Security issues in VoIP are different and in ways more complex than security for data applications. IP telephony, for example, is a complex application involving multiple layers of the protocol stack, requiring interoperability among different new and legacy protocols, and interactions among multiple network elements. Existing vulnerabilities including eavesdropping, connection hijacking, call fraud, and denial-of-service will take on new forms in a converged network. Other new vulnerabilities may be able to exploit the signaling and media connections between the two types of networks. Voice services over wireless LANs (VoWLAN) may create additional vulnerabilities. Detailed vulnerability analysis of the protocols both in isolation as well as in conjunction with other protocols that they interact with in the converged networks is required to develop appropriate countermeasures. Moreover, VoIP networks are prone to virus and worm spreading through their data network elements. While some solutions have already been proposed for vulnerabilities in protocols such as SIP and H.323, more needs to be done. These include encryption of signaling messages and media to address man-in-the-middle attack. Session Border Controllers are gaining acceptance as voice perimeter controllers in contrast to firewalls for data services. But these devices themselves are prone to attacks.

The goal of this special issue is to bring out the security issues addressed and the new challenges that arise from the new protocols, new network elements and the interactions between these and legacy system (e.g., the SS7 network). The set of articles in this special issue will create a forum for researchers, developers and practitioners to publish the key challenges and disseminate the state-of-the-art techniques in VoIP security. Scope of Contributions

In this special issue we intend to present tutorials, survey and original research articles written in a tutorial manner readable by non-specialists. The special issue will attempt to cover all aspects of the VoIP security issues related to the architecture, the protocols, and the applications. Topics of interest include (but are not limited to):

• Enterprise and carrier network architectures for secured VoIP
• Security issues in peer-to-peer VoIP systems
• Cross-layer security architecture
• Carrier peering and Session Border Control
• Security issues with NAT traversal mechanisms
• Vulnerabilities in VoIP protocols such SIP, H.323, MGCP and RTP
• End-user and hop-by-hop authentication techniques
• QoS impacts due to security implementations
• SPAM and DoS attacks
• Securing interconnections with SS7 networks
• Securing voice over WLAN (VoWLAN)

Authors should submit their manuscripts through Manuscript Central for Communications Magazine at http://commag-ieee.manuscriptcentral.com/. Choose "Network Magazine Special Issue - Securing Voice over IP" from the drop down menu on the submission page. With regard to both the content and formatting style of the submissions, prospective contributors should follow the IEEE Network guidelines for authors that can be found at http://www.comsoc.org/pubs/net/ntwrk/authors.html

Important Dates

Paper submission deadline: November 7, 2005
Feedback to authors: February 15, 2006
Final manuscript to publisher: May 1, 2006
Publication of completed special issue: 3Q 2006

Guest Editors

Prof. Ram Dantu
Department of Computer Science and Engineering
University of North Texas
P.O. Box 311366
Denton, Texas 76203-1366
Email: rdantu@unt.edu
Phone: 940 565 2822

Prof. Dipak Ghosal
Department of Computer Science
3033 Kemper Hall
One Shields Avenue
University of California
Davis, CA 95616
E-mail: Ghosal@cs.ucdavis.edu
Phone: (530) 754 9251

Prof. Henning Schulzrinne
Dept. of Computer Science
450 Computer Science
Columbia University
New York, NY 10027
Email: hgs@cs.columbia.edu
Phone: (212) 939-7004