VoIP : a Survey
by Modupe Yusuff 1313775
Abstract - Voice over internet protocol (VoIP) has
become a very popular alternative as it has taken
over the use of traditional telephone to make voice
calls. VoIP is described as the conveying of voice
over IP based network. With the convergence of
voice and data into a single technology, VoIP is a
cheaper and more convenient method for
communication.Many businesses and organisations
are adopting this technology due to usability and
scalability. For the realization of VoIP there are
protocols, components and security to consider,
which will be discussed in this paper.
I. Introduction
Voice over IP (voice over internet protocol) is a
technology that involves making calls over the IP
based networks to other users or landlines using
broadband connection. The use of VoIP has
increased over the years as people find it cost
effective to be able to communicate with friends
from all over the world at a low price or no charge.
This technology can be used on any platform such
as computer, mobile device or home phone.
This aim of this paper is to give a general
understanding of the various aspects of voice over
internet protocol by first discussing the data
processes involved in the use of VoIP, its
architecture and configuration, and further explain
how the protocols are implemented in the system,
security issues that arise with the use of a VoIP
system and finally some of the applications that
currently provide VoIP services. This paper will
include at the end a summary of the areas that have
been discussed .
II. VoIP architecture
The components that make up the VoIP network
architecture are user agent, gateways and proxy
servers.
User agent : These are devices from which end
users initiate and receive VoIP calls . A user agent
can be a hardware based or software based VoIP
phone (softphones). VoIP calls can be placed with
the use of a dedicated router connected to a
traditional phone. Without the use of any software
or interaction with a computer, all that is required
to make VoIP call is a service plan and an
appropriate VoIP provider. A hardware VoIP
phone is similar to a traditional telephone while a
softphone is usually in a computer device. Each
user agent has a client (UAC) and a server (UAS) ,
the auk sets up and creates requests for endpoints,
while the uas responds to those requests. In
addition, the user agent server is responsible for
finding the destination uac [1].
Gateways : VoIP uses the media gateways for
analog to digital conversion of packets which then
provides the interface for transporting voice content
over the IP network. Furthermore, the conversation
is then transported by RTP (real time protocol) and
run over UDP (User Datagram Protocol). It can
also act as a link between VoIP and PSTN (Public
Switched Telephone Network) [2].
Proxy server : The features of the client and a
server are included in the proxy server. Calls are
routed within a VoIP network through the proxy
server in the sense that it receives requests and
response messages. Furthermore, before the request
is sent to the next proxy server, it has the ability to
adjust the header information [2].
VoIP data processes [3]
Signalling : This stage involves initiating a call that
is; creating and managing the connections between
telephones. The protocol used here is SIP (session
initiation protocol) and H.323.
Encoding and Transport : This is the next stage
after the call has been setup, the signals need to be
sent as packets ; the signals are converted to digital
signals using a codec. The voice packets are then
transported to the internet using a protocol known
as RTP (real time protocol). Data that requires
rearranging on the receiver's end stays in the RTPS
header field, the voice packets are then transported
using the UDP (user datagram protocol). However,
on the other side the packets are taken apart in the
proper order and the digital signals are converted to
 analog signals so that it can be received on the
receiver's handset speaker.
Gateway control : When data is been transmitted,
the order and time at which the packets arrive is
important to satisfy Quality of Service. The
network should ensure that real time conversation
is conveyed through the appropriate gateway and
converted to the right format [1].
T1 connection
to PSTN
Gateway
IP Network
Proxy
IP Phone
server
Figure 1 : VoIP Architecture [2]
III. Protocols
In VoIP, the order in which audio stream (packets)
are transmitted is important to avoid delay of
signals. Protocols handle the series of signalling
transactions between the endpoints and media
streams that hold the conversation [4]. This survey
will discuss SIP, MCGP, H.323 and briefly IAX.
A. SIP (Session initiation protocol)
Sip is a signalling protocol that initiates, modifies
and terminates communication between two end
points (users). SIP comprises of two components -
user agents and network servers. User agent acts on
behalf of a user and this includes a server and a
client ; user agent client starts a sip request while a
user agent server takes delivery of the request and
sends back a response on behalf of a user [5].
The network server consists of three servers - a
registration server has information about the
location of a user, a proxy server sends requests to
another server which has more up to date
information about a users location and a redirect
server determines the next hop server and sends its
information to the client. Furthermore, this protocol
provides services such as determining the media to
be used, finding out if the called user wants to
communicate and what end system is going to be
used for the communication [6].
The SIP uses messages such as "Cancel" -
terminates the process of reaching a user,
"Register" - sends the location of the user to the
registration server, "bye" - ends connection
between two users .
Location server
2 3
1 Invite 4 Invite
O O
client kproxyk uas
server
6 Ok 5 Ok
7 Ack 8 Ack
Figure 2 : A SIP Operation [6]
The figure above shows a simple SIP operation
where a client invites an individual for a call, this
request is sent to the proxy server which then gets
the ip address of the server that is in charge of this
domain. The location server gets the ip address of
the next hop server and passes the Invite to it, on
getting to the UAS server, a response is sent back
to the proxy server and this sends a response to the
client. The clients responds by sending an Ack
message [6].
Here are some advantages and disadvantages of
using the Session Initiation Protocol [7]
 It is a lightweight protocol
 It enables users to multitask whilst on a
call e.g. play games, send pictures and
share media files.
 It is a peer to peer protocol where each
party can in turn be both client and server
Drawback
 With SIP, firewalls can prevent the
endpoints from receiving incoming RTP
(real time protocol) traffic
 For secure connection most SIP user
agents do not support cryptography as
much
B. H.323
H.323 is the first multimedia protocol that was
published by ITU (International Communication
Union) for voice, video and data on the internet. It
can be used with TCP/UDP to provide real-time
 multimedia communication. H.323 architecture
consists of gateways, terminals and multipoint
control unit. The terminals are endpoints such as
telephones and soft phones. The gateways are used
for address resolution and also a means to setting
up calls between two endpoints. In addition, all
endpoints are registered with the gateway as it
provides control services [8]
The multipoint control unit is responsible for
conference calls between two or more users. Asides
H.323 protocol, there are other standards that are
involved in the call implementation such as H.245
and Q.931. Q.931 is responsible for call setup
while the messages are transmitted between the two
endpoints using H.245 over TCP (Transport
Control Protocol) [9].
H.225 tcp connection
H.323 gatekeeper
H.323 gateway Capabilities exchange
Rtcp address
connect
Rtcp address
Rtcp&&Rtp address
Rtp Stream
H.323 gateway Rtp Stream
IP Phone
Figure 3: An H.323 Call Flow [10]
The figure above shows a call setup using H.323
protocol. Asides H.323 there are other protocols
such as H.225 and H.245 involved in the call setup.
The major responsibility for the H.225 protocol is
to set up the call over a TCP connection and route
the appropriate destination. As shown in the
diagram at the setup stage , the H.323 device
receives a message indicating that a connection is
to be setup with the called device. Next, the called
device sends an acknowledgement that it is ready to
receive, the H.323 gateway sends a message to
show the progress of the communication.
Furthermore a ''connect'' message is sent to the
calling device indicating that the call has been
''answered''.
Following the receipt of the IP address by the
H.323 device, another TCP connection occurs
which is responsible for the exchange of
capabilities and audio streams involved. The idea
behind using a TCP connection is to deal with
situations where the two endpoints need to access a
resource at the same time or the closing of logical
channels during a call [10].
C. Media Gateway Control Protocol (MGCP)
This protocol is implemented in voice over ip
architecture and mainly called a call control
protocol. It controls the media gateway by setting
up, managing, and terminating multimedia
communications in a system. With this protocol,
the endpoints manages and controls its own
communication . MGCP works between a media
gateway and media gateway controller, the
controller handles all the media gateway processes.
A media gateway is a device that converts media
streams into data packets and vice versa. Examples
of gateway are trunking, residential, and access
gateways. Furthermore, in VoIP the media
gateway controller is the centre of the
communication system that provides call control
and signals.
In an MGCP call setup, when user 1 starts the call,
a notify message is sent from the residential
gateway to the call agent. The call agent proceeds
to ask the gateway to provide a connection to user 2
then an acknowledgement is sent and a session is
created. The gateway also assigns resources to both
endpoints. To terminate the session, the call agent
(media gateway controller) sends a delete
connection command to the gateway [11]. Some of
the benefits that are associated with using the
Media Gateway Control Protocol are as follows ;
 It supports encryption in voice traffic
 It is simple and reliable
 Messages are transmitted via a reliable
transport mechanism
 Communication is secure between the
media gateway and gateway controller
[12].
D. IAX
One other alternative protocol is IAX (Inter
Asterisk Exchange Protocol) which controls and
transmits data between servers. It uses binary-only
data for its communication whereby the data is
divided into frames ; mini and full frames. The
mini frames hold the media stream data while the
full frames carry the signalling data . This protocol
makes use of single User Datagram (UDP) port for
signalling and receiving media [13]. Some of its
advantages are ;
 Bandwidth efficiency
 Ability to trunk multiple call Sessions into
a single dataflow
 It performs authentication using plain
text, which makes it safer
 Passes through firewalls and uses much
less overhead than RTP
 Its communication method uses binary-
only data
  The IAX protocol responses are sent back
to wherever they came from rather than
having to negotiate a foreign IP address
However, one of its drawback is that the server
loses track of call during transfer from centralized
server to media gateway [13].
IV. VOIP Security
The convergence of voice and data networks comes
with some security issues such as ;
Denial of service (DoS) : This happens when an
adversary attempts to prevent the service from
working within its specifications. DoS can include
preventing calls to a particular address (es) or
preventing the ability to make or receive calls in
general. The motive can be to disrupt businesses in
the sense that it prevents the system from being
available at a particular time [14].
SIP registration attacking : The sip protocol deals
with initiating, modifying and ending user sessions
in VoIP. The user agent registers itself with the
proxy server, the security issue arises when the user
agent is being compromised by impersonating it to
a registrar hence, all the calls are forwarded to a
different address. This results in the loss of calls to
the appropriate user agent. The use of transport
layer security can help to prevent insecure
authentication connection [14].
Caller Identification Impersonation: A VoIP
phone has a unique identity that is associated with
it however, it can be impersonated and used to
make calls with the adversary's identity. According
to [14] an attacker can register his device with a
victim's phone system thereby receiving calls
intended for the victim. Furthermore, the receiver
would believe that it is the victim calling since the
device has been spoofed.
Also, the use of a VoIP phone is susceptible to
unwanted calls and messages. Telemarketers are
more likely to send bulk voice solicitations to
VoIP phones. The adversary gets a lists of VoIP
phone numbers, with the use of servers to connect
the numbers, it sends unwanted messages at a high
volume which can be listened to via the victim's
mailbox [14].
RTP payload : Real time protocol (RTP) is the
protocol that carries the voice message that's
already encoded between two endpoints. An
adversary can gain access to the rtp media stream
which results in modifying the payload of the
message. Furthermore, an attacker can modify the
payload of a message by adding their own message
to the packet in the stream which can change the
meaning of the message being transmitted. The use
of a secure rtp can prevent this by encrypting the
message from the sender and decrypted by the
receiver [14].
Dynamic Host Configuration Protocol (DHCP):
An attacker can reduce the number of available IP
addresses in the DCHP server by sending
unnecessary requests for randomly generated mac
addresses. This attack prevents the server from
responding to the next genuine requests and also
getting new requests. In addition, a malicious VoIP
application can also respond to dchp requests by
sending wrong information. To avoid this, IEEE
802.1x specification provides a method where the
attached node requires authentication of its MAC
address and dhcp requests before transmitting on
the network [15].
V. VoIP Applications
Skype : This is one of the most popular software
based VoIP applications in the world with a big
user base and VoIP features. Skype is a softphone
that works on many devices such as mobile,
computer and TV. A Skype call requires an internet
connection and a computer or mobile device. It has
features such as voice and video calls to other
Skype, calls to mobiles at low rates, file sharing
and instant messaging [16].
Icall : A software based application that uses
mobile and desktop platform founded in 2005. It
has an advantage over traditional telephony
services as it has features such as free calls to
numbers in US and Canada, free video calling, file
and desktop sharing. In addition, this application is
particularly good as it does not limit you to just
icall users in the sense that you can communicate
with anyone no matter the service they are using.
Also all communications are encrypted using ZRTP
voice encryption technology [17].
Vonage : This is one of the most popular hardware
based VoIP application which also includes a
softphone that can be used on computer. It works
by connecting a Vonage Box to your broadband
router and plug into a home phone. It has features
such as free unlimited calls to international mobiles
and calls to emergency services for a small monthly
cost [18].
Below are some of the benefits associated with
using VoIP technology [13] ;
 A single network can be used for transfer
voice and data
  At peak times, the normal capacity used to
control voice can be increased to manage
the amount of data being transferred.
 For efficient usage and lowering of call
costs, voice data can be compressed
during silent periods.
 Conference call can be set up in real time
with VoIP
Drawback
 The management of network bandwidth is
important to avoid voice quality issues
 There may be delay in sending voice data
through the network
 VoIP depends on broadband connection,
in the event of connection going down the
communication goes down as well.
VI. Conclusion
This paper has discussed the data processes
involved in the use of VoIP which includes
signalling, encoding and transport of the data
packets and the gateway control. It also discussed
four protocols SIP, H.323, IAX and MGCP that
are involved in the implementation of Voice over
VII. REFERENCES
[1] IBM, 2013 Voice Over IP Using Session
Initiation Protocol. [pdf] IBM Corp: Available at:
<http://pic.dhe.ibm.com/infocenter/wvraix/v6r1m0/
index.jsp?topic=%2Fcom.ibm.wvraix.voip.doc%2F
compofvoip.html> [accessed 19 November 2013]
[2] Butcher, D.; Xiangyang Li; Jinhua Guo,
"Security Challenge and Defense in VoIP
Infrastructures," Systems, Man, and Cybernetics,
Part C: Applications and Reviews, IEEE
Transactions on , vol.37, no.6, pp.1152,1162, Nov.
2007 [accessed 19 November 2013]
[3] Butcher, D.; Xiangyang Li; Jinhua Guo,
"Security Challenge and Defense in VoIP
Infrastructures," Systems, Man, and Cybernetics,
Part C: Applications and Reviews, IEEE
Transactions on , vol.37, no.6, pp.1152,1162, Nov.
2007 [Accessed 10 November 2013]
[4] Ge Zhang; Hillenbrand, M.; Muller, P.,
"Facilitating the interoperability among different
VoIP protocols with VoIP Web
services," Distributed Frameworks for Multimedia
internet protocol. These protocols have various
functions that range from signalling techniques
such as initiating, terminating a call to managing
media streams. Protocols are very important in the
deployment of VoIP to provide standards that are to
be followed in order to have a efficient and
effective system.
This paper also looked at the components of a
network and how they are linked together to form a
VoIP system. Furthermore, the security of the VoIP
have been discussed because every system is
vulnerable to attacks. In addition, suggestions were
made to how these attacks can be avoided or
reduced. Finally, it discussed some VoIP service
providers such as Skype and Icall including how
the service is being used and the benefits they
provide over traditional telephony system.
In this survey, the requirements to provide high
quality voice communication over IP based
networks have been discussed as they are the
factors that determine the effectiveness of the VoIP
system. The application of this technology has
proven to be reliable, cheap and convenient and has
numerous advantages which have been discussed in
this paper.
Applications, 2005. DFMA '05. First International
Conference on , vol., no., pp.39,44, 6-9 Feb. 2005
[Accessed 10 November 2013]
[5] Abbasi, T.; Prasad, S.; Seddigh, N.;
Lambadaris, I., "A comparative study of the SIP
and IAX VoIP protocols," Electrical and Computer
Engineering, 2005. Canadian Conference on , vol.,
no., pp.179,183, 1-4 May 2005 [Accessed 10
November 2013]
[6] Arora, R., 2000. Voice over IP : Protocols and
Standards [pdf] Ohio Available at :
<http://www.cse.wustl.edu/~jain/cis788-
99/ftp/voip_protocols.pdf> [Accessed 11
November 2013]
[7] Camarillo, G., Rosenberg, J., 2001. SIP
demystified. McGraw-Hill Professional [Accessed
18 November 2013
[8] Soares, V.N.G.J.; Neves, P.A.C.S.; Rodrigues,
J.J.P.C., "Past, Present and Future of IP
Telephony," Communication Theory, Reliability,
and Quality of Service, 2008. CTRQ '08.
International Conference on , vol., no., pp.19,24,
June 29 2008-July 5 2008 [Accessed 19 November
2013]
[9] Mehta, P.; Udani, S., "Voice over
IP," Potentials, IEEE , vol.20, no.4, pp.36,40,
Oct/Nov 2001 [Accessed 30 November 2013]

[10] Cisco Systems, 2007. Troubleshooting H.323

Interfaces to the IP [pdf] Available at:
<http://www.cisco.com/en/US/docs/ios/voice/monit
or/configuration/guide/vt_h323_trouble.pdf>
[Accessed 30 November 2013]

[11] Xi Lina; Tian Xiuhua; Miao Changyun; Wu

Zhigang, "The design of enterprise VoIP MGC
based on MGCP protocol," Networking and Digital
Society (ICNDS), 2010 2nd International
Conference on , vol.1, no., pp.526,529, 30-31 May
2010 [Accessed 17 November 2013]

[12] Ixia Media Gateway Control Protocol (MGCP)

Technology 2004 [pdf] Available at :
<http://web.uct.ac.za/depts/commnetwork/eee5026/
note/eee5026-06-620mgcp.pdf> [Accessed 17
November 2013]

[13] Capouch, B., Shumard, K., Guy, E., Spencer,

M., & Miller, F., 2010. IAX: Inter-Asterisk
eXchange Version 2 [pdf] Available at:
<http://tools.ietf.org/pdf/rfc5456.pdf> [Accessed
11 November 2013]

[14] Butcher, D.; Xiangyang Li; Jinhua Guo,

"Security Challenge and Defense in VoIP
Infrastructures," Systems, Man, and Cybernetics,
Part C: Applications and Reviews, IEEE
Transactions on , vol.37, no.6, pp.1152,1162, Nov.
2007 [accessed 19 November 2013]

[15] Hung, P. C K; Martin, M.V., "Security Issues

in VOIP Applications," Electrical and Computer
Engineering, 2006. CCECE '06. Canadian
Conference on , vol., no., pp.2361,2364, May 2006
[accessed 19 November 2013]

[16] Skype, 2013. What is Skype? [online]

Available at: < http://www.skype.com/en/what-is-
skype/> [Accessed 5 November]

[17] Icall, 2005 The who, what and where - all

about iCall [online] Available at :
<http://www.icall.com/about> [Accessed 5
November]

[18] Vonage, 2011 Vonage Extensions. [Online]

Available at: <
http://www.vonage.co.uk/extensions/ > [Accessed
5 November]