DoS a DDoS útoky na SIP protokol / DoS a DDoS útoky na SIP protokol

Staněk, Jan

January 2011

The aim of this diploma thesis is to get accustomed with the SIP protocol and with the problematics of attacks targeting this protocol, with the emphasis on DoS and DDoS attacks. The thesis focuses on detailed classification of the attacks, possibilities and forms of generation of the attacks and methodics of defense against them. The attacks of the flood type are especially stressed because they are easily generated and the SIP components are very prone to these attacks. Prototype implementations of the most important ideas concerning attack generation and protection against these attacks are also part of this thesis. Practical tests of the implementations performed in a simulated SIP environment are also included. 1

Une Architecture pour les Services Télécom

Fontaine, Arnaud

06 1900

Ce manuscrit se propose de mettre en exergue les mécanismes intervenant dans les problématiques de composition et de personnalisation de services télécoms, pour être en mesure de proposer une solution générique de création de ces services, en investigant les différentes solutions existantes (Réseau Intelligent, TINA, H323, CCM, WebServices...). Aussi nous proposons un processus novateur de création de service basé sur l'utilisation successive de modèles de composants logiciels, de la phase de conception jusqu'au développement et assemblage des composants constitutifs des services. Le fil conducteur de notre travail a été d'identifier, formaliser et expérimenter des solutions techniques applicables aux composants, pour faciliter leur utilisation dans un environnement d'exploitation ouvert. Les modèles de composants permettent de raffiner progressivement les traitements interne du service, et ses communications avec son environnement. Les notations utilisées sont basées sur UML, en profitant de ses possibilités d'extensions par le biais de stéréotypes, ou d'une nouvelle notation dans le cadre du comportement interne des composants, car aucune notation existante ne convenait totalement à cet usage. Enfin, pour adapter l'exécution de nos services aux états et besoins de l'utilisateur, nous avons complété notre architecture avec l'utilisation d'un service de présence, accompagné d'agents. Le premier d'entre eux, déployé sur le terminal de l'utilisateur, les autres étant déployés au sein de prestataires de services, capables de maintenir les données des services exclusives à l'utilisateur, la communication entre agents étant assurée grâce à l'utilisation du protocole SIP (Session Initiation Protocol).

Sip

Contrat

Service

Interaction

Modélisation

Comportement

Towards Secure SIP Signalling Service for VoIP applications : Performance-related Attacks and Preventions

Zhang, Ge

January 2009

<p>Current Voice over IP (VoIP) services are regarded less secure than the traditional public switched telephone network (PSTN). This is due to the fact that VoIP services are frequently deployed in an relatively open environment so that VoIP infrastructures can be easily accessed by potential attackers. Furthermore, current VoIP services heavily rely on other public Internet infrastructures shared with other applications. Thus, the vulnerabilities of these Internet infrastructures can affect VoIP applications as well. Nevertheless, deployed in a closed environment with independent protocols, PSTN has never faced similar risks.</p><p>The main goal of this licentiate thesis is the discussion of security issues of the Session Initiation Protocol (SIP), which serves as a signalling protocol for VoIP services. This work especially concentrates on the security risks of SIP related to performance. These risks can be exploited by attackers in two ways: either actively or passively. The throughput of a SIP proxy can be actively manipulated by attackers to reduce the availability of services. It is defined as Denial of Service (DoS) attacks. On the other hand, attackers can also profile confidential information of services (e.g., calling history) by passively observing the performance of a SIP proxy. It is defined as a timing attack. In this thesis, we carefully studied four concrete vulnerabilities existing in current SIP services, among which, three of them can lead to DoS attacks and one can be exploited for timing attacks. The results of our experiments demonstrate that these attacks can be launched easily in the real applications.</p><p>Moreover, this thesis discusses different countermeasure solutions for the attacks respectively. The defending solutions have all in common that they are influencing the performance, by either enhancing the performance of the victim during a DoS attack, or abating the performance to obscure the time characteristic for a timing attack. Finally, we carefully evaluated these solutions with theoretical analyses and concrete experiments.</p>

SIP

VoIP

Security

Computer science

Datavetenskap

Targeted enrichment of cellulase genes using stable-isotope probing and metagenomics

Pinnell, Lee

17 January 2012

Cellulose is the most abundant organic compound on the planet, and is found in nearly every ecosystem. Cellulose is also the most abundant waste product produced by human activity. These enormous stores of natural cellulose and cellulose-containing wastes are a potential renewable energy source. The hydrolysis of cellulose is referred to as cellulolysis and is carried out by cellulase enzymes, which are members of certain glycoside hydrolase families. For most of its history, the microbiology of organisms like those that hydrolyze cellulose was based solely on the testing of physiological and biochemical behaviour of isolated organisms in pure cultures. Despite having gained an important foundation of knowledge in the characterization of microorganisms, cultivation-based techniques introduce major bias into understanding the role that specific microorganisms play because the majority of microorganisms are not readily cultured. Two of the most powerful culture-independent approaches for accessing microbial communities are DNA stable-isotope probing (DNA-SIP) and metagenomics. Though each methodology has been used on its own, it is a combination of these two approaches that has enormous potential to generate results for industrial applications and to help characterize biogeochemical cycling. This thesis presents the first research combining DNA-SIP and metagenomics using cellulose, and the first to target glycoside hydrolase genes from Arctic tundra. For this research, two-month DNA-SIP incubations were carried out with 200 mg of 13C-labelled cellulose as a substrate. Denaturing gradient gel electrophoresis (DGGE) provided evidence indicating the successful enrichment of microorganisms able to metabolize cellulose. Multiple displacement amplification (MDA) was applied to both the bulk-soil samples and DNA-SIP samples. Following MDA, all DNA samples were subjected to Illumina sequencing, including DNA from a cellulose-degrading enrichment. Functional annotation for each Illumina library was done using the SwissProt database within MG-RAST. The DNA-SIP enrichment resulted in a ~3 fold increase in the relative abundance of glycoside hydrolases and cellulase enzymes in relation to bulk soil samples. A cellulose degrading enrichment contained the highest relative abundance of glycoside hydrolases and cellulase enzymes, with a five fold increase relative to the DNA-SIP enrichment. The enrichment culture had a much lower relative diversity, which was measured using the Shannon Index. An unrooted neighbor-joining tree constructed using Bray-Curtis similarity coefficients for each sample demonstrated that as a result of a considerably higher proportion of cellulase gene sequences and a lower diversity the enrichment culture was the most distinct library, with the DNA-SIP library most closely related to it. DGGE provided initial evidence that MDA introduced bias into the amplification of DNA from the DNA-SIP sample. This was confirmed following sequencing and annotation as the proportion of glycoside hydrolase enzymes sequences decreased 67% following MDA of DNA-SIP enriched DNA and the mean G+ C content of libraries decreased. This research provides evidence indicating that DNA-SIP enrichment prior to the construction of metagenomic libraries increases the abundance of targeted gene sequences, which should enable greater access to functional genes of active microorganisms for potential industrial applications.

DNA-SIP

metagenomics

cellulase genes

cellulose

Biology

Signaling Architectures for the Interaction of the Session Initiation Protocol and Quality of Service for Internet Multimedia Applications

Goulart, Ana Elisa Pereira

18 April 2005

Interactive multimedia sessions combine requirements of traditional telephony services and Internet applications. This requires call setup, call signaling, negotiation, routing, security, and network resources. Seeking to facilitate the use of quality of service (QoS) mechanisms to users of such applications, this thesis presented new signaling architectures that addressed the interaction of the Session Initiation Protocol (SIP) as the session control signaling protocol and current resource management frameworks. The Differentiated Services (DiffServ) architecture is used as the primary example. The new architectures addressed the roles of SIP agents and proxy servers in subjects such as resource negotiation, call authorization, and end-to-end QoS in heterogeneous networks. First, an architecture based on the use of QoS-enhanced SIP proxies and a SIP-based interface between the application and network layers was developed, implemented in a testbed, and performance enhancements demonstrated. Further studying of the Internet Engineering Task Force (IETF) proposal for the integration of SIP and resource management led to the development of a new signaling scheme, Resource management Overlapped with Answering Delay (ROAD). It explores the SIP user agent interaction with the network in a way that takes advantage of parallel user answering delays and reservation delays. An experimental evaluation of the ROAD scheme showed its call setup delay savings and reduced signaling load. Then, on the interaction of SIP and call admission control, an inter-domain call authorization model that implements the concepts of proxies as gate controllers (QoS-enhanced SIP proxies-GC), and that provides call authorization status and adds more granularity to the authorization process is proposed. This model showed to be scalable in terms of the need to add more resources to compensate for the increasing service load on the servers. Finally, an example framework that applies the new signaling architectures to achieve end-to-end QoS in heterogeneous networks is presented.

Resource management

SIP

Internet telephony

Call signaling

Design and Implementation of VoIP System with Fault Tolerance and Load Balance

Hou, Cheng-chih

23 July 2007

Because of the maturation of the VoIP technique, VoIP can not only satisfy the basic requirement of telecommunication but also provide multimedia communication services. As a result, it is very attractive in recent years. Through VoIP, the cost of communication can be saved. It can be very competitive. In addition, VoIP can be combined with PSTN (Public Switched Telephone Network). This helps traditional PSTN users to be able to use traditional telephones to make VoIP calls.Besides, VoIP can also extend other services. It can achieve diversification of services, comfortable using and reducing the cost requirement. Moreover, with the increasing of the VoIP population, the traditional method using single server is unable to afford so much loading. It is possible that the large load makes the service stop anytime. This makes the usability and the reliability decrease. To make the VoIP service work anytime, we implement a method in both client side and server side to achieve the goal of continuous providing of the service. From this implementation, the service of VoIP can be provided anytime. The users, however, have no need to be aware of the different operation style in VoIP.

Mysql Replication

OpenSER

SIP

VoIP

Dispatcher

Design and Implementation of a 3PCC Application System over an Embedded SIP/VoIP Gateway

Huang, Che-Ling

24 July 2008

eBay chief executive, Meg Whitman, at a press conference expressed to the investors that ¡§communications plays a key role in e-commerce and society. This makes Skype become the most suitable cooperator with eBay.¡¨ When integrating with Skype, eBay makes buyers and sellers communicate with each other through VoIP. This removes the biggest obstacle between buyers and sellers and achieves an ¡§unparalleled e-commerce and communications engine.¡¨ ¡§eBay with Skype¡¨ is the best example of 3PCC with e-commerce. 3PCC is a model that allows an entity (which is called controller) to manage and set up a communication between two or more other parties. It has already existed in the PSTN for a long time. Although there are many applications designed for SIP, they are not 3PCC with e-commerce model. Therefore, we attempt to design an application that integrating 3PCC with e-commerce. In this paper, we not only introduce how 3PCC is achieved but also express how REFER (a new method in SIP) can be used for replacing the traditional 3PCC mechanism in chapter 2. Chapter 3 will introduce the S/H development framework, the flows of SIP and the functions or libraries related to the Gateway. In chapter 4, we will first explain the design concept about our systems and then express how we implement the system. These include the website database structures, the Gateway programs and the packet analysis and verification. Finally, we will conclude this paper in Chapter 5. In addition, we will show the system and operation guide in appendix.

SIP

3PCC

REFER

Embedded VoIP Gateway

Open Source SIP Application Servers For IMS Applications: A Survey

Kumlin, Veronica

January 2007

<p>I ett IMS-nät (IP Multimedia Subsystem) finns Applikations Servrar (AS) som tillhandahåller tjänster, dessa AS är ofta SIP-servrar (Session Initation Protocol).</p><p>Målet för det här examensarbetet var att finna den SIP-server som är mest lämpad att använda när man ska lägga till en tjänst i ett IMS-nät.</p><p>Först gjordes en undersökning av tillgängliga SIP AS och ett tiotal hittades. Några av dem valdes ut för att jämföras och utredas mer noggrant. Inledningsvis inspekterades deras dokumentation, sedan analyserades proceduren att installera AS och att lägga till en tjänst på dem. Till sist lades tjänsten till i ett IMS-nät.</p><p>Eftersom varken deras fördelar eller nackdelar utmärkte sig på ett sådant sett att någon av dem sammantaget var bättre än den andra, kunde tyvärr inte någon av dem pekas ut som den mest lämpade.</p> / <p>In an IMS (IP Multimedia Subsystem) network there are Application Servers (ASs) which host and execute services. These are often SIP (Session Initiation Protocol) servers. The goal for this thesis was to evaluate a selection of open source SIP ASs to see which one was most suited for IMS service development.</p><p>Ten different SIP ASs was found in an initial search. They were briefly reviewed and some of them were chosen as candidates for further investigation.</p><p>The documentation of the chosen servers were thoroughly explored and evaluated; as was the installation process and how to deploy a service to them.</p><p>Finally the servers were installed and a service was implemented and deployed to an IMS network.</p><p>Unfortunately, I could not point out one of the ASs to be more suited than another for deploying an IMS service on. This was because they had different pros and cons and none of them were distinguishing in a way that made them superior to the other.</p>

SIP server

IMS

Computer science

Datalogi

AsteriskVoIPErprobung

Schildt, Holger

29 January 2004

Erprobung der Open-Source VoIP-Lösung Asterisk - dabei wurde das IAX Protokoll und der Stand der SIP/H.323 Integration bewertet. Eine Übersicht der nutzbaren Clienten runten diese Studienarbeit ab.

IAX

PBX

SIP

VoIP

ddc:004

Targeted enrichment of cellulase genes using stable-isotope probing and metagenomics

Pinnell, Lee

17 January 2012

Cellulose is the most abundant organic compound on the planet, and is found in nearly every ecosystem. Cellulose is also the most abundant waste product produced by human activity. These enormous stores of natural cellulose and cellulose-containing wastes are a potential renewable energy source. The hydrolysis of cellulose is referred to as cellulolysis and is carried out by cellulase enzymes, which are members of certain glycoside hydrolase families. For most of its history, the microbiology of organisms like those that hydrolyze cellulose was based solely on the testing of physiological and biochemical behaviour of isolated organisms in pure cultures. Despite having gained an important foundation of knowledge in the characterization of microorganisms, cultivation-based techniques introduce major bias into understanding the role that specific microorganisms play because the majority of microorganisms are not readily cultured. Two of the most powerful culture-independent approaches for accessing microbial communities are DNA stable-isotope probing (DNA-SIP) and metagenomics. Though each methodology has been used on its own, it is a combination of these two approaches that has enormous potential to generate results for industrial applications and to help characterize biogeochemical cycling. This thesis presents the first research combining DNA-SIP and metagenomics using cellulose, and the first to target glycoside hydrolase genes from Arctic tundra. For this research, two-month DNA-SIP incubations were carried out with 200 mg of 13C-labelled cellulose as a substrate. Denaturing gradient gel electrophoresis (DGGE) provided evidence indicating the successful enrichment of microorganisms able to metabolize cellulose. Multiple displacement amplification (MDA) was applied to both the bulk-soil samples and DNA-SIP samples. Following MDA, all DNA samples were subjected to Illumina sequencing, including DNA from a cellulose-degrading enrichment. Functional annotation for each Illumina library was done using the SwissProt database within MG-RAST. The DNA-SIP enrichment resulted in a ~3 fold increase in the relative abundance of glycoside hydrolases and cellulase enzymes in relation to bulk soil samples. A cellulose degrading enrichment contained the highest relative abundance of glycoside hydrolases and cellulase enzymes, with a five fold increase relative to the DNA-SIP enrichment. The enrichment culture had a much lower relative diversity, which was measured using the Shannon Index. An unrooted neighbor-joining tree constructed using Bray-Curtis similarity coefficients for each sample demonstrated that as a result of a considerably higher proportion of cellulase gene sequences and a lower diversity the enrichment culture was the most distinct library, with the DNA-SIP library most closely related to it. DGGE provided initial evidence that MDA introduced bias into the amplification of DNA from the DNA-SIP sample. This was confirmed following sequencing and annotation as the proportion of glycoside hydrolase enzymes sequences decreased 67% following MDA of DNA-SIP enriched DNA and the mean G+ C content of libraries decreased. This research provides evidence indicating that DNA-SIP enrichment prior to the construction of metagenomic libraries increases the abundance of targeted gene sequences, which should enable greater access to functional genes of active microorganisms for potential industrial applications.

DNA-SIP

metagenomics

cellulase genes

cellulose

Biology