New Approaches to Mitigation of Malicious Traffic in VoIP Networks

Voice over IP (VoIP) telephony is becoming widespread in use, and is often integrated into computer networks. Because of this, malicious software threatens VoIP systems in the same way that traditional computer systems have been attacked by viruses, worms, and other automated agents. VoIP networks are a challenge to secure against such malware as much of the network intelligence is focused on the edge devices and access environment. This paper describes the design and implementation of a novel VoIP security architecture in which evaluation of, and mitigation against, malicious traffic is demonstrated by the use of virtual machines to emulate vulnerable clients and servers through the use of apparent attack vectors. This new architecture, which is part of an ongoing research project, establishes interaction between the VoIP backend and the end users, thus providing information about ongoing and unknown attacks to users

Ensuring interoperability between network elements in next generation networks

Next Generation Networks (NGNs), based on the Internet Protocol (IP), implement several services such as IP-based telephony and are beginning to replace the classic telephony systems. Due to the development and implementation of new powerful services these systems are becoming increasingly complex. Implementing these new services (typically software-based network elements) is often accompanied by unexpected and erratic behaviours which can manifest as interoperability problems. The reason for this caused by insufficient testing at the developing companies. The testing of such products is by nature a costly and time-consuming exercise and therefore cut down to what is considered the maximum acceptable level. Ensuring the interoperability between network elements is a known challenge. However, there exists no concept of which testing methods should be utilised to achieve an acceptable level of quality. The objective of this thesis was to improve the interoperability between network elements in NGNs by creating a testing scheme comprising of three diverse testing methods: conformance testing, interoperability testing and posthoc analysis. In the first project a novel conformance testing methodology for developing sets of conformance test cases for service specifications in NGNs was proposed. This methodology significantly improves the chance of interoperability and provides a considerable enhancement to the currently used interoperability tests. It was evaluated by successfully applying it to the Presence Service. The second report proposed a post-hoc methodology which enables the identification of the ultimate causes for interoperability problems in a NGN in daily operation. The new methods were implemented in the tool IMPACT (IP-Based Multi Protocol Posthoc Analyzer and Conformance Tester), which stores all exchanged messages between network elements in a database. Using SQL queries, the causes for errors can be found efficiently. Overall the presented testing scheme improves significantly the chance that network elements interoperate successfully by providing new methods. Beyond that, the quality of the software product is raised by mapping these methods to phases in a process model and providing well defined steps on which test method is the best suited at a certain stage

The Impact of the Internet on Telecommunication Architectures

The ever-growing popularity of the Internet is dramatically changing the landscape of the communications market place. The two separate worlds of the Internet and Telecommunications are converging. The respective advantages of the two environments are being integrated to fulfill the promise of the information super-highways. In this paper, we examine the impact of the Internet on the main telecommunication architectures, namely the IN, the TMN and TINA. There are two new tendencies for implementing telephony services in combination with the Internet: running part of the control sys tem over the Internet, or conveying both the user data and the control information over the Internet. We examine these two trends, and elaborate on possible ways of salvaging the best parts of the work achieved by the TINA-Consortium in the Internet context

Study, Analysis and Modeling of IP Multimedia systems on next generation networks providing mobile and fixed multimedia services

Not availabl

Designing and prototyping WebRTC and IMS integration using open source tools

WebRTC, or Web Real-time Communications, is a collection of web standards that detail the mechanisms, architectures and protocols that work together to deliver real-time multimedia services to the web browser. It represents a significant shift from the historical approach of using browser plugins, which over time, have proven cumbersome and problematic. Furthermore, it adopts various Internet standards in areas such as identity management, peer-to-peer connectivity, data exchange and media encoding, to provide a system that is truly open and interoperable. Given that WebRTC enables the delivery of multimedia content to any Internet Protocol (IP)-enabled device capable of hosting a web browser, this technology could potentially be used and deployed over millions of smartphones, tablets and personal computers worldwide. This service and device convergence remains an important goal of telecommunication network operators who seek to enable it through a converged network that is based on the IP Multimedia Subsystem (IMS). IMS is an IP-based subsystem that sits at the core of a modern telecommunication network and acts as the main routing substrate for media services and applications such as those that WebRTC realises. The combination of WebRTC and IMS represents an attractive coupling, and as such, a protracted investigation could help to answer important questions around the technical challenges that are involved in their integration, and the merits of various design alternatives that present themselves. This thesis is the result of such an investigation and culminates in the presentation of a detailed architectural model that is validated with a prototypical implementation in an open source testbed. The model is built on six requirements which emerge from an analysis of the literature, including previous interventions in IMS networks and a key technical report on design alternatives. Furthermore, this thesis argues that the client architecture requires support for web-oriented signalling, identity and call handling techniques leading to a potential for IMS networks to natively support these techniques as operator networks continue to grow and develop. The proposed model advocates the use of SIP over WebSockets for signalling and DTLS-SRTP for media to enable one-to-one communication and can be extended through additional functions resulting in a modular architecture. The model was implemented using open source tools which were assembled to create an experimental network testbed, and tests were conducted demonstrating successful cross domain communications under various conditions. The thesis has a strong focus on enabling ordinary software developers to assemble a prototypical network such as the one that was assembled and aims to enable experimentation in application use cases for integrated environments

Framework for Automated Functional Tests within Value-Added Service Environments

Full version unavailable due to 3rd party copyright restrictions.Recent years have witnessed that standard telecommunication services evolved more and more to next generation value-added services. This fact is accompanied by a change of service characteristics as new services are designed to fulfil the customer’s demands instead of just focussing on technologies and protocols. These demands can be very specific and, therefore, diverse potential service functionalities have to be considered by the service providers. To make matters worse for service providers, a fast transition from concept to market product and low price of a new service is required due to the increasing competition in the telecommunication industry. Therefore, effective test solutions need to be developed that can be integrated in current value-added service development life-cycles. Besides, these solutions should support the involvement of all participating stakeholders such as the service provider, the test developers as well as the service developers, and, in order to consider an agile approach, also the service customer. This thesis proposes a novel framework for functional testing that is based on a new sort of description language for value-added services (Service Test Description). Based on instances of the Service Test Description, sets of reusable test components described by means of an applied Statecharts notation are automatically selected and composed to so-called behaviour models. From the behaviour models, abstract test cases can be automatically generated which are then transformed to TTCN-3 test cases and then assembled to an Executable Test Suite. Within a TTCN-3 test system, the Executable Test Suite can be executed against the corresponding value-added service referred to as System Under Test. One benefit of the proposed framework is its application within standard development life-cycles. Therefore, the thesis presents a methodology that considers both service development and test development as parallel tasks and foresees procedures to synchronise the tasks and to allow an agile approach with customer involvement. The novel framework is validated through a proof-of-concept working prototype. Example value-added services have been chosen to illustrate the whole process from compiling instances of the Service Test Description until the execution of automated tests. Overall, this thesis presents a novel solution for service providers to improve the quality of their provided value-added services through automated functional testing procedures. It enables the early involvement of the customers into the service development life-cycle and also helps test developers and service developers to collaborate