-------- Original Message -------- Subject: [TCCC] CFP - IEEE Network Magazine Special Issue on Securing Voiceover IP - deadline 10/15/2005 Date: Fri, 7 Oct 2005 23:48:26 -0700 From: Dipak Ghosal ghosal@cs.ucdavis.edu Reply-To: dghosal@ucdavis.edu Organization: University of California, Davis To: tccc@cs.columbia.edu CC: 'Ram Dantu' rdantu@unt.edu

Call for Papers

IEEE Network Magazine Special Issue on Securing Voice over IP

http://www.comsoc.org/pubs/net/ntwrk/cfpnetwork3Q06.htm

http://www.comsoc.org/pubs/net/ntwrk/special.html

Voice over IP (VoIP) is a key enabling technology for the migration of circuit-switched PSTN architectures to packet-based networks. Long distance carriers are transporting voice traffic using this technology. Businesses and enterprises of all shapes and sizes are deploying VoIP in their network; it is estimated that by 2007 IP based PBXs (IPPBXs) deployments will outnumber the traditional PBX deployments. VoIP services are also being offered to residential customers. As a result, VoIP is rapidly becoming the primary underlying architecture for a very critical infrastructure namely, the telecommunication network. However, there has been a significant lag in understanding, identifying, and resolving the security issues in VoIP.

Security issues in VoIP are different and in ways more complex than security for data applications. IP telephony, for example, is a complex application involving multiple layers of the protocol stack, requiring interoperability among different new and legacy protocols, and interactions among multiple network elements. Existing vulnerabilities including eavesdropping, connection hijacking, call fraud, and denial-of-service will take on new forms in a converged network. Other new vulnerabilities may be able to exploit the signaling and media connections between the two types of networks. Voice services over wireless LANs (VoWLAN) may create additional vulnerabilities. Detailed vulnerability analysis of the protocols both in isolation as well as in conjunction with others they interact with in the converged networks is required to develop appropriate countermeasures. Moreover, VoIP networks are prone to virus and worm spreading through their data network elements. While some solutions have already been proposed for vulnerabilities in protocols such as SIP and H.323, more needs to be done. These include encryption of signaling messages and media to address man-in-the-middle attack. Session Border Controllers are gaining acceptance as voice perimeter controllers in contrast to firewalls for data services. But these devices themselves are prone to attacks.

The goal of this special issue is to bring out the security issues addressed and the new challenges that arise from the new protocols, new network elements and the interactions between these and legacy system (e.g., the SS7 network). The set of articles in this special issue will create a forum for researchers, developers and practitioners to publish the key challenges and disseminate the state-of-the-art techniques in VoIP security.

Scope of Contributions

In this special issue we intend to present tutorials, survey and original research articles written in a tutorial manner readable by non-specialists. The special issue will attempt to cover all aspects of the VoIP security issues related to the architecture, the protocols, and the applications. Topics of interest include (but are not limited to):

. Enterprise and carrier network architectures for secured VoIP . Security issues in peer-to-peer VoIP systems . Cross-layer security architecture . Carrier peering and Session Border Control . Security issues with NAT traversal mechanisms . Vulnerabilities in VoIP protocols such SIP, H.323, MGCP and RTP . End-user and hop-by-hop authentication techniques . QoS impacts due to security implementations . SPAM and DoS attacks . Securing interconnections with SS7 networks . Securing voice over WLAN (VoWLAN)

Manuscript Submission

Authors should submit their manuscripts electronically in PDF format via email to one of the guest editors. With regard to both the content and formatting style of the submissions, prospective contributors should follow the IEEE Network guidelines for authors that can be found at http://www.comsoc.org/pubs/net/ntwrk/authors.html

Important Dates

Paper submission deadline: October 15, 2005 Feedback to authors: February 15, 2005 Final manuscript to publisher: May 1, 2006 Publication of completed special issue: 3Q 2006

Guest Editors

Prof. Ram Dantu Department of Computer Science and Engineering University of North Texas P.O. Box 311366 Denton, Texas 76203-1366 Email: rdantu@unt.edu Phone: 940 565 2822

Prof. Dipak Ghosal Department of Computer Science 3033 Kemper Hall One Shields Avenue University of California Davis, CA 95616 E-mail: Ghosal@cs.ucdavis.edu Phone: (530) 754 9251

Prof. Henning Schulzrinne Dept. of Computer Science 450 Computer Science Columbia University New York, NY 10027 Email: hgs@cs.columbia.edu Phone: (212) 939-7004

_______________________________________________ Tccc mailing list Tccc@cs.columbia.edu http://lists.cs.columbia.edu/mailman/listinfo/tccc