SecurityBrief New Zealand - Technology news for CISOs & cybersecurity decision-makers
New Zealand
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Contact Centre
#
Cybersecurity
#
Microsoft Teams
Cisco funds VoIP security research project
Fri, 17th Apr 2015
FYI, this story is more than a year old
Author image
By Catherine Knowles, Journalist
Follow us

Cisco has partnered with a university in the United States to improve online communication security, securing voice- and video-over-Internet (VoIP) communications.

The two-year, $150,000 project funded by Cisco Systems is taking place at the University of Alabama at Birmingham (UAB) and will focus on improving the end-to-end security of VoIP communications, an increasingly common means of communcation.

Researchers at the Department of Computer and Information Sciences (CIS) are designing mechanisms to secure VoIP communications, such as Skype or Jabber.

According to UAB, VoIP communications are vulnerable to eavesdropping and man-in-the-middle attacks, in which a malicious third party makes independent connections with the victims and intercepts or fabricates messages between them.

Such attacks can put each user's device at risk and make confidential information vulnerable, UAB says.

Securing VoIP sessions requires each user to agree upon a shared cryptographic key.

Rather than relying on a third-party entity to provide such a key, the new project will design and test a peer-to-peer mechanism.

Users will verbally exchange the information resulting from a cryptographic protocol employing Short Authenticated Strings (SAS) to confirm each other's identity.

“Given the surge in popularity of computing devices, ensuring the security of VoIP connections is very important for personal users, and especially for business users,” says Nitesh Saxena, Ph.D. CIS associate professor and director of the UAB Security and Privacy in Emerging computing and networking Systems (SPIES) research group.

Saxena is serving as the principal investigator of the project along with Purushotham Bangalore, Ph.D. CIS associate professor.

“We hope to make establishing a connection secure and easy to do on the fly,” Saxena says.

In addition to two-party VoIP connections, Saxena's team will assess the scalability of the mechanism for group conversations like a conference call.

“We believe that this project will make strong impacts — not only on networking security, but also human-computer interaction and real-world usability,” Saxena says.

Related stories
RiverSafe teams up with Cribl to boost IT & data security services
Half of online traffic in 2024 generated by bots, report finds
Axis unveils hybrid cloud platform for adaptable security solutions
Cisco launches Hypershield for AI-driven security upgrade
Keeper Security launches user-friendly passphrase generator
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
Armis warns of major cyber-attack risk to 2024 global elections
i-PRO to support Genetec SaaS with new AI-enabled camera models
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption