Android mobile VoIP apps:

A survey and examination of their security and privacy

mVoIP security and privacy: A survey

In this section, we present a survey of the research on mVoIP security and privacy published from January 2009

to January 2014. In order to put the survey in a broader context, we also briefly review the research on VoIP

security and privacy in the past five years, by extending the survey in [53].

Keromytis [53] conducted a comprehensive survey of VoIP security research, which included 245 publica-

tions starting from 2000 till the first quarter (Q1) of 2011. In this section, we extend the survey by considering

VoIP security and privacy publications published from the second quarter of 2011 (Q2) to January 2014, as well

as including publications on forensic analysis of VoIP services from 2000. To enable a meaningful comparison,

we adapt Keromytis’s [53] taxonomy of VoIP security classification tree, and survey methodology. We searched

on IEEEXplore, ACM Digital Library, Google Scholar, INSPEC and Science Direct using the keywords: “VoIP

security”, “SIP security”, “VoIP vulnerabilities”, “SIP vulnerabilities”, “VoIP privacy”, “SIP

privacy”, “SIP attacks”, and “VoIP attacks”, “VoIP forensic”, “SIP forensic”.

Similarly for our survey of mVoIP security and privacy research, we located the material published in the

last five years (January 2009 – January 2014) by searching various academic databases, including IEEE Xplore,

ACM Digital Library, Google Scholar, INSPEC and ScienceDirect using the keywords: “Mobile Voice over

IP”, “mVoIP”, “Mobile VoIP”, “mVoIP app”, “mVoIP application”, “mVoIP Security”, “mVoIP privacy”,

“mobile VoIP security”, “mobile VoIP privacy”, “mVoIP attacks”, and “mVoIP vulnerabilities”, “mobile VoIP

forensic”, “mVoIP forensic”.

Table 1 presents the number of relevant publications located. The critical analysis of VoIP security and pri-

vacy research is beyond the scope of this paper as our focus is on mVoIP security and privacy research.

1

Table 1 VoIP and mVoIP publications on security and privacy

C

lass

ifica

tion

Category

VoIP mVoIP

2000 (Jan)-2011 (Q1) 2011 (Q2)-2014 (Jan) 2009 (Jan)-2014 (Jan)

Num

ber o

fPu

blic

atio

ns

Ref

eren

ces

Num

ber o

fPu

blic

atio

ns

Ref

eren

ces

Num

ber o

f P

ublic

atio

ns

Ref

eren

ces

VoI

PSA

Cla

ssifi

catio

n [9

3]

Social threats 43 [53] 11 [14],[77],[78],[3], [12],[89],[98],[83],[1],[84],[85]

4 [6],[15],[2],[31],[36]

Traffic attacks 30 [53] 13 [96],[23],[95],[106], [21],[33],[55],[32], [48],[101],[58],[27], [82]

2 [76],[108]

Denial ofService

31 [53] 8 [19],[107],[30],[47],[56],[61],[13],[73]

1 [15]

Service abuse 7 [53]

Add

ition

al C

ateg

orie

s

Overview and surveys

50 [53] 12 [53],[52],[51],[9],[72],[91],[45],[46],[92],[104],[57],[66]

Field studies and system/ protocol ana-lysis

12 [53] 3 [74],[94],[37]

Performance analysis

14 [53] 3 [20],[65],[97]

Authentication protocols

15 [53] 11 [8],[24],[71],[86],[88],[11],[35],[87],[43], [105],[102]

Architectures 19 [53] 13 [63],[5],[25],[26],[34],[50],[64],[75],[49],[100],[7],[44],[81]

2 [62],[99]

Middleboxes 11 [53] 1 [10]Intrusiondetection

11 [53] 3 [4],[79],[22]

Miscellaneous 2 [53]Forensicanalysis

11 [18],[28],[38],[80],[68],[69],[70],[29],[54],[60], [59]

5 [41],[42],[103],[40],[67]

3 [39],[16],[17]

Total number ofpublications

256 83 12339

2

summarises our survey findings. In the remaining part of this section, we discuss these findings in detail.

Table 2 Security and privacy risks associated with mVoIP apps

Security risks Mobile OS Identified in Mitigation strategies

(and OS applicable)

Social threats

(see Section 2.1)

iOS, Android Cho et al. [15],

Akinbami [2],

Gao and Zhang [31],

Heo et al. [36],

Azfar et al. [6]

Cho et al. [15]

Traffic attacks

(see Section 2.2)

iOS, Android and others H. Sengar et al. [76],

Zhou and Jiang [108]

Denial of service

(DoS)

(see Section 2.3)

iOS, Android and others Cho et al. [15]

Architectures

(see Section 2.4)

Android Nakarmi et al. [62],

Wu et al. [99]

Nakarmi et al. [62],

Wu et al. [99]

Forensic analysis

(see Section 2.5)

iOS, Android Husain and Sridhar [39],

Chu et al. [16],

Chu et al. [17]

Social threats

As explained by Cho et al. [15], mVoIP communications can suffer from modification attacks, Man-in-the

Middle (MITM) attack, replay attacks and call bombing attacks. The SIP INVITE packets of mVoIP communic-

ations can be exploited for the purpose of modification and DoS attacks. In a call bombing attack, the call ser -

vice changes the requested connection telephone number of a receiver. This can be done by modifying the Real-

time Transport Protocol (RTP) packet sent to the softswitch (a software switch that connects calls from one

phone line to another) by a caller. The authors proposed and implemented a voice based one-time password

3

authentication system for user authentication, which used a user’s voice data to prevent MITM and replay at -

tacks [15].

Akinbami [2] analysed and evaluated the security of mVoIP services on Android phones. His research

identified that “Fring” app requested for permissions for services that resulted in unnecessary financial costs to

the users (i.e. sending of SMS messages). The app also requested for unnecessary access to hardware controls,

network communications, user’s personal information, phone related information, storage information and

system tools. Similarly, “Tango” app also requested for permissions for managing accounts, hardware control

(i.e. record audio), receiving SMS, network communication, user’s personal information (i.e. log data), phone

calls, storage control and system tools. The third mVoIP app considered by Akinbami is “Viber”, which

requested for permissions for account access (i.e. account authentication), direct call phone numbers, send SMS,

hardware controls, location information, network communication and personal information (i.e. read contact

data), storage information and system tools. Some of these permissions allowed the app to have access to

information, such as geolocation, which could infringe on the user’s privacy.

Gao and Zhang [31] investigated WeChat app to understand how the app stores the user’s data on iPhone.

The authors performed both physical and logical acquisitions on the test item (an iPhone 5) and recovered

different types of data located in different subfolders of the phone, such as user information, voice messages and

thumbnails of the pictures and video files taken using the phone’s built-in camera. Physical extraction refers to

the ability to perform a bit-for-bit copy of the entire physical storage, which allows the forensic tools to acquire

remnants of deleted data. However, this process requires direct access to the file system of the mobile device.

This is necessary to be able to recover deleted data from the disk using methods such as carving, where

particular file headers are searched for to recover target file types. Logical extraction refers to the ability to copy

the logical storage objects of the mobile device, and this extraction method does not usually recover any deleted

information due to the data being transferred file by file rather than bit for bit [90].

Heo et al. [36] studied several major websites which provide cloud, VoIP (including mVoIP), messenger, E-

mail services to determine whether these sites encrypt user data during user authentication and data transfer in

both wired and wireless environment. The studies showed that mVoIP appls encrypt the data only in wireless

environment but their investigations were limited to only three mVoIP apps.

In our earlier work [6], we studied ten popular Android mVoIP apps to determine whether the communica-

tions are encrypted. Our analysis of the pcap files revealed that most of the apps provided encrypted text mes-

saging (apart from yahoo messenger). For voice communications, our histogram analysis and entropy analysis

4

found that six of the ten apps examined might not provide encrypted communication. In the main paper – see

Sections 4 to 7, we extend our previous work by considering the remaining three possible communication chan -

nel combinations, namely: mobile data network to mobile data network (m2m), mobile data network to WiFi

network (m2w), and WiFi network to mobile data network (w2m).

Traffic attacks

It is known that mVoIP communications are vulnerable to various attacks. For example, Sengar et al. [76]

proposed a technique to track VoIP communications over Skype. In this approach, only the callee is known

prior to the communication and the caller is tracked during the communication session. Their transparent packet

marking scheme determined the origination and destination of a call as well as the path taken for the call

through various hosts in P2P networks. Some popular Instant Messaging (IM) apps were also found to be

passively leaking the chat messages in experiments performed by Zhou and Jiang [108]. For example, GO SMS

Pro leaked the conversation content between two parties via a content provider interface.

Denial of service

Cho et al. [15] identified mVoIP communications are vulnerable to denial of service (DoS) attacks. An attacker

can modify the INVITE packets and transmit to the receiver. The softswitch forwards the call incorrectly to the

victim by transferring the call setting as an attack target and, thus, initiates a DoS attack.

Architectures

Nakarmi et al. [62] explored the alternatives and feasibility of achieving VoIP media security for smartphones.

They prototyped a secure VoIP mobile client compliant with 3GPP IP Multimedia Subsystem (IMS) standard

(SIP was used as the signalling protocol). Their experiments found that the prototype performed satisfactorily

under a realistic setting (with an estimated 50 ms call setup delay on a Nexus One running Android 2.3.3),

which suggested that the performance would not be adversely affected even if media security is imposed.

Wu et al. [99] implemented a Security Evaluation Framework for Android to evaluate stock smartphone

images. The authors examined the security impact of vendor customizations on Android devices. The results of

the experiments showed that more than 81.78% of pre-loaded apps on Android devices are due to vendor cus-

tomizations. On average, 85.78% of the pre-loaded apps are over-privileged (i.e. apps having unnecessary per -

missions and, consequently, increase the impact of a bug or vulnerability and adversely impact on the privacy of

mobile users), which is also due to the vendor customizations. The authors concluded that vendor customiza-

5

tions lead to a large proportion of the vulnerabilities (i.e. HTC, and LG phones, between 64.71% and 85.00%)

found on Android phones.

Forensic analysis

Instant Messages (IM) are important features of mVoIP apps, and not surprisingly there has been increasing

interest in obtaining evidential data from IM on smartphones. Husain and Sridhar [39] conducted forensic ana-

lysis of three IM apps for iOS devices (e.g. iPhones), namely AIM, Yahoo Messenger and Google Talk. The

authors only accessed the logical copies of the files on the iPhone through a Windows machine. Their investiga-

tion concluded that AIM screen name, plaintext password, conversation detail with timestamp and unique

phrase could be found in the stored files. The Yahoo Messenger ID, encrypted password and the conversation

with timestamps were found in the stored files. But the authors were unable to obtain useful evidential data from

their forensic analysis of Google Talk.

Chu et al. [16] performed forensic analysis of Skype and MSN IM apps. The authors were able to locate the

target strings in the Android devices’ memory, even after the devices were rebooted. In another independent, yet

related, research, Chu et al. [17] investigated Viber app running on Android OS. They created an image of the

memory and recovered the received and replied IMs using the sender’s and receiver’s mobile (or cell) number.

References

1. Ahmedy, I., & Portmann, M. Using Captchas to Mitigate the VoIP Spam Problem. In Proceedings of the

Second International Conference on Computer Research and Development, 7-10 May 2010 (pp. 136-140).

2. Akinbami, G. J. (2012). Analysis and evaluation of the security concerns of VoIP services on smart phones:

a case study of the Android-based phones. Turku University of Applied Sciences, Finland.

3. Amanian, M., Moghaddam, M. H. Y., & Roshkhari, H. K. New method for evaluating anti-SPIT in VoIP

networks. In Proceedings of the 3rd International eConference on Computer and Knowledge Engineering

(ICCKE), 31 Oct-1 Nov 2013 (pp. 374-379).

4. Asgharian, Z., Asgharian, H., Akbari, A., & Raahemi, B. A framework for SIP intrusion detection and re-

sponse systems. In Proceedings of the International Symposium on Computer Networks and Distributed

Systems (CNDS) 23-24 Feb 2011 (pp. 100-105).

6

5. Azad, M. A., & Morla, R. Multistage SPIT detection in transit VoIP. In Proceedings of the 19th Interna-

tional Conference on Software, Telecommunications and Computer Networks (SoftCOM), 15-17 Sep 2011

(pp. 1-9).

6. Azfar, A., Choo, K. K. R., & Liu, L. A Study of Ten Popular Android Mobile Voip Applications: Are the

Communications Encrypted? In Proceedings of the Proceedings of the 47th Anual Hawaii International

Conference on System Sciences (HICSS), Hawaii, USA, 6-9 January 2014 (pp. 4858-4867).

7. Aziz, A., Hoffstadt, D., Ganz, S., & Rathgeb, E. Development and Analysis of Generic VoIP Attack Se-

quences Based on Analysis of Real Attack Traffic. In Proceedings of the 12th IEEE International Confer-

ence on Trust, Security and Privacy in Computing and Communications (TrustCom), 16-18 Jul 2013 (pp.

675-682).

8. Babu, S. S., & Gokulraj, K. (2011). A Multifactor Hash Digest Challenge-Response Authentication Scheme

for Session Initiation Protocol. Network Protocols and Algorithms, 2(4), 30-39.

9. Baradaran Shahroudi, A., Khosravi, R. H., Mashhadi, H. R., & Ghorbanian, M. Full survey on SPIT and

prediction of how VoIP providers compete in presence of SPITTERS using game-theory. In Proceedings of

the IEEE International Conference on Computer Applications and Industrial Electronics (ICCAIE), 4-7

Dec 2011 (pp. 402-406).

10. Barreto, F. An improved B2BUAWM approach for VoIP infrastructure. In Proceedings of the 7th Latin

American Network Operations and Management Symposium (LANOMS), 10-11 Oct 2011 (pp. 1-4).

11. Battistello, P., Garcia-Alfaro, J., & Delétré, C. (2012). Transaction-based authentication and key agreement

protocol for inter-domain VoIP. Journal of Network and Computer Applications, 35(5), 1579-1597.

12. Ben Chikha, R. J., Abbes, T., & Bouhoula, A. A SPIT detection algorithm based on user's call behavior. In

Proceedings of the 21st International Conference on Software, Telecommunications and Computer Networks

(SoftCOM), 18-20 Sep 2013 (pp. 1-5).

13. Bou-Harb, E., Debbabi, M., & Assi, C. A first look on the effects and mitigation of VoIP SPIT flooding in

4G mobile networks. In Proceedings of the IEEE International Conference on Communications (ICC), 10-

15 Jun 2012 (pp. 982-987).

14. Chaisamran, N., Okuda, T., Blanc, G., & Yamaguchi, S. Trust-Based VoIP Spam Detection Based on Call

Duration and Human Relationships. In Proceedings of the IEEE/IPSJ 11th International Symposium on

Applications and the Internet (SAINT), 18-21 Jul 2011 (pp. 451-456).

7

15. Cho, S.-W., Jang, W.-J., & Lee, H.-W. mVoIP Service attack and authentication mechanism on a Smart

work device. In International Conference on Computer Science and Network Technology (ICCSNT 2011),

China, 24-26 December 2011 (pp. 482-486). doi:10.1109/ICCSNT.2011.6182001.

16. Chu, H. C., Lo, C. H., & Chao, H. C. (2013). The disclosure of an Android smartphone’s digital footprint

respecting the Instant Messaging utilizing Skype and MSN. Electronic Commerce Research, 13(3), 399-410.

17. Chu, H. C., Yang, S. W., Wang, S. J., & Park, J. H. (2012). The Partial Digital Evidence Disclosure in Re-

spect to the Instant Messaging Embedded in Viber Application Regarding an Android Smart Phone. In J. H.

Park, J. Kim, D. Zou, & Y. S. Lee (Eds.), Information Technology Convergence, Secure and Trust Comput-

ing, and Data Management (Vol. 180, pp. 171-178, Lecture Notes in Electrical Engineering): Springer Neth-

erlands.

18. Chun-Ming, L., & Yuen-Yan, C. Network Forensic on Encrypted Peer-to-Peer VoIP Traffics and the Detec-

tion, Blocking, and Prioritization of Skype Traffics. In Proceedings of the 16th IEEE International Work-

shops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE) 18-20 Jun 2007

(pp. 401-408).

19. Chung-Hsin, L., & You-Sheng, L. The study of Botnet attack on VoIP. In Proceedings of the Sixth Interna-

tional Conference on Networked Computing and Advanced Information Management (NCM), 16-18 Aug

2010 (pp. 636-640).

20. Cioponea, C., Bucicoiu, M., & Rosner, D. Analysis of VoIP encryption performance using dedicated hard-

ware. In Proceedings of the 11th Roedunet International Conference, 17-19 Jan 2013 (pp. 1-4).

21. Cirani, S., Pecori, R., & Veltri, L. (2011). A Peer-to-Peer Secure VoIP Architecture. In Trustworthy Internet

(pp. 105-115): Springer Milan.

22. Ciz, P., Labaj, O., Podhradsky, P., & Londak, J. VoIP Intrusion Detection System with Snort. In Proceedings

of the 54th International Symposium ELMAR, 12-14 Sep 2012 (pp. 137-140).

23. Coskun, B., & Memon, N. Tracking encrypted VoIP calls via robust hashing of network flows. In Proceed-

ings of the IEEE International Conference on Acoustics Speech and Signal Processing (ICASSP), 14-19

Mar 2010 (pp. 1818-1821).

24. Dacosta, I., Balasubramaniyan, V., Ahamad, M., & Traynor, P. (2011). Improving Authentication Perform-

ance of Distributed SIP Proxies. IEEE Transactions on Parallel and Distributed Systems, 22(11), 1804-

1812.

8

25. do Carmo, R., Nassar, M., & Festor, O. Artemisa: An open-source honeypot back-end to support security in

VoIP domains. In Proceedings of the International Symposium on Integrated Network Management (IM),

23-27 May 2011 (pp. 361-368).

26. Fankhauser, F., Ronniger, M., Schanes, C., & Grechenig, T. (2011). Security Test Environment for VoIP

Research. International Journal for Information Security Research (IJISR), 1(1).

27. Farley, R., & Xinyuan, W. VoIP Shield: A transparent protection of deployed VoIP systems from SIP-based

exploits. In Proceedings of the IEEE Network Operations and Management Symposium (NOMS), 16-20

Apr 2012 (pp. 486-489).

28. Fernandez, E., Pelaez, J., & Larrondo-Petrie, M. (2007). Attack Patterns: A New Forensic and Design Tool.

In P. Craiger, & S. Shenoi (Eds.), Advances in Digital Forensics III (Vol. 242, pp. 345-357): Springer New

York.

29. Francois, J., State, R., Engel, T., & Festor, O. Digital forensics in VoIP networks. In Proceedings of the

IEEE International Workshop on Information Forensics and Security (WIFS), 12-15 Dec 2010 (pp. 1-6).

30. Gao, F., Liu, Q., & Zhan, H. (2011). Research of SIP DoS Defense Mechanism Based on Queue Theory. In

S. Lin, & X. Huang (Eds.), Advances in Computer Science, Environment, Ecoinformatics, and Education

(Vol. 214, pp. 99-104, Communications in Computer and Information Science): Springer Berlin Heidelberg.

31. Gao, F., & Zhang, Y. Analysis of WeChat on IPhone. In Proceedings of the Proceedings of the 2nd Inter-

national Symposium on Computer, Communication, Control and Automation, Singapore, 1-2 December

2013 (pp. 278–281).

32. Gomes, J., Inacio, P., Pereira, M., Freire, M., & Monteiro, P. (2013). Identification of Peer-to-Peer VoIP

Sessions Using Entropy and Codec Properties. IEEE Transactions on Parallel and Distributed Systems,

24(10), 2004 - 2014.

33. Gruber, M., Fankhauser, F., Taber, S., Schanes, C., & Grechenig, T. Security Status of VoIP Based on the

Observation of Real-World Attacks on a Honeynet. In Proceedings of the IEEE third international confer-

ence on Privacy, security, risk and trust (passat), and IEEE third international conference on social comput-

ing (socialcom), 9-11 Oct 2011 (pp. 1041-1047).

34. Gruber, M., Fankhauser, F., Taber, S., Schanes, C., & Grechenig, T. Trapping and analyzing malicious VoIP

traffic using a honeynet approach. In Proceedings of the International Conference for Internet Technology

and Secured Transactions (ICITST), 11-14 Dec 2011 (pp. 442-447).

9

35. He, D., Chen, J., & Chen, Y. (2012). A secure mutual authentication scheme for session initiation protocol

using elliptic curve cryptography. Security and Communication Networks, 5(12), 1423-1429.

36. Heo, G., Park, Y., & Park, W. (2013). Vulnerability of information disclosure in data transfer section for

constructing a safe smart work infrastructure. Multimedia Tools and Applications, 1-17.

37. Hoffstadt, D., Marold, A., & Rathgeb, E. P. Analysis of SIP-Based Threats Using a VoIP Honeynet System.

In Proceedings of the IEEE 11th International Conference on Trust, Security and Privacy in Computing

and Communications (TrustCom), 25-27 Jun 2012 (pp. 541-548).

38. Hsu, H.-M., Sun, Y., & Chen, M. (2008). A Collaborative Forensics Framework for VoIP Services in Multi-

network Environments. In C. Yang, H. Chen, M. Chau, K. Chang, S.-D. Lang, P. Chen, et al. (Eds.), Intelli-

gence and Security Informatics (Vol. 5075, pp. 260-271, Lecture Notes in Computer Science): Springer Ber-

lin Heidelberg.

39. Husain, M., & Sridhar, R. (2010). iForensics: Forensic Analysis of Instant Messaging on Smart Phones. In S.

Goel (Ed.), Digital Forensics and Cyber Crime (Vol. 31, pp. 9-18, Lecture Notes of the Institute for Com-

puter Sciences, Social Informatics and Telecommunications Engineering): Springer Berlin Heidelberg.

40. Ibrahim, M., Abdullah, M. T., & Dehghantanha, A. VoIP evidence model: A new forensic method for in-

vestigating VoIP malicious attacks. In Proceedings of the International Conference on Cyber Security,

Cyber Warfare and Digital Forensic (CyberSec), 26-28 Jun 2012 (pp. 201-206).

41. Irwin, D., & Slay, J. (2011). Extracting Evidence Related to VoIP Calls. In G. Peterson, & S. Shenoi (Eds.),

Advances in Digital Forensics VII (Vol. 361, pp. 221-228, IFIP Advances in Information and Communica-

tion Technology): Springer Berlin Heidelberg.

42. Irwin, D., Slay, J., Dadej, A., & Shore, M. (2011). Extraction of Electronic Evidence from VoIP: Forensic

Analysis of a Virtual Hard Disk vs RAM. Journal of Digital Forensics, Security & Law, 6(1).

43. Jaafar, Y., Samsudin, A., Syafalni, A., & Omar, M. A. (2013). Framework for VoIP Authentication using

Session ID based on Modified Vector Quantization. International Journal of Multimedia and Ubiquitous

Engineering, 8(3), 369-376.

44. Jaber, A. N., Supriyanto, Manickam, S., & Ramadass, S. (2013). Highly Effective Filtration and Prevention

Framework for Secure Incoming VoIP Calls. [Article]. International Journal of Control & Automation, 6(3),

95-102.

45. Jaber, A. N., Tan, C.-W., Manickam, S., & Khudher, A. A. (2012). Session Initiation Protocol Security: A

Brief Review. Journal of Computer Science, 8(3), 348-357.

10

46. Jan, I. I., Adeel, S. R., Khan, W., Khan, J., Faraz, Q. A., Gul, F., et al. (2012). A Survey of Security Weak-

ness of Session Initiation Protocol (SIP). International Journal of Multidisciplinary Sciences and Engineer-

ing, 3(4), 50-53.

47. Jin, T., & Yu, C. Quick Detection of Stealthy SIP Flooding Attacks in VoIP Networks. In Proceedings of the

IEEE International Conference on Communications (ICC) 5-9 Jun 2011 (pp. 1-5).

48. Jong, C.-H., & Gligor, V. D. Discovering records of private VoIP calls without wiretapping. In Proceedings

of the 7th ACM Symposium on Information, Computer and Communications Security, Seoul, Korea, 2012

(pp. 67-68).

49. Jung, T., Martin, S., Ernst, D., & Leduc, G. (2012). SPRT for SPIT: Using the Sequential Probability Ratio

Test for Spam in VoIP Prevention. In R. Sadre, J. Novotný, P. Čeleda, M. Waldburger, & B. Stiller (Eds.),

Dependable Networks and Services (Vol. 7279, pp. 74-85, Lecture Notes in Computer Science): Springer

Berlin Heidelberg.

50. Kapourniotis, T., Dagiuklas, T., Polyzos, G., & Alefragkis, P. Scam and fraud detection in VoIP Networks:

Analysis and countermeasures using user profiling. In Proceedings of the 50th FITCE Congress (FITCE),

Aug. 31-Sept. 3 2011 (pp. 1-5).

51. Keromytis, A. (2011). Survey of VoIP Security Research Literature. In Voice over IP Security (Vol. 1, pp.

27-55, SpringerBriefs in Computer Science): Springer New York.

52. Keromytis, A. (2011). Voice Over IP Security: A Comprehensive Survey of Vulnerabilities and Academic

Research (Vol. 1): Springer.

53. Keromytis, A. D. (2012). A Comprehensive Survey of Voice over IP Security Research. IEEE Communica-

tions Surveys & Tutorials, 14(2), 514-537.

54. Khan, L. A., Baig, M. S., & Youssef, A. M. (2010). Speaker recognition from encrypted VoIP communica-

tions. Digital Investigation, 7(1–2), 65-73.

55. Koo, T., & Lin, C. VoIP interception in P2P SIP environment. In Proceedings of the 2nd International

Conference on Computer and Automation Engineering (ICCAE), Singapore, 26-28 Feb 2010 Vol. 1, (pp.

331-334).

56. Kumar, A., Thilagam, P. S., Pais, A., Sharma, V., & Sadalkar, K. (2011). Towards Evaluating Resilience of

SIP Server under Low Rate DoS Attack. In V. Das, G. Thomas, & F. Lumban Gaol (Eds.), Information

Technology and Mobile Communication (Vol. 147, pp. 336-339, Communications in Computer and Informa-

tion Science): Springer Berlin Heidelberg.

11

57. Kumar, R., & Chauhan, S. (2013). A Survey and Analysis of Media Keying Techniques in Session Initiation

Protocol (SIP). International Journal of Computer Science and Mobile Computing, 2(5), 289-301.

58. Li, J.-S., Kao, C.-K., & Tzeng, J.-J. (2011). VoIP secure session assistance and call monitoring via building

security gateway. International Journal of Communication Systems, 24(7), 837-851.

59. Lin, I. L., Yun-Sheng, Y., Bo-Lin, W., & Hsiang-Yu, W. VoIP Digital Evidence Forensics Standard Operat-

ing Procedure (DEFSOP). In Proceedings of the International Conference on Broadband, Wireless Com-

puting, Communication and Applications (BWCCA), 4-6 Nov 2010 (pp. 407-412).

60. Lin, I. L., Yun-Sheng, Y., Bo-Lin, W., & Hsiang-Yu, W. VoIP network forensic analysis with digital evid-

ence procedure. In Proceedings of the Sixth International Conference on Networked Computing and Ad-

vanced Information Management (NCM), 16-18 Aug 2010 (pp. 236-241).

61. Liu, L. Uncovering SIP Vulnerabilities to DoS Attacks Using Coloured Petri Nets. In Proceedings of the

IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications

(TrustCom), 16-18 Nov 2011 (pp. 29-36).

62. Nakarmi, P. K., Mattsson, J., & Maguire, G. Q., Jr. Evaluation of VoIP media security for smartphones in

the context of IMS. In IEEE Swedish Communication Technologies Workshop (Swe-CTW), Sweden, 19-21

October 2011 (pp. 123-128). doi:10.1109/Swe-CTW.2011.6082479.

63. Nassar, M., Dabbebi, O., Badonnel, R., & Festor, O. Risk management in VoIP infrastructures using support

vector machines. In Proceedings of the International Conference on Network and Service Management

(CNSM), 25-29 Oct 2010 (pp. 48-55).

64. Nassar, M., Martin, S., Leduc, G., & Festor, O. Using decision trees for generating adaptive SPIT signatures.

In Proceedings of the 4th international conference on Security of information and networks, Sydney, Aus-

tralia, 2011 (pp. 13-20). 2070431: ACM.

65. Neal, H., & ElAarag, H. Performance analysis of current data hiding algorithms for VoIP. In Proceedings of

the 16th Communications & Networking Symposium, San Diego, California, 7-10 Apr 2013 (pp. 1-7).

66. Patel, M., & Buddhdev, B. (2013). Analysis of Security Threats in Voice Over Internet Protocol (VOIP).

Control Theory and Informatics, 3(5), 30-37.

67. Patil, H., Cohen, A., & Parhi, K. (2012). Speaker Identification over Narrowband VoIP Networks. In A.

Neustein, & H. A. Patil (Eds.), Forensic Speaker Recognition (pp. 125-151): Springer New York.

68. Pelaez, J. C. Using Misuse Patterns for VoIP Steganalysis. In Proceedings of the 20th International Work-

shop on Database and Expert Systems Application, 31 Aug-4 Sep 2009 (pp. 160-164).

12

69. Pelaez, J. C., & Fernandez, E. B. VoIP Network Forensic Patterns. In Proceedings of the Fourth Interna-

tional Multi-Conference on Computing in the Global Information Technology (ICCGI) 23-29 Aug 2009 (pp.

175-180).

70. Pelaez, J. C., Fernandez, E. B., & Larrondo-Petrie, M. M. (2009). Misuse patterns in VoIP. Security and

Communication Networks, 2(6), 635-653.

71. Rachoń, J., Piotrowski, Z., & Gajewski, P. (2011). Authentication in VoIP telephony with use of the echo

hiding method. J. Telecommun. Inf. Technol., 3(1), 17-21.

72. Rebahi, Y., Nassar, M., Magedanz, T., & Festor, O. (2011). A survey on fraud and service misuse in voice

over IP (VoIP) networks. Information Security Technical Report, 16(1), 12-19.

73. Rezac, F., Voznak, M., Safarik, J., Partila, P., & Tomala, K. Security solution against denial of service at-

tacks in BESIP system. In Proceedings of the SPIE Defense, Security and Sensing, 2013 Vol. 8755, (pp.

875501-875508): International Society for Optics and Photonics.

74. Rezac, F., Voznak, M., Tomala, K., Rozhon, J., & Vychodil, J. (2011). Security analysis system to detect

threats on a SIP VoIP infrasctructure elements. Advances in Electrical and Electronic Engineering, 9(5),

225-232.

75. Scata, M., & La Corte, A. Security analysis and countermeasures assessment against spit attacks on VoIP

systems. In Proceedings of the World Congress on Internet Security (WorldCIS), 21-23 Feb 2011 (pp. 177-

183).

76. Sengar, H., Ren, Z., Wang, H., Wijesekera, D., & Jajodia, S. Tracking Skype VoIP Calls Over The Internet.

In IEEE 29th Conference on Computer Communications (INFOCOM 2010), USA, 14-19 March 2010 (pp.

1-5). doi:10.1109/INFCOM.2010.5462266.

77. Sengar, H., Wang, X., & Nichols, A. Thwarting spam over internet telephony (SPIT) attacks on VoIP net-

works. In Proceedings of the IEEE 19th International Workshop on Quality of Service, San Jose, Califor-

nia, 2011 (pp. 1-3).

78. Sengar, H., Wang, X., & Nichols, A. (2012). Call Behavioral Analysis to Thwart SPIT Attacks on VoIP

Networks. In M. Rajarajan, F. Piper, H. Wang, & G. Kesidis (Eds.), Security and Privacy in Communication

Networks (Vol. 96, pp. 501-510, Lecture Notes of the Institute for Computer Sciences, Social Informatics

and Telecommunications Engineering): Springer Berlin Heidelberg.

13

79. Shekokar, N., & Devane, S. (2011). Anomaly Detection in VoIP System Using Neural Network and Fuzzy

Logic. In V. Das, & N. Thankachan (Eds.), Computational Intelligence and Information Technology (Vol.

250, pp. 537-542, Communications in Computer and Information Science): Springer Berlin Heidelberg.

80. Slay, J., & Simon, M. Voice over IP forensics. In Proceedings of the 1st international conference on

Forensic applications and techniques in telecommunications, information, and multimedia and workshop,

Adelaide, Australia, 2008 (pp. 1-6).

81. Son, B., Nahm, E., & Kim, H. (2013). VoIP encryption module for securing privacy. Multimedia Tools and

Applications, 63(1), 181-193.

82. Sonwane, G. D., & Chandavarkar, B. R. Security Analysis of Session Initiation Protocol in IPv4 and IPv6

Based VoIP Network. In Proceedings of the 2nd International Conference on Advanced Computing, Net-

working and Security (ADCONS), 15-17 Dec 2013 (pp. 187-192).

83. Soupionis, Y., Basagiannis, S., Katsaros, P., & Gritzalis, D. (2011). A Formally Verified Mechanism for

Countering SPIT. In C. Xenakis, & S. Wolthusen (Eds.), Critical Information Infrastructures Security (Vol.

6712, pp. 128-139, Lecture Notes in Computer Science): Springer Berlin Heidelberg.

84. Soupionis, Y., & Gritzalis, D. (2010). Audio CAPTCHA: Existing solutions assessment and a new imple-

mentation for VoIP telephony. Computers & Security, 29(5), 603-618.

85. Soupionis, Y., & Gritzalis, D. ASPF: Adaptive anti-SPIT Policy-based Framework. In Proceedings of the

Sixth International Conference on Availability, Reliability and Security (ARES), 22-26 Aug 2011 (pp. 153-

160).

86. Strand, L., & Leister, W. Improving SIP authentication. In Proceedings of the 10th International Confer-

ence on Networks (ICN), 2011 (pp. 164-169).

87. Strand, L., & Leister, W. (2012). Advancement towards secure authentication in the Session Initiation Pro-

tocol. International Journal On Advances in Security, 4(3 and 4), 208-222.

88. Strand, L., Leister, W., & Duric, A. Migration towards a more secure authentication in the session initiation

protocol. In Proceedings of the Fifth International Conference on Emerging Security Information, Systems

and Technologies (SECURWARE), France, 21-27 Aug 2011 (pp. 57-62).

89. Su, M.-Y., & Tsai, C.-H. (2013). Using data mining approaches to identify voice over IP spam. International

Journal of Communication Systems.

90. Tassone, C., Martini, B., Choo, K.-K. R., & Slay, J. (2013). Mobile device forensics: A snapshot: Australian

Institute of Criminology.

14

91. Thandeeswaran, R., Asha, A., & Jeyanthi, N. (2011). Novel Survey on Detection of DDoS Attack Using

Traceback Technique in VoIP Networks. International Journal of Mathematical Archive (IJMA), 2(12),

2712-2720.

92. Touceda, D. S., Sierra, J. M., Izquierdo, A., & Schulzrinne, H. (2012). Survey of Attacks and Defenses on

P2PSIP Communications. IEEE Communications Surveys & Tutorials, 14(3), 750-783.

93. VoIP_Security_Alliance (2005). VoIP Security and Privacy Threat Taxonomy, Version 1.0. http://www.-

voipsa.org/Activities/VOIPSA_Threat_Taxonomy_0.1.pdf. Accessed 30 January 2014.

94. Voznak, M., Rezac, F., & Rozhon, J. Modular Test System for Determination of Protection against Attacks

in VoIP Networks. In Proceedings of the Seventh International Conference on Next Generation Mobile

Apps, Services and Technologies (NGMAST), 25-27 Sep 2013 (pp. 130-135).

95. Vrakas, N., Geneiatakis, D., & Lambrinoudakis, C. (2010). A Call Conference Room Interception Attack

and Its Detection. In Trust, Privacy and Security in Digital Business (Vol. 6264, pp. 38-44, Lecture Notes in

Computer Science). Lecture Notes in Computer Science.

96. Vrakas, N., & Lambrinoudakis, C. (2013). An intrusion detection and prevention system for IMs and VoIP

services. International Journal of Information Security, 2(3), 201-217.

97. Wahab, A., Bahaweres, R. B., Alaydrus, M., Muhaemin, M., & Sarno, R. Performance analysis of VoIP

client with integrated encryption module. In Proceedings of the 1st International Conference on Communic-

ations, Signal Processing, and their Applications (ICCSPA), 12-14 Feb 2013 (pp. 1-6).

98. Wang, F., Wang, F., Huang, B., & Yang, L. (2013). ADVS: a reputation-based model on filtering SPIT over

P2P-VoIP networks. The Journal of Supercomputing, 64(3), 744-761.

99. Wu, L., Grace, M., Zhou, Y., Wu, C., & Jiang, X. The impact of vendor customizations on android security.

In ACM SIGSAC conference on Computer and Communications Security (CCS 2013), Germany, 4-8

November 2013 (pp. 623-634). doi:10.1145/2508859.2516728.

100. Xianghan, Z., Wenzhong, G., Shangping, Z., & Zhiyong, Y. A Secure and Hierarchical Architecture for

P2PSIP Session Initiation. In Proceedings of the IEEE 26th InternationalParallel and Distributed Pro-

cessing Symposium Workshops & PhD Forum (IPDPSW), 21-25 May 2012 (pp. 1183-1189).

101. Yang, M., & Liu, H. (2013). Implementation and performance of VoIP interception based on SIP session

border controller. Telecommunication Systems, 1-17.

102. Yeh, H.-L., Chen, T.-H., & Shih, W.-K. (2014). Robust smart card secured authentication scheme on SIP

using Elliptic Curve Cryptography. Computer Standards & Interfaces, 36(2), 397-402.

15

103. Yen, Y.-S., Lin, I. L., & Wu, B.-L. (2011). A study on the forensic mechanisms of VoIP attacks: Ana-

lysis and digital evidence. Digital Investigation, 8(1), 56-67.

104. Zhang, G. (2012). Unwanted Traffic and Information Disclosure in VoIP Networks: Threats and Coun-

termeasures. Umeå University,

105. Zhang, L., Tang, S., & Cai, Z. (2013). Efficient and flexible password authenticated key agreement for

Voice over Internet Protocol Session Initiation Protocol using smart card. International Journal of Commu-

nication Systems.

106. Zhang, R., Wang, X., Yang, X., & Jiang, X. (2010). On the billing vulnerabilities of SIP-based VoIP

systems. Computer Networks, 54(11), 1837-1847.

107. Zhe, C., & Rong, D. The Formal Analyse of DoS Attack to SIP Based on the SIP Extended Finite State

Machines. In Proceedings of the International Conference on Computational Intelligence and Software

Engineering (CiSE), 10-12 Dec 2010 (pp. 1-4).

108. Zhou, Y., & Jiang, X. Detecting passive content leaks and pollution in android applications. In 20th

Annual Symposium on Network and Distributed System Security, USA, 24-27 February 2013

16