Designing and prototyping WebRTC and IMS integration using open source tools

WebRTC, or Web Real-time Communications, is a collection of web standards that detail the mechanisms, architectures and protocols that work together to deliver real-time multimedia services to the web browser. It represents a significant shift from the historical approach of using browser plugins, which over time, have proven cumbersome and problematic. Furthermore, it adopts various Internet standards in areas such as identity management, peer-to-peer connectivity, data exchange and media encoding, to provide a system that is truly open and interoperable. Given that WebRTC enables the delivery of multimedia content to any Internet Protocol (IP)-enabled device capable of hosting a web browser, this technology could potentially be used and deployed over millions of smartphones, tablets and personal computers worldwide. This service and device convergence remains an important goal of telecommunication network operators who seek to enable it through a converged network that is based on the IP Multimedia Subsystem (IMS). IMS is an IP-based subsystem that sits at the core of a modern telecommunication network and acts as the main routing substrate for media services and applications such as those that WebRTC realises. The combination of WebRTC and IMS represents an attractive coupling, and as such, a protracted investigation could help to answer important questions around the technical challenges that are involved in their integration, and the merits of various design alternatives that present themselves. This thesis is the result of such an investigation and culminates in the presentation of a detailed architectural model that is validated with a prototypical implementation in an open source testbed. The model is built on six requirements which emerge from an analysis of the literature, including previous interventions in IMS networks and a key technical report on design alternatives. Furthermore, this thesis argues that the client architecture requires support for web-oriented signalling, identity and call handling techniques leading to a potential for IMS networks to natively support these techniques as operator networks continue to grow and develop. The proposed model advocates the use of SIP over WebSockets for signalling and DTLS-SRTP for media to enable one-to-one communication and can be extended through additional functions resulting in a modular architecture. The model was implemented using open source tools which were assembled to create an experimental network testbed, and tests were conducted demonstrating successful cross domain communications under various conditions. The thesis has a strong focus on enabling ordinary software developers to assemble a prototypical network such as the one that was assembled and aims to enable experimentation in application use cases for integrated environments

Real-time Bandwidth Estimation from Offline Expert Demonstrations

In this work, we tackle the problem of bandwidth estimation (BWE) for real-time communication systems; however, in contrast to previous works, we leverage the vast efforts of prior heuristic-based BWE methods and synergize these approaches with deep learning-based techniques. Our work addresses challenges in generalizing to unseen network dynamics and extracting rich representations from prior experience, two key challenges in integrating data-driven bandwidth estimators into real-time systems. To that end, we propose Merlin, the first purely offline, data-driven solution to BWE that harnesses prior heuristic-based methods to extract an expert BWE policy. Through a series of experiments, we demonstrate that Merlin surpasses state-of-the-art heuristic-based and deep learning-based bandwidth estimators in terms of objective quality of experience metrics while generalizing beyond the offline world to in-the-wild network deployments where Merlin achieves a 42.85% and 12.8% reduction in packet loss and delay, respectively, when compared against WebRTC in inter-continental videoconferencing calls. We hope that Merlin's offline-oriented design fosters new strategies for real-time network control

How far are we from WebRTC-1.0? An update on standards and a look at what's next

Real-time communication between browsers has represented an unprecedented standardization effort involving both the IETF and the W3C. These activities have involved both the real-time protocol suite and the application-level JavaScript APIs to be offered to developers in order to allow them to easily implement interoperable real-time multimedia applications in the web. This article sheds light on the current status of standardization, with special focus on the upcoming final release of the so-called WebRTC-1.0 standard ecosystem. It takes stock of the situation with respect to hot topics such as codecs, session description and stream multiplexing. It also briefly discusses how standard bodies are dealing with seamless integration of the initially competing effort known as “Object Real Time Communications.

Client-Side Cornucopia : Comparing the Built-In Application Architecture Models in the Web Browser

Peer reviewe

Computational Resource Abuse in Web Applications

Internet browsers include Application Programming Interfaces (APIs) to support Web applications that require complex functionality, e.g., to let end users watch videos, make phone calls, and play video games. Meanwhile, many Web applications employ the browser APIs to rely on the user's hardware to execute intensive computation, access the Graphics Processing Unit (GPU), use persistent storage, and establish network connections. However, providing access to the system's computational resources, i.e., processing, storage, and networking, through the browser creates an opportunity for attackers to abuse resources. Principally, the problem occurs when an attacker compromises a Web site and includes malicious code to abuse its visitor's computational resources. For example, an attacker can abuse the user's system networking capabilities to perform a Denial of Service (DoS) attack against third parties. What is more, computational resource abuse has not received widespread attention from the Web security community because most of the current specifications are focused on content and session properties such as isolation, confidentiality, and integrity. Our primary goal is to study computational resource abuse and to advance the state of the art by providing a general attacker model, multiple case studies, a thorough analysis of available security mechanisms, and a new detection mechanism. To this end, we implemented and evaluated three scenarios where attackers use multiple browser APIs to abuse networking, local storage, and computation. Further, depending on the scenario, an attacker can use browsers to perform Denial of Service against third-party Web sites, create a network of browsers to store and distribute arbitrary data, or use browsers to establish anonymous connections similarly to The Onion Router (Tor). Our analysis also includes a real-life resource abuse case found in the wild, i.e., CryptoJacking, where thousands of Web sites forced their visitors to perform crypto-currency mining without their consent. In the general case, attacks presented in this thesis share the attacker model and two key characteristics: 1) the browser's end user remains oblivious to the attack, and 2) an attacker has to invest little resources in comparison to the resources he obtains. In addition to the attack's analysis, we present how existing, and upcoming, security enforcement mechanisms from Web security can hinder an attacker and their drawbacks. Moreover, we propose a novel detection approach based on browser API usage patterns. Finally, we evaluate the accuracy of our detection model, after training it with the real-life crypto-mining scenario, through a large scale analysis of the most popular Web sites

Robot Remote Control based on Augmented Reality Glasses

Τα τελευταία χρόνια, η ραγδαία ανάπτυξη στον τομέα της ρομποτικής έχει φέρει εντυπωσιακές δυνατότητες στο περιβάλλον της τεχνολογίας. Έχει αναπτυχθεί ένα ευρύ φάσμα εφαρμογών με συσκευές κόμβους ώστε να εξυπηρετείται ο έλεγχος πληροφορίας σε απομακρυσμένες τοποθεσίες, αλλά και μέρη όπου το ανθρώπινο σώμα δεν μπορεί καν να πλησιάσει. Αυτή η εξέλιξη έχει δημιουργήσει την ανάγκη για πρωτότυπα ταιριάσματα νέων τεχνολογιών και καινοτόμες μεθόδους στον έλεγχο ρομπότ. Σε αυτή τη διπλωματική εργασία θα επικεντρωθούμε στον τηλεχειρισμό ενός ρομπότ με την τεχνολογία της επαυξημένης πραγματικότητας. Συγκεκριμένα, θα λάβουμε στην AR συσκευή Hololens της Microsoft μία ζωντανή ροή βίντεο από ένα ρομπότ με λειτουρικό ROS, και θα το πλοηγήσουμε από τα γυαλιά μέσω ενός διακομιστή Kafka. Τα πειράματα υποστηρίχθηκαν από το λειτουργικό σύστημα Ubuntu 16.04, τους προσομοιωτές Gazebo και Rviz, ένα Turtlebot 2 με raspberry 3 που εκτελεί το λειτουργικό σύστημα ROS, καθώς και έναν αισθητήρα XBOX Kinect με έγχρωμη κάμερα και αισθητήρα βάθουςIn recent years, the rapid development in the field of robotics has brought an impressive potential to the technology environment. It has been developed a wide range of applications for node devices in order to serve the control of information in remote locations but also in places where the human body can not even approach. This development has created the need for new matchings of new technologies and innovative methods in robot control. In this thesis, we will focus on the remote control of a robot with the technology of augmented reality. Specifically, we will be receiving a live video stream from a ROS robot to Microsoft’s AR glasses, Hololens and we will navigate back the robot from them through a Kafka Server. The experiments were supported by the Ubuntu 16.04 operating system, the Gazebo, and Rviz simulators, a Turtlebot 2 with a raspberry 3 that is running the ROS operating system, as well as a XBOX Kinect sensor with a color camera and a depth sensor

Security and Privacy in Unified Communication

The file attached to this record is the author's final peer reviewed version. The Publisher's final version can be found by following the DOI link.The use of unified communication; video conferencing, audio conferencing, and instant messaging has skyrocketed during the COVID-19 pandemic. However, security and privacy considerations have often been neglected. This paper provides a comprehensive survey of security and privacy in Unified Communication (UC). We systematically analyze security and privacy threats and mitigations in a generic UC scenario. Based on this, we analyze security and privacy features of the major UC market leaders and we draw conclusions on the overall UC landscape. While confidentiality in communication channels is generally well protected through encryption, other privacy properties are mostly lacking on UC platforms

On the Development of Real-Time Multi-User Web Applications

With the increasing popularity of the World Wide Web (WWW), end-user applications are moving from desktop to the browser. Web applications have several benefits over native applications: web applications have worldwide availability for any browsing capable device without prior installations. In addition, web applications are easy to distribute and update – once deployed, a web application is instantly available worldwide and further modifications to the system are propagated automatically. The current trend seems to be that web applications are offering collaboration, social connections, and user to user interactions as key features. This can be seen, for example, in the popularity of Facebook, Flickr, and Twitter. Despite all the benefits of the Web, web applications are suffering from the shortcomings in underlying technologies. The Web is strongly rooted in information sharing, and the current technical solutions isolate users rather than make them aware of each other. Since the data cannot be pushed from server to a client, the client must always initiate the communication, which causes a considerable impediment for real-time multi-user web applications, like online chats that have several concurrent users continuously interacting with each other. For such systems, it would be practical if the server could push messages to clients. As a further obstacle, most web application frameworks isolate users in their private sessions that only interact indirectly via the database. This main contribution of this thesis is to make the development of real-time multi-user web applications easier. We elaborate on the difficulties in implementation and design and introduce methods of circumventing them. The main argument is that the Web, the available technology stack, and the frameworks are difficult to use for developing real-time multi-user web applications. However, by selecting the proper approach, the problems can be solved. In this thesis, we have divided the frameworks in groups based on how they make separation of concerns between the client and the server. The separation is important as it determines the thickness of the client and thus where to locate the business logic and the application state. In addition, it has effect on the synchronization of the state between the clients. To collect experiences and for backing up our assumptions, we have implemented real-time multi-user web applications for several frameworks and studied how the frameworks should be used for enabling real-time multi-user application development

Web- ja natiiviteknologiat mobiilisovellusten kehityksessä

In recent years, the mobile application development has become an increasingly important area in the software industry. However, there are multiple different and incompatible mobile platforms and ecosystems on the market. The issue for application developers is supporting all the different devices and platforms. New web programming technologies, such as CSS3 and HTML5, bring new opportunities for the mobile application development. Since practically every mobile device includes a web browser, web technologies provide a way to cover almost all modern mobile devices by writing a single application. This thesis reviews the current status of HTML5 and other web technologies, and compares them to the native, platform-specific development technologies. The main focus of the thesis is to evaluate the advantages and disadvantages of the web technologies in mobile application development, and how the web technologies affect on resource usage, performance and user experience in mobile applications. As a conclusion we state that whereas the native technologies provide an optimal user experience and performance, the web technologies provide fast and flexible way to produce cross-platform mobile applications. The web technologies already provide a competitive alternative to the native technologies. However, the best technology for implementing a mobile application depends on several factors, such as business objectives, target audience and technical requirements.Viime vuosina mobiilisovellusten ohjelmistokehitys on noussut merkittävään rooliin ohjelmistoteollisuudessa. Markkinoilla on kuitenkin useita keskenään yhteensopimattomia mobiililaitteita ja -alustoja. Useiden eri laitteiden ja järjestelmien tukeminen on ohjelmistokehittäjille merkittävä haaste. Uudet web-ohjelmointiin tarkoitetut tekniikat, kuten CSS3 ja HTML5, avaavat uusia mahdollisuuksia mobiilisovellusten kehittäjille. Koska käytänossä kaikki modernit mobiililaitteet sisältävät Internet-selaimen, web-tekniikoita hyödyntäen voidaan kehittää mobiilisovelluksia, jotka toimivat lähes kaikissa mobiililaitteissa. Tämä diplomityö käsittelee HTML5:n ja sen ympärille rakentuvien web-tekniikoiden käyttöä mobiilisovellusten ohjelmistokehityksessä. Diplomityön päätavoite on arvioida web-tekniikoiden tarjoamia hyötyjä ja haittoja verrattuna perinteisiin alustakohtaisiin ohjelmistokehitystekniikoihin, sekä sitä, miten web-tekniikoiden käyttäminen sovelluskehityksessä vaikuttaa mobiililaitteiden resurssien käyttöön, suorituskykyyn sekä käyttökokemukseen. Johtopäätöksenä esitetään, että perinteiset laite- ja alustakohtaiset tekniikat tarjoavat parhaan käyttökokemuksen ja suorituskyvyn mobiilisovelluksille. Sen sijaan web-tekniikat tarjoavat nopean ja joustavan tavan tuottaa alustariippumattomia mobiilisovelluksia. Yhteenvetona todetaan, että web-tekniikat tarjoavat kilpailukykyisen vaihtoehdon mobiilisovellusten tuottamiseen, mutta paras tekniikka yksittäisen sovelluksen toteuttamiseen riippuu tapauskohtaisesti useasta eri tekijästä, kuten sovelluksen kohdeyleisöstä, teknisistä vaatimuksista ja kaupallisista tavoitteista