A method for forensic artifact collection, analysis and incident response in environments running Session Initiation Protocol (SIP) and Session Description protocol

In this paper, we perform an analysis of SIP, a popular voice over IP (VoIP) protocol and propose a framework for capturing and analysing volatile VoIP data in order to determine forensic readiness requirements for effectively identifying an attacker. The analysis was performed on real attack data and the findings were encouraging. It seems that if appropriate forensic readiness processes and controls are in place, a wealth of evidence can be obtained. The type of the end user equipment of the internal users, the private IP, the software that is used can help build a reliable baseline information database. On the other hand the private IP addresses of the potential attacker even during the presence of NAT services, as well as and the attack tools employed by the malicious parties are logged for further analysis

Supervisor virtual machine for VoLTE service on a cloud environment

With the continuing growth of Voice of Long Term Evolution (VoLTE) networks, coupled with the need of Mobile Operators to reduce maintenance costs, Cloud Service deployment is becoming a common application. This study was designed to create a method capable of improving the Operations and Monitoring activities of a VoLTE service that is deployed on a Cloud platform. In this study, we present contents referring to the constituent elements of a VoLTE network, and we review in detail the features of the Telephony Application Server. For this study, TAS used was the Open TAS. Also included in this study is a generic explanation of Cloud Openstack’s behavior. The presented method implies the creation of a virtual machine Supervisor and its deployment in Cloud. This virtual machine is capable of establishing SSH connections with open TAS to extract the Clear Codes report, which identifies the state with which calls were terminated for analysis. The virtual machine contains defined limits, which check if they have been exceeded. If this a limit is excited, the virtual machine notifies the system operator of an incident. This study presents the possibilities of implementation in a Cloud environment, to improve and automate Operations and Maintenance functions in the Telecommunications network.Com o crescimento contínuo das redes de Voice over Long Term Evolution (VoLTE), juntamente com a necessidade de redução de custo de manutenção pelos Operadores Móveis, a implementação do Serviço em Cloud começa a ser uma aplicação comum. Este estudo foi elaborado com o intuito de criar um método capaz de melhorar as atividades de Operações e Monitorização de um serviço de VoLTE, que esteja implementado numa plataforma Cloud. Neste estudo, encontram-se presentes conteúdos referentes aos elementos constituintes de uma rede de VoLTE, e é revisto em detalhe as funcionalidades do Telephony Application Server. Para este estudo, o TAS utilizado foi o open TAS. Neste estudo, igualmente é incluído uma explicação genérica do comportamento da Cloud Openstack. O método apresentado implica criação de uma máquina virtual Supervisor e da sua implementação na Cloud. Esta máquina virtual é capaz de estabelecer ligações SSH com o open TAS, de modo a extrair o relatório de Clear Codes, que identifica o estado com que as chamadas foram finalizadas, para proceder a análises. A máquina virtual contém limites definidos, os quais verifica se foram excedidos. Caso este evento seja verificado, notificam o operador do sistema para um incidente. Esta é uma proposta que apresenta as possibilidades de implementação num ambiente de Cloud, em melhorar e automatizar as funções de Operações e Manutenção na rede de Telecomunicações

New Approaches to Mitigation of Malicious Traffic in VoIP Networks

Voice over IP (VoIP) telephony is becoming widespread in use, and is often integrated into computer networks. Because of this, malicious software threatens VoIP systems in the same way that traditional computer systems have been attacked by viruses, worms, and other automated agents. VoIP networks are a challenge to secure against such malware as much of the network intelligence is focused on the edge devices and access environment. This paper describes the design and implementation of a novel VoIP security architecture in which evaluation of, and mitigation against, malicious traffic is demonstrated by the use of virtual machines to emulate vulnerable clients and servers through the use of apparent attack vectors. This new architecture, which is part of an ongoing research project, establishes interaction between the VoIP backend and the end users, thus providing information about ongoing and unknown attacks to users

TABLE OF CONTENTS

Once you are aware of the benefits and applications of Voice over IP, it is too good to resist. Perhaps that is why vendors are flooding the market with VOIP products and services. The following paper analyzes the various issues in the evolving VOIP technology and the challenges in the development of VOIP products. It then presents the features of few VOIP Products offered by the leaders in this field, how well they handle the issues and som

Implementation and maintenance of telephony network through Avaya s8720: practice application in Fabrics Division at Barcelona

La empresa W.L. GORE and Asociados es una empresa multinacional con sede en Barcelona dedicada a la fabricación y venta de membranas de PTFE (Politetrafluoroetileno), un material transpirable e impermeable con múltiples aplicaciones en el mercado. Una de dichas aplicaciones consiste en insertar dicha membrana en prendas de ciclismo y running, lo que confiere cualidades extras al tejido y mejora el rendimiento del deportista. Aprovechando esta línea de negocio, se ha creado un departamento internacional de atención al cliente compuesto por seis personas, mediante el cual se pretende dar servicio tanto a tiendas como al cliente final para la solicitud de pedidos y cambios. Una vez aprobado el proyecto en Barcelona, se encarga al Departamento de Telecomunicaciones de la empresa su puesta en marcha. Para ello, se parte de los medios de los que dispone la empresa, fundamentalmente un servidor de telefonía Avaya S8700 y un customer service de productos médicos en activo. En este contexto, se ha utilizado una tecnología IP para las conexiones lógicas de los teléfonos y la centralita de tecnología PSTN. De este modo, utilizaremos telefonía IP en el recorrido entre los teléfonos y la centralita, y pasaremos a modo analógico una vez se haya determinado la gestión de las llamadas, tanto internas como externas. La parte más importante del proyecto, una vez asegurada la conexión entre los dispositivos, es la programación de los grupos de llamada. En nuestro proyecto, aplicaremos unas determinadas secuencias de encaminamiento para derivar la llamada a la persona más indicada en cada caso. En este escenario, se considerará la procedencia de la llamada (entorno europeo) y la persona que ha de atenderla, que deberá tener un determinado nivel de conocimiento de la lengua de origen de la llamada. Para dotar al sistema de robustez, deberemos determinar un encaminamiento especial o backup para aquellos casos en que no haya personas disponibles para atender la llamada, la llamada se realice fuera de horario de oficina, haya que enviar mensajes de voz especiales, etc. Una vez completada la parte de instalación e implementación, y una vez terminada la programación del sistema, deberán efectuarse las pruebas correspondientes para depurar errores, así como los cambios propios del mantenimiento de las líneas. Igualmente, se han llevado a cabo otras operaciones secundarias como la configuración del sistema en cintas redundantes, la implementación de buzones de voz, la posibilidad de desviar las líneas locales a internacionales, COS y COR y otras opciones adicionales en vectores y skills

ACUTA Journal of Telecommunications in Higher Education

In This Issue Roundtable Discussion: Convergence: Dealing with Change Convergence: A Framework for Change Planning for Competition and Convergence Voice and Telephony over IP: Risk Dimensions and Solutions Cybervandals: Fending Off Attacks Why Vendors See Colleges as a Key Market Segment Campus Profile: Clarion University of Pennsylvania Called to Serve: The Conscripted Consultant Column

MRCC Oostende: new technologies for a safer North Sea

On 1 June 2006, a new Maritime Rescue Coordination Centre (MRCC) will be commissioned by the Shipping Assistance Division of the Ministry of the Flemish Community, offering a state-of-the-art and integrated platform for Vessel Traffic Monitoring, Incident Management and Search & Rescue functionalities to ensure safety and to coordinate rescue actions at sea. This paper gives a preview of the advanced Traffic Monitoring functionalities as they will be available in the MRCC