Detecting and Mitigating Denial-of-Service Attacks on Voice over IP Networks

Voice over IP (VoIP) is more susceptible to Denial of Service attacks than traditional data traffic, due to the former's low tolerance to delay and jitter. We describe the design of our VoIP Vulnerability Assessment Tool (VVAT) with which we demonstrate vulnerabilities to DoS attacks inherent in many of the popular VoIP applications available today. In our threat model we assume an adversary who is not a network administrator, nor has direct control of the channel and key VoIP elements. His aim is to degrade his victim's QoS without giving away his presence by making his attack look like a normal network degradation. Even black-boxed, applications like Skype that use proprietary protocols show poor performance under specially crafted DoS attacks to its media stream. Finally we show how securing Skype relays not only preserves many of its useful features such as seamless traversal of firewalls but also protects its users from DoS attacks such as recording of conversations and disruption of voice quality. We also present our experiences using virtualization to protect VoIP applications from 'insider attacks'. Our contribution is two fold we: 1) Outline a threat model for VoIP, incorporating our attack models in an open-source network simulator/emulator allowing VoIP vendors to check their software for vulnerabilities in a controlled environment before releasing it. 2) We present two promising approaches for protecting the confidentiality, availability and authentication of VoIP Services

Wireless triple play system

Dissertação para obtenção do Grau de Mestre em Engenharia Electrotécnica e ComputadoresTriple play is a service that combines three types of services: voice, data and multimedia over a single communication channel for a price that is less than the total price of the individual services. However there is no standard for provisioning the Triple play services, rather they are provisioned individually, since the requirements are quite different for each service. The digital revolution helped to create and deliver a high quality media solutions. One of the most demanding services is the Video on Demand (VoD). This implicates a dedicated streaming channel for each user in order to provide normal media player commands (as pause, fast forward). Most of the multimedia companies that develops personalized products does not always fulfil the users needs and are far from being cheap solutions. The goal of the project was to create a reliable and scalable triple play solution that works via Wireless Local Area Network (WLAN), fully capable of dealing with the existing state of the art multimedia technologies only resorting to open-source tools. This project was design to be a transparent web environment using only web technologies to maximize the potential of the services. HyperText Markup Language (HTML),Cascading Style Sheets (CSS) and JavaScript were the used technologies for the development of the applications. Both a administration and user interfaces were developed to fully manage all video contents and properly view it in a rich and appealing application, providing the proof of concept. The developed prototype was tested in a WLAN with up to four clients and the Quality of Service (QoS) and Quality of Experience (QoE) was measured for several combinations of active services. In the end it is possible to acknowledge that the developed prototype was capable of dealing with all the problems of WLAN technologies and successfully delivery all the proposed services with high QoE

Analysing the characteristics of VoIP traffic

In this study, the characteristics of VoIP traffic in a deployed Cisco VoIP phone system and a SIP based soft phone system are analysed. Traffic was captured in a soft phone system, through which elementary understanding about a VoIP system was obtained and experimental setup was validated. An advanced experiment was performed in a deployed Cisco VoIP system in the department of Computer Science at the University of Saskatchewan. Three months of traffic trace was collected beginning October 2006, recording address and protocol information for every packet sent and received on the Cisco VoIP network. The trace was analysed to find out the features of Cisco VoIP system and the findings were presented.This work appears to be one of the first real deployment studies of VoIP that does not rely on artificial traffic. The experimental data provided in this study is useful for design and modeling of such systems, from which more useful predictive models can be generated. The analysis method used in this research can be used for developing synthetic workload models. A clear understanding of usage patterns in a real VoIP network is important for network deployment and potential network activities such as integration, optimizations or expansion. The major factors affecting VoIP quality such as delay, jitter and loss were also measured and simulated in this study, which will be helpful in an advanced VoIP quality study. A traffic generator was developed to generate various simulated VoIP traffic. The data used to provide the traffic model parameters was chosen from peak traffic periods in the captured data from University of Saskatchewan deployment. By utilizing the Traffic Trace function in ns2, the simulated VoIP traffic was fed into ns2, and delay, jitter and packet loss were calculated for different scenarios. Two simulation experiments were performed. The first experiment simulated the traffic of multiple calls running on a backbone link. The second experiment simulated a real network environment with different traffic load patterns. It is significant for network expansion and integration

A New covert channel over RTP

In this thesis, we designed and implemented a new covert channel over the RTP protocol. The covert channel modifies the timestamp value in the RTP header to send its secret messages. The high frequency of RTP packets allows for a high bitrate covert channel, theoretically up to 350 bps. The broad use of RTP for multimedia applications, including VoIP, provides plentiful opportunities to use this channel. By using the RTP header, many of the challenges present for covert channels using the RTP payload are avoided. Using the reference implementation of this covert channel, bitrates of up to 325 bps were observed. Speed decreases on less reliable networks, though message delivery was flawless with up to 1% RTP packet loss. The channel is very difficult to detect due to expected variations in the timestamp field and the flexible nature of RTP

An Analysis of the MOS under Conditions of Delay, Jitter and Packet Loss and an Analysis of the Impact of Introducing Piggybacking and Reed Solomon FEC for VOIP

Voice over IP (VoIP) is a real time application that allows transmitting voice through the Internet network. Recently there has been amazing progress in this field, mainly due to the development of voice codecs that react appropriately under conditions of packet loss, and the improvement of intelligent jitter buffers that perform better under conditions of variable inter packet delay. In addition, there are other factors that indirectly benefited VoIP. Today, computer networks are faster due to the advances in hardware and breakthrough algorithms. As a result, the quality of VoIP calls has improved considerably. However, the quality of VoIP calls under extreme conditions of packet loss still remains a major problem that needs to be addressed for the next generation of VoIP services. This thesis concentrates in making an analysis of the effects that network impairments, such as: delay, jitter, and packet loss have in the quality of VoIP calls and approaches to solve this problem. Finally, we analyze the impact of introducing forward error correction (FEC) Piggybacking and Reed Solomon codes for VoIP. To measure the mean opinion score of VoIP calls we develop an application based on the E-Model, and utilize perceptual evaluation of speech quality (PESQ)