Mitigating Coordinated Call Attacks On VoIP Networks Using Hidden Markov Model

Abstract This paper presents a 2-tier scheme for mitigating coordinated call attacks on VoIP networks. Call interaction pattern was considered using talk and salient periods in a VoIP call conversation. At the first-tier, Short Term Energy algorithm was used for call interaction feature extraction and at the second-tier Hidden Markov Model was used for caller legitimacy recognition. Data of VoIP call conversations were collated and analyzed to extract distinctive features in VoIP call interaction pattern to ascertain the legitimacy of a caller against coordinated call attacker. The performance metrics that was used are; False Error Rate (FER), Specificity, Detection Accuracy and Throughput. Several experiments were conducted to see how effective the mitigating scheme is, as the scheme acts as a proxy server to Session Initiation Protocol (SIP) server. The experiments show that; when the VoIP server is under coordinated call attack without a mitigating scheme only 15.2% of legitimate VoIP users had access to the VoIP network and out of which about half of the legitimate users had their calls dropped before completion, while with the 2-tier mitigating scheme, when the VoIP server is under coordinated call attacks over 90.3% legitimate VoIP callers had their calls through to completio

A new scheme to reduce session establishment time in session initiation protocol (SIP)

The session Initiation Protocol (SIP) has been developed by Internet Engineering Taskforce standard (IETF) with the main purpose of establishing and managing sessions between two or more parties wishing to communicate. SIP is a signaling protocol which is used for the current and future Internet Protocol (IP) telephony services, video services, and integrated web and multimedia services. SIP is an application layer protcol, thus it can run over Transmission Control Protocol(TCP) or User Datagram Protocol (UDP). When the packets are sent over the network, a form of congestion control mechanism is necessary to prevent from network collapse. TCP is a reliable protocl and provides the congestion control by adjusting the size of the congestion windows. UDP is an unreliable protocol and no flow control mechanism is provided. Many applications of the Internet require the establishment and management of sessions. The purpose of the thesis is to study the session establishnment procedure in SIP and try to reduce the time taken for the session setup in two different conditions. One, when there is no congestion in the network, and the other is when there is a network congestion. We have simulated the behaviour of session establishment in SIP using Network Simulator (NS2). UDP is used as the transport protocol. We have created different network topologies. In the topology we had created SIP user agents who wants to communicte, proxy servers for forwarding the requests on behalf of the user agents, and a Domain Name Server (DNS) which maintains the location information of all proxy servers. We tried to reduce the time taken for the session establishment. As UDP does not provide any congestion control mechanisms, we used the binary exponential backoff (BEB) algorithm to set the timers. In our network topolgy when there is no packet loss in the network, the time taken for the session establishment is reduced from 0.86 sec to 0.574 sec. In case of network congestion the setup time is reduced from 4.55 sec to 2.86 sec. From the simulation, we conclude that the session establishment time can be reduced by reducing the number of message exchanges required for session setup

A secure archive for Voice-over-IP conversations

An efficient archive securing the integrity of VoIP-based two-party conversations is presented. The solution is based on chains of hashes and continuously chained electronic signatures. Security is concentrated in a single, efficient component, allowing for a detailed analysis.Comment: 9 pages, 2 figures. (C) ACM, (2006). This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of VSW06, June, 2006, Berlin, German

Designing and optimization of VOIP PBX infrastructure

In the recent decade, communication has stirred from the old wired medium such as public switched telephone network (PSTN) to the Internet. Present, Voice over Internet Protocol (VoIP) Technology used for communication on internet by means of packet switching technique. Several years ago, an internet protocol (IP) based organism was launched, which is known as Private Branch Exchange "PBX", as a substitute of common PSTN systems. For free communication, probably you must have to be pleased with starting of domestic calls. Although, fairly in few cases, VoIP services can considerably condense our periodical phone bills. For instance, if someone makes frequent global phone calls, VoIP talk service is the actual savings treat which cannot achieve by using regular switched phone. VoIP talk services strength help to trim down your phone bills if you deal with a lot of long-distance (international) and as well as domestic phone calls. However, with the VoIP success, threats and challenges also stay behind. In this dissertation, by penetration testing one will know that how to find network vulnerabilities how to attack them to exploit the network for unhealthy activities and also will know about some security techniques to secure a network. And the results will be achieved by penetration testing will indicate of proven of artefact and would be helpful to enhance the level of network security to build a more secure network in future

Internet protocol-based push to talk

This paper discusses a way of offering voice instant messaging based on Internet Protocol using Session Initiation Protocol. The purpose of this investigation is to enhance the modern social communication amongst the people of South Africa who are already accustomed to text-based instant messaging. The proposed application aims to implement the traditional Push-to-Talk technology using Internet Protocol. Thus the proposed IP-based Push-to-Talk is a new approach to voice communication which emulates a walkie-talkie system. On the mobile phone IP-Push-to-Talk herein referred to as Push-to-Talk over a cell phone can be viewed as a voice SMS. The adoption of a Push-to-Talk service was inspired by the fact that it applies half-duplex communication. This enhances the primary objective of offering a cheap voice instant messaging. In half-duplex communication, only one person can talk at a time, thereby avoiding bidirectional charging. The project was implemented on two platforms, a PC and a mobile phone. The PC Push-to-Talk was implemented through client server approach whilst the mobile Push-to-Talk through a peer-to-peer approach. Several software engineering strategies were used for user requirements gathering as well for testing. Six users participated in the test and the results were gathered through questionnaires. The results showed that, half-duplex communication is efficient and yet very economical as it makes less usage of system resources.Telkom, Cisco, THRIPDepartment of HE and Training approved lis

A Proposal for A High Availability Architecture for VoIP Telephone Systems based on Open Source Software

The inherent needs of organizations to improve and amplify their technological platform entail large expenses with the goal to enhance their performance. Hence, they have to contemplate mechanisms of optimization and the improvement of their operational infrastructure. In this direction arises the need to guarantee the correct operation and non-degradation of the services provided by the platform during the periods with a significant load of work. This type of scenario is perfectly applicable to the field of VoIP technologies, where users generate elevated loads of work on critical points of the infrastructure, during the process of interaction with their peers. In this research work, we propose a solution for high availability, with the goal of maintaining the continuity of the operation of communication environments based on the SIP protocol in high load. We validate our proposal through numerous experiments. Also, we compare our solution with other classical VoIP scenarios and show the advantages of a high availability and fault tolerance architecture for organizations