 2008. Government agencies are already implementing strategies to use VoIP-based systems.
Rita Virginia Rodriguez, the NSF program director who oversees the project, said: "VoIP security requires immediate attention, and this research addresses a number of critical aspects needed to help prevent imminent threats."
Rodriguez said the work will have immediate and long-term impact for the technology and will provide faculty and students at each university with real-life telecommunications research experience.
Since last year, NSF has supported Dantu to investigate specific methods to prevent voice spamming. Karl Levitt, who directs NSF's CyberTrust program commented: "Dantu has a keen awareness of the nation's vital need to expedite research into VoIP security. His work identifying and applying intrusion detection methods will help alleviate the nuisance created by spam and fits well with the goals of the new test bed award."
In addition to UNT, the project includes researchers and resources at Columbia University, Purdue University and the University of California- Davis.
The team said it is committed to disseminating its findings throughout academia, industry and government, giving all technology developers guidelines for preventing security breaches.