{"title":"基于SIP的多层安全VoIP架构","authors":"Basma Basem, A. Ghalwash, R. Sadek","doi":"10.7763/IJCTE.2015.V7.1002","DOIUrl":null,"url":null,"abstract":"VoIP faces many emerging attacks and threats. securing SIP based VoIP is a major challenging task, hence confidentiality, integrity, availability, as well as authenticity must be provided. Focusing on three main critical attacks targeting SIP based VoIP infrastructure, which are Denial of service (DoS), man-in-the middle attack, and Authenticity based attacks. In this paper the main contribution is providing a secure efficient multilayer security architecture based on open source applications (snort, snortsam and iptables, as well as OPENVPN Tunnel), The architecture provides a secure reliable VoIP services for the enterprise network, that have been deployed based on asterisk PBX. The proposed security architecture aims to prevent the mentioned critical attacks, to provide CIAA security services, by proposing an adaptive rule based queuing polices. QoS is a major challenge, the paper also provides an enhancement for the proposed architecture to minimize the delay for more efficient secure communication, as well as preventing zero day attacks by exploiting method and updating Snort DB with attack signatures. QoS factors have been measured using OPNET simulators. The proposed architecture gives promising results when it comes to attacks prevention with 0.01% better performance results compared to previous work.","PeriodicalId":306280,"journal":{"name":"International Journal of Computer Theory and Engineering","volume":"152 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2015-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"9","resultStr":"{\"title\":\"Multilayer Secured SIP Based VoIP Architecture\",\"authors\":\"Basma Basem, A. Ghalwash, R. Sadek\",\"doi\":\"10.7763/IJCTE.2015.V7.1002\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"VoIP faces many emerging attacks and threats. securing SIP based VoIP is a major challenging task, hence confidentiality, integrity, availability, as well as authenticity must be provided. Focusing on three main critical attacks targeting SIP based VoIP infrastructure, which are Denial of service (DoS), man-in-the middle attack, and Authenticity based attacks. In this paper the main contribution is providing a secure efficient multilayer security architecture based on open source applications (snort, snortsam and iptables, as well as OPENVPN Tunnel), The architecture provides a secure reliable VoIP services for the enterprise network, that have been deployed based on asterisk PBX. The proposed security architecture aims to prevent the mentioned critical attacks, to provide CIAA security services, by proposing an adaptive rule based queuing polices. QoS is a major challenge, the paper also provides an enhancement for the proposed architecture to minimize the delay for more efficient secure communication, as well as preventing zero day attacks by exploiting method and updating Snort DB with attack signatures. QoS factors have been measured using OPNET simulators. The proposed architecture gives promising results when it comes to attacks prevention with 0.01% better performance results compared to previous work.\",\"PeriodicalId\":306280,\"journal\":{\"name\":\"International Journal of Computer Theory and Engineering\",\"volume\":\"152 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2015-12-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"9\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"International Journal of Computer Theory and Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.7763/IJCTE.2015.V7.1002\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Computer Theory and Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.7763/IJCTE.2015.V7.1002","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
VoIP faces many emerging attacks and threats. securing SIP based VoIP is a major challenging task, hence confidentiality, integrity, availability, as well as authenticity must be provided. Focusing on three main critical attacks targeting SIP based VoIP infrastructure, which are Denial of service (DoS), man-in-the middle attack, and Authenticity based attacks. In this paper the main contribution is providing a secure efficient multilayer security architecture based on open source applications (snort, snortsam and iptables, as well as OPENVPN Tunnel), The architecture provides a secure reliable VoIP services for the enterprise network, that have been deployed based on asterisk PBX. The proposed security architecture aims to prevent the mentioned critical attacks, to provide CIAA security services, by proposing an adaptive rule based queuing polices. QoS is a major challenge, the paper also provides an enhancement for the proposed architecture to minimize the delay for more efficient secure communication, as well as preventing zero day attacks by exploiting method and updating Snort DB with attack signatures. QoS factors have been measured using OPNET simulators. The proposed architecture gives promising results when it comes to attacks prevention with 0.01% better performance results compared to previous work.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
