SIP Security Mechanism Techniques on Voice over Internet Protocol (VoIP) System Research Papers (original) (raw)

2025, Article

This paper focused on the application and utilization of ATMs in rural transactions: problems and prospects in a covid-19 era. The paper examined the concept of COVID-19, rural areas, farmers/dwellers and ATM transactions. The theoretical framework and history of ATM use were also discussed. The paper finally highlighted some problems and prospects of ATMs and concludes that ATMs are beneficial to the rural populace, while recommending that ATMs and other easily accessible forms of e-banking should be provided for the rural populace and several fora like workshops/seminars should be organized to train and enlighten the rural people more on the benefits, use and importance of ATM transactions in the present era.

2025

The SIP protocol (Session Initiation Protocol), defined in RFC 3261, is a signaling protocol used to initiate, modify, and terminate multimedia communication sessions, such as voice and video calls over IP. The mathematics involved in SIP is primarily related to message formatting and processing, timer management, quality metric calculations, and routing decisions. Below, we expand and refine the text, incorporating additional details from RFC 3261, coding examples, references to other relevant RFCs, figures, and tables to illustrate the concepts, as well as exploring the protocol's vulnerabilities.

2025

The SIP protocol is widely used in VoIP systems, but its open nature makes it vulnerable to attacks such as DDoS, spoofing, and fraud. Traditional firewalls, based on static rules, are limited in detecting complex and evolving threats. In contrast, adaptive firewalls, powered by AI, can learn from network traffic and proactively respond to emerging threats. Objective of the Article: To compare traditional firewalls with opensource AI-based solutions and provide a technical implementation guide.

2024

This paper presents the design principles, architecture, implementation and performance o f o u r m o dular key management protocol (MKMP) and an IP secure tunnel protocol (IPST) which protects the secrecy and integrity of IP datagrams using cryptographic functions. To use the existing IP infrastructure, MKMP is built on top of UDP and the IPST protocol is built by encapsulating IP datagrams.

2024, World Academy of Science, Engineering and Technology, International Journal of Social, Behavioral, Educational, Economic, Business and Industrial Engineering

Automated Teller Machines (ATMs) can be considered among one of the most important service facilities in the banking industry. The investment in ATMs and the impact on the banking industry is growing steadily in every part of the world. The banks take into consideration many factors like safety, convenience, visibility, and cost in order to determine the optimum locations of ATMs. Today, ATMs are not only available in bank branches but also at retail locations. Another important factor is the cash management in ATMs. A cash demand model for every ATM is needed in order to have an efficient cash management system. This forecasting model is based on historical cash demand data which is highly related to the ATMs location. So, the location and the cash management problem should be considered together. This paper provides a general review on studies, efforts and development in ATMs location and cash management problem.

2023

The Secure Real-time Transport Protocol (SRTP) Status of this Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

2023, Artificial Neural Networks and Machine Learning – ICANN 2018

The Self-Enforcing Network (SEN), a self-organized learning neural network, is used to analyze SIP attack traffic to obtain classifications for attack variants that use one of four widely used User Agents. These classifications can be used to categorize SIP messages regardless of User-Agent field. For this, we combined SEN with clustering methods to increase the amount of traffic that can be handled and analyzed; the attack traffic was observed at a honeynet system over a month. The results were multiple categories for each User Agent with a low rate of overlap between the User Agents.

2023, Lecture Notes in Computer Science

2023, International Journal of Internet Protocol Technology

This paper proposes a novel method to address the protection necessary to mitigate flooding attacks in VoIP networks which can produce rapid saturation of a firewall and crippling of a VoIP switch. The paper proposes a stateless firewall nonce checking mechanism as an extension to the existing (stateful) SIP digest authentication. This combination aims to form a more secure and flood-resistant authentication scheme for SIP-based VoIP systems. The proposed mechanism has been implemented on a Linux iptables firewall and the experimental results demonstrate proof-of-concept showing that by incorporating this mechanism it is possible to provide substantially improved SIP-based flooding mitigation.

2023

I have left the acknowledgments section of this dissertation unwritten until the very last moment so that I don't forget many people who supported me during these last three, very intensive years of my life. All thanks are due to Allah (God) who facilitated for me all the means to finish this stage of my life. He granted me a very supportive wife and family whom I can not thank enough. The completion of this dissertation would not have been possible without their assistance and support. I would like to thank Dr. Gordon Springer, my advisor, for the invaluable comments and input on the content of this dissertation. I would like also thank Mr. Larry Sanders for his assistance in setting up the testing environment of this dissertation. He was very patient and cooperative every time I jumped into his office. I'm also grateful to my committee members. They not only gave me the resources, help and guidance I needed but, in addition, they pushed me to discover and surpass my own limits. Finally, I would like to thank all friends and families in Columbia, Missouri for supporting and encouraging me through out my stay here. Special thanks are due to Khenissi's daughters for proofreading the thesis. May Allah reward them the best. This work is the result of a very long trip that has just started, and I hope it will not be as difficult.

2023

VoIP (Voice over Internet Protocol) is used for peer-to-peer or multi-points communications. SRTP (Secure Real-Time protocol) is used for peer-to-peer communications which are no longer suitable when you want to do multi-point of VoIP. SRTP uses DH (Diffie Hellman) for key exchange but does not make the certification. This means that SRTP does not guarantee non-repudiation service and presents security vulnerabilities during exchanges of keys. In this work, we propose ECMSRTP (Elliptic curve Multi-point Secure Real Time Protocol) which is a new VoIP security protocol for multi-point communications. It uses the certification mechanism, ensures non-repudiation and makes encryption using El-Gamal based on elliptic curves. Performance analysis shows that this new protocol has a latency time better than SRTP. It has a complexity of O(n) for key exchange against O(n ) for SRTP, O(n) for encryption against O(2) for SRTP and O( ) for signature against O(n) for SRTP.

2023, Information Technology And Control

Password-based authenticated key exchange protocol is a type of authenticated key exchange protocols which enables two or more communication entities, who only share weak, low-entropy and easily memorable passwords, to authenticate each other and establish a high-entropy secret session key. In 2012, Tallapally proposed an enhanced three-party password-based authenticated key exchange protocol to overcome the weaknesses of Huang's scheme. However, in this paper, we indicate that the Tallapally's scheme not only is still vulnerable to undetectable online password guessing attack, but also is insecure against off-line password guessing attack. Therefore, we propose a more secure and efficient scheme to overcome the security flaws.

2022, caesjournals.org

Abstract-SIP-based VoIP system has many security problems because of the security mechanism of VoIP system and other external factors. These effects relate to the following three aspects: confidentiality, integrity and availability. The... more

2022, Procedia Engineering

The efficiency and safety of Web access can be enhanced by the deployment of an http proxy server in many cases. The first part of this paper provides an introduction to the issue of an HTTP proxy server. The second part of the paper describes used technologies and an implementation of a multithreaded HTTP proxy server with an embedded WWW server used for the graphics user interface. In its current state, the developed proxy server can be used to monitor the WWW traffic of a local area network and, with further development of its functionalities, can include such areas as content filtering or access control.

2022, Advances in Data Mining Knowledge Discovery and Applications

Will-beset by IN -TECH 2.3 million 1. Also, both the number of ATM terminals and the ATM transactions are expected to grow exponentially in the near future [8].

2022, Indonesian Journal of Electrical Engineering and Computer Science

Users need more efficient and more secure when they use the Internet. Password authentication code (PAC) is the critical issue in many applications such as web-sites and data base systems etc. In this paper, PAC between two users to confirm authentication between them based two factors has presented.. Two factors is the most good solution in this field. A legitimate user needs to make sure about his partner to ensure their communication. So, this solution produces two important algorithms, the first one is utilized the Diffie-Hellman which considered the base of this work. The second is routing in message passing networks (RMPN) algorithm which determine the positions of bits which sent to specific party. The overall of this method convincingly to be more secure against both online and offline attacks. This scheme has some advantages such as secrecy of session key, password privacy, and mutual authentication. The performance and security analyses prove that the scheme is very effi...

2022, Indonesian Journal of Electrical Engineering and Computer Science

Cloud computing is a novel paradigm that allows users to remotely access their data through web- based tools and applications. Later, the users do not have the ability to monitor or arrange their data. In this case, many security challenges have been raised. One of these challenges is data integrity. Contentiously, the user cannot access his data directly and he could not know whether his data is modified or not. Therefore, the cloud service provider should provide efficient ways for the user to ascertain whether the integrity of his data is protected or compromised. In this paper, we focus on the problem of ensuring the integrity of data stored in the cloud. Additionally, we propose a method which combines biometric and cryptography techniques in a cost-effective manner for data owners to gain trust in the cloud. We present efficient and secure integrity based on the iris feature extraction and digital signature. Iris recognition has become a new, emergent approach to individual i...

2022, caesjournals.org

2022, GLOBECOM 2009 - 2009 IEEE Global Telecommunications Conference

The multimedia communication is rapidly converging towards Voice over Internet-commonly known as Voice over Internet Protocol (VoIP). Session Initiation Protocol (SIP) is the standard used for session signaling in VoIP. Crafty attackers can launch a number of Denial of Service (DoS) attacks on a SIP based VoIP infrastructure that can severely compromise its reliability. In contrast, little work is done to analyze the robustness and reliability of SIP severs under DoS attacks. In this paper, we show that the robustness and reliability of generic SIP servers is inadequate than commonly perceived. We have done our study using a customized analysis tool that has the ability to synthesize and launch different types of attacks. We have integrated the tool in a real SIP test bed environment to measure the performance of SIP servers. Our measurements show that a standard SIP server can be easily overloaded by sending simple call requests. We define the performance metrics to measure the effects of flooding attacks on real time services-VoIP in SIP environment-and show the results on different SIP server implementations. Our results also provide insight into resources' usage by SIP servers under flooding attacks. Moreover, we show that how a well known open source SIP server can be crashed through 'INVITE of Death'-a malformed SIP packet maliciously crafted by our tool. 1 We define breaking point as an attack scenario in which only 50% of the requested calls are completed.

2022, JOIV : International Journal on Informatics Visualization

This paper presented a new multilingual language for Automated Teller Machine (ATM) in Uganda which serves as an extension to the existing Languages. The existing ATMs have only English, Kiswahili and Luganda as the only available languages. Hence, findings revealed that there are still some prevalent languages e.g. Ateso language that are widely spoken among the people of Uganda which the present ATMs in the country have not captured. The objective of this paper was to propose the integration of the new language (Ateso language) to the existing languages. In this paper, a new language was adopted when it was realized that some people especially in the Buganda region could not manage to interact with the ATMs because they were illiterate. The developed multilingual system prototype was tested using some empirical data and was found to successfully imitate ATM transactions in the local Uganda languages. The results of the study supported the positive impacts on customers that reside ...

2022, 2015 IEEE World Conference on Factory Communication Systems (WFCS)

RESTful interfaces are a wide-spread architecture style for webservice implementations and are built upon the resource-oriented approach to decentralized architectures (ROA). REST postulates a set of requirements that are not covered by the OPC Unified Architecture (OPC UA) communication protocol per se. We propose a set of simple extensions to the OPC UA binary protocol that enable RESTful communication. The evaluation shows an order of magnitude improvement in the use of communication resources for sporadic service requests. Additionally, RESTful OPC UA allows applications to profit from the advantages of the resource-oriented architecture style, such as caching and loose application coupling.

2022

network has turned to be the most challenging issue in recent years. VoIP packets are easy to eavesdrop on by hackers due to the use of Diffie-Hellman (DH) algorithm for single common key exchange between two end-users. As a result the confidentiality of voice data turns to be a challenging issue. There is a need for strong key management algorithm to secure voice data from all kinds of attacks. In this paper, an efficient Modified Elliptic Curve Diffie-Hellman (MECDH) using Split Scalar Multiplication (SSM) algorithm is proposed, which secures voice data from Man-in-the Middle (MITM) attack by dynamically generating the shared key. Further, in order to speed up the Scalar Multiplication (SM) used in traditional Elliptic Curve Diffie Hellman (ECDH) algorithm, the SSM technique is adopted in the proposed MECDH algorithm. The performance of the proposed MECDH algorithm is compared with the traditional ECDH and validated in Java platform. From the results obtained, it is observed that the computation time taken by the proposed MECDH algorithm is 89% lesser than the traditional ECDH algorithm and 11% lesser than the key changing ECDH. Also, high security level is achieved with the proposed idea of using dynamic keys instead of single common shared secret key.

2022, Indonesian Journal of Electrical Engineering and Computer Science

2022, Proceedings of the 11th International Conference on Enterprise Information

The article analyzes the problems of optimization and management of ATM (Automated Teller Machine) network system, related to minimization of operating expenses, such as cash replenishment, costs of funds, logistics and back office processes. The suggested solution is based on merging up two different artificial intelligence methodologies-neural networks and multi-agent technologies. The practical implementation of this approach enabled to achieve better effectiveness of the researched ATMs network. During the first stage, the system performs analysis, based on the artificial neural networks (ANN). The second stage is aimed to produce the alternatives for the ATM cash management decisions. The performed simulation and experimental tests of method in the distributed ATM networks reveal good forecasting capacities of ANN.

2022

Status of this Memo This memo defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is... more

2022, ACM SIGMultimedia Records

Internet-based multimedia applications (e.g., voice-over-IP, instant messaging, and video conferencing) are continuing to grow in importance as more people depend on such applications for personal and professional communications. Although performance is almost always a concern with multimedia systems that must satisfy quality-of-service (QoS) constraints, security is also a major requirement given the increasing criticality of such applications. For example, businesses might depend on Internet telephony to reach customers while governments might depend on video streaming to disseminate information. For distributed multimedia services, in addition to the traditional security properties (confidentiality, integrity, and availability), accountability is also important to complement perimeter defenses. Accounting for user actions within the system enables the development of higher-level security services.

2022

Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC 2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."

2022

A Cloud capacity reviewing is seen as a basic administration to verify the veracity of the information out in the open cloud. Existing examining conventions are altogether in light of the supposition that the Client's mystery key for examining is totally secured. Such supposition may not generally be held, due to the likely frail suspicion that all is well and good and additionally low security settings at the customer. In a large portion of the current evaluating conventions would unavoidably get to be distinctly not able to work when a mystery key for evaluating is uncovered. It is explored on the best way to decrease the harm of the customer's key disclosure in distributed storage evaluating, and give the main helpful illustration to this new issue setting. Formalized the definition and the security model of inspecting convention with key-presentation strength and propose such a convention. Used and built up a novel authenticator development to bolster the forward securit...

2022

IS-IS Generic Cryptographic Authentication Status of This Memo This document specifies an Internet standards track protocol for the Internet community, and requests discussion and suggestions for improvements. Please refer to the current edition of the "Internet Official Protocol Standards" (STD 1) for the standardization state and status of this protocol. Distribution of this memo is unlimited.

2022

2021

Status of this Memo This document defines an Experimental Protocol for the Internet community. It does not specify an Internet standard of any kind. Discussion and suggestions for improvement are requested. Distribution of this memo is... more

2021, International Journal of Computer Applications Technology and Research

The Voice over Internet Protocol (VoIP). The VoIP is relatively new and is gaining more and more popularity as it offers a wide range of features and is much more cost effective as compared to the traditional PSTN. But the VoIP brings with it certain security threats which need to be resolved in order to make it a more reliable source of communication. Session Initiation Protocol (SIP) today is considered the standard protocol for multimedia signaling, and the result is a very generic protocol. SIP is specified by the IETF in RFC 3261. From a structural and functional perspective, SIP is application layer signaling text-based protocol used for creating, modifying, and terminating multimedia communications sessions among Internet endpoints. Unfortunately, SIP-based application services can suffer from various security threats as Denial of Service (DoS). attacks on a SIP based VoIP infrastructure that can severely compromise its reliability. In contrast, little work is done to analyze the robustness and reliability of SIP severs under DoS attacks. In this survey, we are discussing the DoS flooding attack on SIP server. Firstly, we present a brief overview about the SIP protocol. Then, security attacks related to SIP protocol. After that, detection techniques of SIP flooding attack and various exploited resources due to attack were discussed and finally the paper reviews previous work done on SIP based DoS attacks.

2021, JOIV : International Journal on Informatics Visualization

2021

2021, Peer-to-Peer Networking and Applications

Session Initiation Protocol (SIP) has proved to be the integral part and parcel of any multimedia based application or IP-based telephony service that requires signaling. SIP supports HTTP digest based authentication, and is responsible for creating, maintaining and terminating sessions. To guarantee secure SIP based communication, a number of authentication schemes are proposed, typically most of these are based on smart card due to its temper resistance property. Recently Zhang et al. presented an authenticated key agreement scheme for SIP based on elliptic curve cryptography. However Tu et al. (Peer-to-Peer Netw Appl 1-8, 2014) finds their scheme to be insecure against user impersonation attack, furthermore they presented an improved scheme and claimed it to be secure

2021

2021, 2007 IEEE International Symposium on Signal Processing and Information Technology

Electronic negotiation (e-negotiation) is a major allocation [1, 2, 3, 4, 5]. activity in e-Commerce applications. Agent-based e-negotiation We assume that negotiating mobile agents are deployed to has recently received increasing attention. However, agent-based act on behalf of consumers and vendors. We assume that the electronic negotiation suffers from a number of security attacks. negotiating agents are free-roaming agents that can In this paper, we present a mobile agent-based e-commerce framework. We also propose a security protocol that protects the autonomously choose the agent's itinerary based on the information exchanged between the mobile agents during e-acquired offers and the initiator's initial preferences. We negotiations. We reason the correctness of the proposed security assume that the agent's code remains intact throughout the protocol in the presence of various security threats. The agent's itinerary. During negotiation, agents are expected to reasoning shows that the protocol maintains privacy, non-run in partially unknown and untrustworthy environments. repudiation, authenticity, anonymity, and strong integrity of They transport from one host to another host through insecure exchanged information. channels and may execute on non-trusted hosts. Thus, both

2021, JOIV : International Journal on Informatics Visualization

2021, International Journal of Network Management

2021, International Journal of Information and Communication Technology Research

Session Initiation Protocol (S IP) is the main signaling protocol of the next generation networks. The security issues of S IP-based entities (i.e. proxy servers and clients) have a direct impact on the perceived quality of experience of end users in multimedia sessions. In this paper, our focus is on the S IP flooding attacks including denial of service and distributed denial of service attacks. After classifying various types of S IP attacks based on their sources, we extract four feature sets based on the specification of its attack group, as well as the normal behavior of the S IP state machine specified in RFC 3261. We then minimize the number of derived features in each set to reduce the computational complexity of our proposed approach. This facilitates employing the engineered feature sets in embedded S IP-based devices such as cell phones and smart TVs. We evaluate the performance of the propose d feature sets in detecting S IP attack sequence. For this, we design and implement a real test-bed for S IP-based services to generate normal and attack traffics. The experimental results confirm that the engineered feature sets perform well in terms of detection accuracy and false alarm rates in classifying benign and anomaly traffic in various attack scenarios.

2019, International Journal of Students’ Research in Technology & Management

This paper deals with the secure transformation of text. Encryption is the most common method of hiding text from unauthorized access. Two popular ways of sending personal information in a secret way are Cryptography and Steganography. To hide the existence of the message as well as distorts the message itself using this method. LSB and ELSB are the advanced techniques used to hide text in the image. There are two levels to hide the secret information. In the first level of hiding text, data sent to images by using the password and in second level encryption of 2D Cellular Automata used to enhance more security. If one level of security technique is broken by third person then there will be one more level to provide security to that secret information. Encryption will do using 2 dimensional rules of Cellular Automata. The use of Cellular Automata rules is for the parallelism which provides high security during storing and communicating, higher compression ratio and higher encoding of data while comparing with the available security techniques.

2017

Remote data integrity checking is a crucial technology in cloud computing. Recently many works focus on providing data dynamics and/or public verifiability to this type of protocols. Existing protocols can support both features with the help of a third party auditor. In a previous work, propose a remote data integrity checking protocol that supports data dynamics. In this paper, we adapt to support public verifiability. The proposed protocol supports public verifiability without help of a third party auditor. In addition, the proposed protocol does not leak any private information to third party verifiers. Through a formal analysis, we show the correctness and security of the protocol. After that, through theoretical analysis and experimental results, we demonstrate that the proposed protocol has a good performance. Architecture: Existing System: In existing system, the clients store the data in server that server is trustworthy and after the third party auditor can audit the client files. So, the third party auditor can stolen the files.

2017

With the rapid increase in bandwidth and the introduction of advanced IP services including voice, high-speed internet
access, and video/IPTV, consumers are more vulnerable to malicious users than ever. In recent years, providing safe and
sound networks and services have been the zenith priority for service providers and network carriers alike. Users are
hesitant to subscribe to new services unless service providers guarantee secure connections. More importantly,
government agencies of many countries have introduced legislations requiring service providers to keep track and
records of owners of IP and MAC addresses at all time.

2017

Session Initiation Protocol (SIP) is the most popular signaling protocol using in order to establish, modify and terminate the session multimedia between different participants. It was selected by the Third Generation Project Partnership (3GPP) as a multimedia application protocol in 3G mobile networks. SIP is the protocol currently used for signaling ToIP calls. The security of SIP is becoming more and more important. Authentication is the most important security service required by SIP. To ensure a secured communication, many SIP authentication protocols have been proposed. This work provides an overview of the proposed schemes based on elliptic curve cryptography. Those proposed schemes are analyzed in security consideration and the computational cost. 1. Introduction Telephony over IP (ToIP) is a service that allows you to transfer voice communications flow on IP (Internet Protocol). This is the application that will require the IP infrastructure as the standard for all types of information or media. The Session Initiation Protocol (SIP) is a signaling protocol used to manage, establish and terminate the communication sessions between two or more participants. SIP is not limited to telephone calls, but it can be used for multimedia conferencing [1], instant messaging and online games,... View this popularity and use in public networks, SIP security becomes more and more important. Authentication is the most security service required for SIP. The original SIP authentication protocol is HTTP Digest Authentication [2]. However, this protocol was found vulnerable to deferent attacks. In order to reinforce SIP authentication, a large community has been participated by proposing different protocols based on various mechanisms. In this paper we have analysed the proposed protocols based on security offred and total ranning time; the comparison between those protocols can helped as to determinate based on elliptic curve cryptography. The remainder of this paper is organized as follows. Section 2 delivers general information on the architecture and the original SIP authentication protocol. In section 3, we analyze the performance security of proposed protocols. A comparison between the proposed protocols in terms of security and computational cost consideration are presented in section 4. Finally, section 5 concludes this research.

2016

We address the issue of a special denial of service (DoS) attack targeting a subcomponent of a Session
Initiation Protocol (SIP) based VoIP network. Our focus is fctargeted at attacks that are addressed at the
Domain Names Service (DNS). By flooding a SIP element with messages containing difficult-resolvable
domain names, it is possible to block the target for a considerable amount of time. We evaluate possibilities
to mitigate these effects and show that over-provisioning is not sufficient to handle such attacks. We present
results gained from testing with actual SIP providers of a counter solution based on a non-blocking DNS
caching solution. Within this cache we evaluate different caching strategies and show that the Least-
Frequently-Used caching strategy gives best results to mitigate this kind of attack. (1) LFU policy could help
cache to work better than other replacement policies. (2) If there are enough CPU and memory resource, the
more parallel processes of SIP proxy, the better performance of SIP proxy. (3) If there are enough CPU and
memory resource, the more cache entries, the better performance of SIP proxy. (4) The longer attacking
interval, the better performance of SIP proxy

2016

This paper describes the implementation process of the Free Technologies Open Laboratory (LATL) in the Center for Information Technology Renato Archer (CTI) under the approach of 5W1H framework. The actions of adoption, use and development of ICT by governs remain controversial between daily practice and legislation pro free technologies. The implementation of LATL aims to provide means to promote and empower government units in the use and development of free technologies and open standards for documents and data. The application of 5W1H model proved useful in the definition and evaluation of the actions of cause and effect in the implementation process of the laboratory. Resumo. Este artigo descreve o processo de implantação do Laboratório Aberto de Tecnologias Livres (LATL) no Centro de Tecnologia da Informação Renato Archer (CTI) sob o enfoque do modelo 5W1H. As ações de adoção, uso e desenvolvimento de TIC por governos continuam sendo controversas entre a prática vigente e a legislação pró tecnologias livres. A implantação do LATL visa proporcionar meios para promover e capacitar unidades de governo no uso e desenvolvimento de tecnologias livres e padrões abertos para documentos e dados. A aplicação do modelo 5W1H mostrou-se útil na definição e avaliação das ações de causa e efeito do processo de implantação do laboratório.

2016, Citeseer

Abstract: This document provides an overview of state of the art in intrusion and denial of service detection as well as reliability approaches for VoIP infrastructures. In this context we provide a brief overview of a general architecture of VoIP infrastructures and possible attack scenarios on the different components of such an infrastructure. Here we consider attack scenarios on VoIP servers utilizing the SIP signalling protocols, attacks on DNS and ENUM which are used for address resolution and STUN which is used for NAT traversal. Further, ...

2016

—IPSEC (Internet Protocol Security) is a network layer security protocol that is designed to support secure TCP/IP environment over the Internet considering flexibility, scalability, and interoperability. IPSEC primarily supports security among hosts rather than users unlike the other security protocols. Recently, IPSEC is emphasized as one of the important security infrastructures in the NGI (Next Generation Internet). It also has suitable features to implement VPN (Virtual Private Network) efficiently and its application areas are expected to grow rapidly. In this paper, the basic concepts and related standard documents of IPSEC will be introduced.

2015, Lecture Notes in Computer Science

Current techniques for the formal modeling analysis of DoS attacks do not adequately deal with amplification attacks that may target a complex distributed system as a whole rather than a specific server. Such threats have emerged for important applications such as the VoIP Session Initiation Protocol (SIP). We demonstrate a modelchecking technique for finding amplification threats using a strategy we call measure checking that checks for a quantitative assessment of attacker impact using term rewriting. We illustrate the effectiveness of this technique with a study of SIP. In particular, we show how to automatically find known attacks and verify that proposed patches for these attacks achieve their aim. Beyond this, we demonstrate a new amplification attack based on the compromise of one or more SIP proxies. We show how to address this threat with a protocol change and formally analyze the effectiveness of the new protocol against amplification attacks.