7,822 research outputs found
Telephony Denial of Service Defense at Data Plane (TDoSD@DP)
The Session Initiation Protocol (SIP) is an application-layer control protocol used to establish and terminate calls that are deployed globally. A flood of SIP INVITE packets sent by an attacker causes a Telephony Denial of Service (TDoS) incident, during which legitimate users are unable to use telephony services. Legacy TDoS defense is typically implemented as network appliances and not sufficiently deployed to enable early detection. To make TDoS defense more widely deployed and yet affordable, this paper presents TDoSD@DP where TDoS detection and mitigation is programmed at the data plane so that it can be enabled on every switch port and therefore serves as distributed SIP sensors. With this approach, the damage is isolated at a particular switch and bandwidth saved by not sending attack packets further upstream. Experiments have been performed to track the SIP state machine and to limit the number of active SIP session per port. The results show that TDoSD@DP was able to detect and mitigate ongoing INVITE flood attack, protecting the SIP server, and limiting the damage to a local switch. Bringing the TDoS defense function to the data plane provides a novel data plane application that operates at the SIP protocol and a novel approach for TDoS defense implementation.Final Accepted Versio
Modernizing National Numbering Plan on NGN Platform - Hungarian Case Study
The intensive technological development of the last years brought the overall acceptance of an IP based network and services vision based on the NGN. The realization of the NGN vision, the decision on the migration to NGN sets regulatory tasks, especially in the area of numbering and addressing. The utilization of the opportunities provided by the NGN platform requires the use of IP addresses and names in the core network, the role of the E.164 numbers is taken over by IP addresses. However in case of voice services the identification of end-user access points will remain by the use of E.164 numbers. Migration to NGN doesn't require directly the change of the subscribers' phone number; however the NGN enables among others the implementation of national number portability for fixed telephone service. The opportunities can be realized by using uniform domestic number length and dialling method, practically closed numbering. The introduction of a 9-digit uniform, closed domestic numbering provides a consistent solution for the deficiencies of the present Hungarian numbering plan, too. Recently it can be reached in single step so that the present 9-digit domestic numbers and the short codes remain unchanged, the 8-digit domestic numbers are completed to 9-digit by the insertion of an appropriate digit, as well as the present and new numbering schemes can be in operation simultaneously. --
Minimization of Handoff Failure Probability for Next-Generation Wireless Systems
During the past few years, advances in mobile communication theory have
enabled the development and deployment of different wireless technologies,
complementary to each other. Hence, their integration can realize a unified
wireless system that has the best features of the individual networks.
Next-Generation Wireless Systems (NGWS) integrate different wireless systems,
each of which is optimized for some specific services and coverage area to
provide ubiquitous communications to the mobile users. In this paper, we
propose to enhance the handoff performance of mobile IP in wireless IP networks
by reducing the false handoff probability in the NGWS handoff management
protocol. Based on the information of false handoff probability, we analyze its
effect on mobile speed and handoff signaling delay.Comment: 16 Page
Internames: a name-to-name principle for the future Internet
We propose Internames, an architectural framework in which names are used to
identify all entities involved in communication: contents, users, devices,
logical as well as physical points involved in the communication, and services.
By not having a static binding between the name of a communication entity and
its current location, we allow entities to be mobile, enable them to be reached
by any of a number of basic communication primitives, enable communication to
span networks with different technologies and allow for disconnected operation.
Furthermore, with the ability to communicate between names, the communication
path can be dynamically bound to any of a number of end-points, and the
end-points themselves could change as needed. A key benefit of our architecture
is its ability to accommodate gradual migration from the current IP
infrastructure to a future that may be a ubiquitous Information Centric
Network. Basic building blocks of Internames are: i) a name-based Application
Programming Interface; ii) a separation of identifiers (names) and locators;
iii) a powerful Name Resolution Service (NRS) that dynamically maps names to
locators, as a function of time/location/context/service; iv) a built-in
capacity of evolution, allowing a transparent migration from current networks
and the ability to include as particular cases current specific architectures.
To achieve this vision, shared by many other researchers, we exploit and expand
on Information Centric Networking principles, extending ICN functionality
beyond content retrieval, easing send-to-name and push services, and allowing
to use names also to route data in the return path. A key role in this
architecture is played by the NRS, which allows for the co-existence of
multiple network "realms", including current IP and non-IP networks, glued
together by a name-to-name overarching communication primitive.Comment: 6 page
- âŠ