New research aims to plug holes in VOIP before they happen

The National Science Foundation has issed four awards totaling $600,000 to the University of North Texas to lead a multi-university collaboration to develop a geographically distributed, secure test bed to analyze vulnerabilities in Voice over Internet Protocol (VoIP)--an increasingly popular technology that turns audio signals into digital data that can be transmitted over the Internet.

The three-year project will investigate voice spam prevention (VoIP phone systems can be spammed like email), attacks on networks and Internet resources that render them unavailable (denial-of-service), quality of service, and 911 service dependability. The unique test bed will also be used to discover security holes arising from operating VoIP with conventional phone networks.

"Proactively securing the next-generation infrastructure for voice communications is critical for us all," said UNT's Ram Dantu, who leads the project. "Our research will identify vulnerabilities in the technology and establish solutions--before damage is done."

VoIP allows users with a computer and a standard Internet connection to make toll-free calls any where in the world. It also handles video and instant messaging. Companies such as Vonage and AT&T are aggressively deploying the technology, and one study predicts some 24 million U.S. households will be using VoIP by 2008. Government agencies are already implementing strategies to use VoIP-based systems.

History generally credits Alexander Graham Bell with inventing the telephone in 1876, but in 1880 he devised "the greatest invention I have ever made; greater than the telephone." The photophone, patented by Bell and Charles Sumner Tainter, transmitted sound on a beam of light using the same principles as today's fiber optic communications systems.

When Bell and Tainter used the only existing photophone to communicate between two buildings in Washington, D.C., guarding the content of their message was probably not an issue, but today, secure communications systems are a top priority.

Rita Virginia Rodriguez, the NSF program director who oversees the project, said, "VoIP security requires immediate attention, and this research addresses a number of critical aspects needed to help prevent imminent threats." Rodriguez believes the work will have immediate and long-term impact for the technology, and importantly, will provide faculty and students at each university with real-life telecommunications research experience.

Since last year, NSF has supported Dantu to investigate specific methods to prevent voice spamming. Karl Levitt, who directs NSF's CyberTrust program commented, "Dantu has a keen awareness of the nation's vital need to expedite research into VoIP security. His work identifying and applying intrusion detection methods will help alleviate the nuisance created by spam and fits well with the goals of the new test bed award."

In addition to UNT, the project includes researchers and resources at Columbia University, Purdue University and the University of California-Davis.

The team is committed to disseminating their findings throughout academia, industry and government, giving all technology developers guidelines for preventing security breaches. Already, their VoIP security workshops have been well attended by organizations including the Department of Homeland Security, the Federal Communications Commission, the National Institute of Standards and Technology and the National Security Agency.

Source: National Science Foundation

Related stories:

Intel Outlines Plans for New Category of Smarter, Purpose-Built 'System on Chip' Designs
As Internet access continues to be added to all kinds of computers and devices, Intel executives outlined a plan to use its chip design expertise, factory capacity, advanced manufacturing techniques and the economics of Moore's Law to usher in a new category of highly integrated, purpose-built and Web-savvy System on Chip (SoC) designs and products. The company also unveiled its first eight such products under its Intel EP80579 Integrated Processor family for security, storage, communications, and industrial robotics.
A cellphone base station in every home
If you've ever had trouble getting a connection for your cellphone in your home, you could soon take matters into your own hands. Instead of relying on an overworked base station, consumers may be able to have their very own base stations inside their homes.
Motorola Demonstrates World's First WiMAX 802.16e Mobile Handoffs in Downtown Chicago
Motorola presented a mobile WiMAX experience last night that included live handoffs during an exclusive cruise along the Chicago River for media and industry analysts in town to attend WiMAX World USA. Attendees experienced uninterrupted mobile applications including web browsing, voice over IP (VoIP) calls, video streaming and MobiTV while moving past access point sites along the route of the cruise.
Packeteer, Microsoft Team Up on Branch-Office Box
The all-in-one iShaper appliance offers WAN optimization and quality-of-service prioritization in a unified platform, Packeteer says.
Extreme Pumps Up the Network
The company is offering software and switching options designed to offer richer functionality at a lower cost.
NEC Looks to Build a 'Virtual' Client Network
The company is offering a new management package called Virtual PC Center, which will combine thin client PCs, servers, a software suite and virtualization technology from VMware.
The Drive for Data Protection
Not finished with updating your organization's payroll for the day? No problem - just save the documents to a USB thumb drive, drop the drive in your briefcase, stick it in one of your family PC's USB slots and finish up in the comfort of your own home.
Are SMBs Ready for Cisco's Swiss Army Knife of Connectivity?
It remains to be seen whether small businesses really need Cisco's new product package that includes VOIP, LAN switching, routing, VPN, firewall and wireless LAN.

News discussion:

Technology news