Security for SIP-Based VoIP Networks

Threat Modeling, Hardening, and Countermeasures


  • Vinay Rao, Senior Manager, Field Applications Engineering, Centillium Communications, Inc., Fremont, CA, USA

Voice over Internet Protocol (VoIP) is eroding the use of traditional wired phone service in the home and business. The market leader is tripling subscription rates in one year which will continue to rise. As with any new technology now that it is up and running concerns turn to the security of the information being transmitted. Due to the fact that VoIP networks are often implemented over the public Internet they are left open to attacks. Vinay Rao offers a well-structured and in-depth look at VoIP security with an emphasis on SIP-based applications. He will explain protocol fundamentals, review threat analysis and hardening of security. Real-world issues and countermeasures will be discussed extensively resulting in a basic security checklist on which to base future security implementation architecture schemes.
View full description


VoIP Network Architects, Service Providers, IT Managers, Graduate Students


Book information

  • Published: January 2010
  • Imprint: NEWNES
  • ISBN: 978-0-7506-8527-6

Table of Contents

PART I: THE FUNDAMENTALSTechnology OverviewTelecommunications NetworksData Communications NetworksCryptography FundamentalsVoice Over IPA Brief Introduction to VoIPVoice Over IP ArchitectureSESSION INITIATION PROTOCOL (SIP)SIP FundamentalsIntroduction to SIPSIP ArchitecturePART II: The SIP-Based VoIP EcosystemSIP Associated Protocols and ServicesOpterational OverviewPART III: Securing SIP-Based VoIPSection I: Threat ModelingThreat AssessmentSIP Threat Assessment ModelsSection II: Hardening and CountermeasuresHardening MechanismsSecure SIP and RTPFirewall and NAT TraversalSection III: Security AnalysisBasic Security Analysis ToolkitThe Evolution of ThreatsAppendices