VoIP Can Still Be Exploited - Badly

VoIP phones are early representatives as well as present enhancers of the IoT. This paper observes that they are still widely used in a traditional, unsecured configuration and demonstrates the Phonejack family of attacks: Phonejack 1 conjectures the exploitation of phone vulnerabilities; Phonejack...

Full description

Saved in:
Bibliographic Details
Published in2020 Fifth International Conference on Fog and Mobile Edge Computing (FMEC) pp. 237 - 243
Main Authors Biondi, Pietro, Bognanni, Stefano, Bella, Giampaolo
Format Conference Proceeding
LanguageEnglish
Published IEEE 01.04.2020
Subjects
attack
Computer crashes
Computer crime
Edge computing
IoT
Portable computers
privacy
Protocols
script
VoIP
Online AccessGet full text

Cover

More Information
Summary:VoIP phones are early representatives as well as present enhancers of the IoT. This paper observes that they are still widely used in a traditional, unsecured configuration and demonstrates the Phonejack family of attacks: Phonejack 1 conjectures the exploitation of phone vulnerabilities; Phonejack 2 demonstrates how to mount a denial-of-service attack on a network of phones; Phonejack 3 sniffs calls. It is reassuring, however, that inexpensive devices such as a Raspberry Pi can be configured and programmed as effective countermeasures, thus supporting the approach of integrating both technologies. A video clip demonstrates both attacks and defence measures [14]. The concluding evaluations argue that trusting the underlying network security measures may turn out overly optimistic; moreover, VoIP phones really ought to be protected as laptops routinely are today.
DOI:10.1109/FMEC49853.2020.9144875