Intrusion detection mechanisms for VoIP applications

VoIP applications are emerging today as an important component in business and communication industry. In this paper, we address the intrusion detection and prevention in VoIP networks and describe how a conceptual solution based on the Bayes inference approach can be used to reinforce the existent security mechanisms. Our approach is based on network monitoring and analyzing of the VoIP-specific traffic. We give a detailed example on attack detection using the SIP signaling protocol

Optimizing Service Differentiation Scheme with Sized-based Queue Management in DiffServ Networks

In this paper we introduced Modified Sized-based Queue Management as a dropping scheme that aims to fairly prioritize and allocate more service to VoIP traffic over bulk data like FTP as the former one usually has small packet size with less impact to the network congestion. In the same time, we want to guarantee that this prioritization is fair enough for both traffic types. On the other hand we study the total link delay over the congestive link with the attempt to alleviate this congestion as much as possible at the by function of early congestion notification. Our M-SQM scheme has been evaluated with NS2 experiments to measure the packets received from both and total link-delay for different traffic. The performance evaluation results of M-SQM have been validated and graphically compared with the performance of other three legacy AQMs (RED, RIO, and PI). It is depicted that our M-SQM outperformed these AQMs in providing QoS level of service differentiation.Comment: 10 pages, 9 figures, 1 table, Submitted to Journal of Telecommunication

Preventing Distributed Denial-of-Service Attacks on the IMS Emergency Services Support through Adaptive Firewall Pinholing

Emergency services are vital services that Next Generation Networks (NGNs) have to provide. As the IP Multimedia Subsystem (IMS) is in the heart of NGNs, 3GPP has carried the burden of specifying a standardized IMS-based emergency services framework. Unfortunately, like any other IP-based standards, the IMS-based emergency service framework is prone to Distributed Denial of Service (DDoS) attacks. We propose in this work, a simple but efficient solution that can prevent certain types of such attacks by creating firewall pinholes that regular clients will surely be able to pass in contrast to the attackers clients. Our solution was implemented, tested in an appropriate testbed, and its efficiency was proven.Comment: 17 Pages, IJNGN Journa

Security in Peer-to-Peer SIP VoIP

VoIP (Voice over Internet Protocol) is one of the fastest growing technologies in the world. It is used by people all over the world for communication. But with the growing popularity of internet, security is one of the biggest concerns. It is important that the intruders are not able to sniff the packets that are transmitted over the internet through VoIP. Session Initiation Protocol (SIP) is the most popular and commonly used protocol of VoIP. Now days, companies like Skype are using Peer-to-Peer SIP VoIP for faster and better performance. Through this project I am improving an already existing Peer-to-Peer SIP VoIP called SOSIMPLE P2P VoIP by adding confidentiality in the protocol with the help of public key cryptography

TV-Centric technologies to provide remote areas with two-way satellite broadband access

October 1-2, 2007, Rome, Italy TV-Centric Technologies To Provide Remote Areas With Two-Way Satellite Broadband Acces