Non-Conforming Behavior Detection for VoIP-Based Network Systems

This work proposes a detection scheme that identifies non-conforming behavior in a VoIP network, based on statistical analysis and hypothesis testing. VoIP networks are a popular, low-cost alternative for telephony that offer lower rates especially for long-distance calls. Other services such as FollowMe, enhance the traditional voice-oriented nature of these networks. Consequently several security concerns such as fraud calls, are related to the high availability required by a VoIP system. Fraud calls account for an average loss of 3% to 5% of the operators’ revenue. Thus the detection and prevention of the users from behaving in a non-conforming way, becomes crucial. A trustworthy and secure management and billing scheme is necessary, to guarantee the proper operation. This work proposes a behavioral control scheme for the VoIP clients. An initial training period defines the normal behavior. Then statistical analysis and t-testing is employed to extract results regarding the users’ profiles, with pre-defined confidence levels. A Buffer zone creates a more flexible decision-making process. The scheme also offers the ability to configure its parameters, in order to react appropriately under different network conditions and detect possible misuses. It is implemented and its rational operation is verified via several simulation scenarios

Micro protocol engineering for unstructured carriers: On the embedding of steganographic control protocols into audio transmissions

Network steganography conceals the transfer of sensitive information within unobtrusive data in computer networks. So-called micro protocols are communication protocols placed within the payload of a network steganographic transfer. They enrich this transfer with features such as reliability, dynamic overlay routing, or performance optimization --- just to mention a few. We present different design approaches for the embedding of hidden channels with micro protocols in digitized audio signals under consideration of different requirements. On the basis of experimental results, our design approaches are compared, and introduced into a protocol engineering approach for micro protocols.Comment: 20 pages, 7 figures, 4 table

Preventing Distributed Denial-of-Service Attacks on the IMS Emergency Services Support through Adaptive Firewall Pinholing

Emergency services are vital services that Next Generation Networks (NGNs) have to provide. As the IP Multimedia Subsystem (IMS) is in the heart of NGNs, 3GPP has carried the burden of specifying a standardized IMS-based emergency services framework. Unfortunately, like any other IP-based standards, the IMS-based emergency service framework is prone to Distributed Denial of Service (DDoS) attacks. We propose in this work, a simple but efficient solution that can prevent certain types of such attacks by creating firewall pinholes that regular clients will surely be able to pass in contrast to the attackers clients. Our solution was implemented, tested in an appropriate testbed, and its efficiency was proven.Comment: 17 Pages, IJNGN Journa

Final report on the evaluation of RRM/CRRM algorithms

Deliverable public del projecte EVERESTThis deliverable provides a definition and a complete evaluation of the RRM/CRRM algorithms selected in D11 and D15, and evolved and refined on an iterative process. The evaluation will be carried out by means of simulations using the simulators provided at D07, and D14.Preprin

Q-Andrew: a consolidated QOS management framework

Tese de mestrado em Segurança Informática, apresentada à Universidade de Lisboa, através da Faculdade de Ciências, 2008As redes IP convergentes são compostas por uma diversidade de tecnologias que suportam múltiplos tipos de serviços com diferentes características. Cada fabricante de equipamento activo de rede usa sistemas de manutenção proprietários, incompatíveis com equipamentos de outros fabricantes. Para um operador de telecomunicações a gestão da Qualidade de Serviço, numa rede composta por vários fabricantes, é uma tarefa complexa e dispendiosa. Algumas tarefas requerem configuração manual para garantir a compatibilidade entre configurações de equipamentos de fabricantes diferentes. Melhorar a resposta operacional e reduzir os custos de operação nestas circunstâncias é apenas possível com a consolidação da gestão de rede. Para responder a este desafio, propomos: Um conjunto de mecanismos geradores de configurações de Qualidade de Serviço, consistentes entre equipamentos de diversos fabricantes; A definição de um modelo abstracto de representação destas configurações, reutilizável em futuras aproximações de gestão consolidada de rede; Por fim, descrevemos uma aplicação de demonstração onde algumas das propostas apresentadas são concretizadas, tendo como objectivo futuro a sua utilização numa rede real de um operador de telecomunicações nacional, onde são utilizados equipamentos de diversos fabricantes.Converged IP networks consist of diverse technologies and support both legacy and emerging services. Different vendors use separate management systems to achieve similar goals. Manual provisioning today represents a large portion of the total effort required to manage a complex IP network. A consolidated Quality-of-Service policy is difficult to implement in heterogeneous networks. Creating and maintaining such policies is very demanding in terms of operations. For this reason, reducing operational costs while improving Quality-of-Service Management is only possible through a consolidated approach to network management. To leverage operations in converged IP networks, we propose the following: A mechanism to automatically generate consistent configurations across a network with equipment from different vendors; A framework definition such that network element configurations can be specified using a common model; Applying some of the methods proposed to an application that can be used in a real network with diverse technologies and equipment vendors

Internet QoS for DiffServ-Enabled Routers

Differentiated Service Model (DiffServ) is currently a popular research topic as a low-cost method to bring QoS to today's Internet backbone network. In this paper, the author introduces the techniques and methodologies that used to design and implement DiffServ-enabled (DS-enabled) routers. The adaptations of DS-enabled routers are designed to cater to the low Internet connectivity within Universiti Teknologi PETRONAS LAN. The author has implemented basic DiffServ setting using three CISC03725 routers. Based on these DiffServ-enabled routers, the author set up a small scale lab network to study DiffServ QoS features: priority dropping (discrimination among different service classes), QoS guarantees and measuring QoS using various formal metrics (delay and throughput). Furthermore, the author present problems encountered during study, and the proposed solutions

Satellite system performance assessment for in-flight entertainment and air traffic control

Concurrent satellite systems have been proposed for IFE (In-Flight Entertainment) communications, thus demonstrating the capability of satellites to provide multimedia access to users in aircraft cabin. At the same time, an increasing interest in the use of satellite communications for ATC (Air Traffic Control) has been motivated by the increasing load of traditional radio links mainly in the VHF band, and uses the extended capacities the satellite may provide. However, the development of a dedicated satellite system for ATS (Air Traffic Services) and AOC (Airline Operational Communications) seems to be a long-term perspective. The objective of the presented system design is to provide both passenger application traffic access (Internet, GSM) and a high-reliability channel for aeronautical applications using the same satellite links. Due to the constraints in capacity and radio bandwidth allocation, very high frequencies (above 20 GHz) are considered here. The corresponding design implications for the air interface are taken into account and access performances are derived using a dedicated simulation model. Some preliminary results are shown in this paper to demonstrate the technical feasibility of such system design with increased capacity. More details and the open issues will be studied in the future of this research work