Abstract

Voice over internet protocol (VoIP) is being widely used, while the integration of voice and data provide several opportunities. Lower cost and more flexibility are the main advantages of the VoIP which derived the attention of the enterprises to it. Unfortunately in the other extreme, some security issues may come across with the extensive use of VoIP. The purpose of this review paper is to encourage the VoIP industry to consider the importance of the security matters of their application and to find the gaps by discussing the pros and cons of each application and performing the fair comparison. This article begins by discussing the motivation of security measures in VoIP applications and a list of possible threats such as denial-of-service (DoS), Call Hijacking and Interception. These security issues are the most well known attacks that can be carried out in current VoIP deployment.Next, we discuss about two VoIP applications, which are Skype and GTalk, and their security levels have been measured briefly by highlighting some of the security issues in them. These security measurements are used to perform the comparison between the studied VoIP applications. Finally some methods have been proposed to improve the security in the VoIP applications in future state.

Key words: VoIP, network security, skype, Google talk, threats.

Abbreviation

DoS, Denial-of-service; DDoS, distributed denial-of-service; NAT, network address translation; PSTN, public switched telephone networks; RTP, real-time protocol; SIP, signaling initiation protocol; VoIP, voice over internet protocol; IP, internet protocol; XMPP, extensible messaging and presence protocol; IETF, internet engineering task force; ARP, address resolution protocol;IM, instant messaging.