Cisco funds university research into VoIP security

University of Alabama at Birmingham researchers are exploring, with Cisco's financial assistance, vulnerabilities in VoIP and possible ways to address those flaws

Cisco phone Cisco

It's understandable why Cisco Systems would fund university research into VoIP security: The vendor has a lot at stake if customers lose faith in the technology.

The company is right up there with Microsoft atop the broader unified communications and collaboration market, as measured by the likes of Synergy Research and Gartner.

MORE: 13 of today's coolest network research projects

University of Alabama at Birmingham researchers are exploring, with Cisco's financial assistance, vulnerabilities in VoIP and possible ways to address those flaws.  VoIP security is seen as a top concern of VoIP customers and potential customers.

Researchers in the UAB Department of Computer and Information Sciences (CIS) recently presented their findings at the ACM Conference on Computer and Communications Security, held in Phoenix.

In their research, they focused on the use of peer-to-peer Crypto Phones and shared cryptographic keys designed to eliminate any possible eavesdropping or man-in-the-middle attacks that can put devices and data at risk. 

“Given the surge in popularity of computing devices, ensuring the security of VoIP connections is very important for personal users, and especially for business users,” said Nitesh Saxena, Ph.D., associate professor of CIS, a member of the Center for Information Assurance and Joint Forensics Research (CIA|JFR), and the director of the UAB Security and Privacy in Emerging computing and networking Systems (SPIES) research group, in a statement.

With Crypto Phones, users orally share security information, a technique the researchers found could be vulnerable to automated voice mimicry attacks using off-the-shelf speech recognition and synthesis tools. Voice, video and text information could be compromised via such attacks.

One possible defense could be use of an automated voice recognition or voice biometrics system in Crypto Phones, according to UAB researchers. This would replace or supplement human voice recognition.

To comment on this article and other Network World content, visit our Facebook page or our Twitter stream.
Must read: Hidden Cause of Slow Internet and how to fix it
Notice to our Readers
We're now using social media to take your comments and feedback. Learn more about this here.