Abstract
Voice over IP (VoIP) is a set of software and hardware technologies used for making voice calls over the Internet. VoIP has been massively deployed in corporative environments since voice and data network convergence enables unified communication services while reducing costs. The main component of a VoIP network infrastructure is the private branch exchange (PBX). Nowadays, Asterisk is the most widespread PBX deployed within corporations due to its open access technology, along with its modular and flexible design. The configuration of PBX systems usually relies on multiple configuration files composed of a vast number of parameters that may have an impact on the security of the system. Therefore, the setup of such systems tends to be complicated and prone to errors and usually requires highly specialized human intervention. In this research, a diagnosis platform for discovering vulnerabilities and security breaches in the configuration of an Asterisk PBX is presented. The proposed platform performs both reactive and proactive actions in order to reconfigure and harden an Asterisk PBX. Firstly, the platform reacts after certain events by modifying the configuration of the Asterisk PBX in order to mitigate risks. Secondly, the platform performs several on-demand assessments that also reconfigure the Asterisk PBX to improve overall security. Finally, the functionality of the platform is easily extensible and highly customizable. Extensive tests have been carried out to assess the security and performance of the Asterisk PBX when facing attacks. Results show that the security of the platform increases, avoiding performance degradation when using the proposed platform.
Highlights
Voice over IP (VoIP) encompasses a set of software and hardware technologies to make voice calls using data networks as an alternative to the traditional public switched telephone network (PSTN) system
As suggested by the authors in [8], the automatic identification of configuration vulnerabilities may improve the assessment of the VoIP network exposure and the risk management performance. us, this paper proposes a platform including a proactive strategy for discovering vulnerabilities
A diagnosis platform for discovering vulnerabilities and security breaches in the configuration of an Asterisk private branch exchange (PBX) is presented. e platform takes reactive actions in order to reconfigure the Asterisk PBX in real time, reducing the impact of external threats. us, account scan attacks are mitigated by updating access control rules in Asterisk without service disruption
Summary
Voice over IP (VoIP) encompasses a set of software and hardware technologies to make voice calls using data networks as an alternative to the traditional public switched telephone network (PSTN) system. E main reason behind the popularity of this paradigm is cost saving Both large and small companies have realized that deploying and managing separated data and voice networks is expensive. Erefore, security for Asterisk PBXs must be a key concern. PBX systems like Asterisk have many configuration parameters that are directly or indirectly related to security. A diagnosis platform for discovering vulnerabilities and security breaches in the configuration of an Asterisk PBX is presented. The platform checks the correctness of the programmed dial plan and automatically fixes source code lines that compromise the security of the PBX.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
