Ändra sökning
Avgränsa sökresultatet
10111213 601 - 623 av 623
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Träffar per sida
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sortering
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
Markera
Maxantalet träffar du kan exportera från sökgränssnittet är 250. Vid större uttag använd dig av utsökningar.
  • 601.
    Zhang, Ge
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    An analysis for anonymity and unlinkability for a VoIP conversation2009Ingår i: PRIVACY AND IDENTITY MANAGEMENT FOR LIFE, 2009, s. 198-212Konferensbidrag (Refereegranskat)
    Abstract [en]

    With the growth of its popularity, more and more VoIP services are deployed in the Internet nowadays. Similarly to other Internet applications, VoIP users may desire to be unlinkable with their participated VoIP session records for privacy issues. In this paper, we explore the Items of Interests (IOIs) from anonymization aspects based on a simplified VoIP model and analyze the potential links between them. We address possible methods to break the links. Finally, we also discuss requirements for a VoIP Anonymization Service (VAS)

  • 602.
    Zhang, Ge
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Analyzing Key-Click Patterns of PIN Input for Recognizing VoIP Users2011Ingår i: Future Challenges in Security and Privacy for Academia and Industry / [ed] Camenisch, J.; Fischer-Hübner, S.; Murayama, Y.; Portmann, A.; Rieder, C., Springer-Verlag New York, 2011, s. 247-258Konferensbidrag (Refereegranskat)
    Abstract [en]

    Malicious intermediaries are able to detect the availability of VoIP conversation flows in a network and observe the IP addresses used by the conversation partners. However, it is insufficient to infer the calling records of a particular user in this way since the linkability between a user and a IP address is uncertain: users may regularly change or share IP addresses. Unfortunately, VoIP flows may contain human-specific features. For example, users sometimes are required to provide Personal identification numbers (PINs) to a voice server for authentication and thus the key-click patterns of entering a PIN can be extracted from VoIP flows for user recognition. We invited 31 subjects to enter 4-digital PINs on a virtual keypad of a popular VoIP user-agent with mouse clicking. Employing machine learning algorithms, we achieved average equal error rates of 10-29% for user verification and a hitting rate up to 65% with a false positive rate around 1% for user classification.

  • 603.
    Zhang, Ge
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Timing Attacks on a Centralized Presence Model2011Ingår i: IEEE International Conference on Communications 2011, IEEE Press, 2011, s. 1-5Konferensbidrag (Refereegranskat)
    Abstract [en]

    Presence information (PI) represents the updated status, context and willingness of communication partners in Voice over IP systems. For instance, the action that Alice switches her status (e.g., from "idle" to "busy") will trigger PI messages to notify her buddies this change. In a centralized presence service system, presence communications are managed by a presence server based on users' buddylists. The privacy concern in this paper is that networking intermediaries, as adversaries, might be able to profile the buddy-relationship among the users by utilizing message arrival time. We found that the threat cannot be totally eliminated even if the server processes messages in batches. Attackers might observe the traffic in several rounds and thus profile the results. In this paper, we introduce the attacks and discuss potential countermeasures.

  • 604.
    Zhang, Ge
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Towards Secure SIP Signalling Service for VoIP applications: Performance-related Attacks and Preventions2009Licentiatavhandling, sammanläggning (Övrigt vetenskapligt)
    Abstract [en]

    Current Voice over IP (VoIP) services are regarded less secure than the traditional public switched telephone network (PSTN). This is due to the fact that VoIP services are frequently deployed in an relatively open environment so that VoIP infrastructures can be easily accessed by potential attackers. Furthermore, current VoIP services heavily rely on other public Internet infrastructures shared with other applications. Thus, the vulnerabilities of these Internet infrastructures can affect VoIP applications as well. Nevertheless, deployed in a closed environment with independent protocols, PSTN has never faced similar risks.

    The main goal of this licentiate thesis is the discussion of security issues of the Session Initiation Protocol (SIP), which serves as a signalling protocol for VoIP services. This work especially concentrates on the security risks of SIP related to performance. These risks can be exploited by attackers in two ways: either actively or passively. The throughput of a SIP proxy can be actively manipulated by attackers to reduce the availability of services. It is defined as Denial of Service (DoS) attacks. On the other hand, attackers can also profile confidential information of services (e.g., calling history) by passively observing the performance of a SIP proxy. It is defined as a timing attack. In this thesis, we carefully studied four concrete vulnerabilities existing in current SIP services, among which, three of them can lead to DoS attacks and one can be exploited for timing attacks. The results of our experiments demonstrate that these attacks can be launched easily in the real applications.

    Moreover, this thesis discusses different countermeasure solutions for the attacks respectively. The defending solutions have all in common that they are influencing the performance, by either enhancing the performance of the victim during a DoS attack, or abating the performance to obscure the time characteristic for a timing attack. Finally, we carefully evaluated these solutions with theoretical analyses and concrete experiments.

  • 605.
    Zhang, Ge
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Unwanted Traffic and Information Disclosure in VoIP Networks: Threats and Countermeasures2012Doktorsavhandling, sammanläggning (Övrigt vetenskapligt)
    Abstract [en]

    The success of the Internet has brought significant changes to the telecommunication industry. One of the remarkable outcomes of this evolution is Voice over IP (VoIP), which enables realtime voice communications over packet switched networks for a lower cost than traditional public switched telephone networks (PSTN). Nevertheless, security and privacy vulnerabilities pose a significant challenge to hindering VoIP from being widely deployed. The main object of this thesis is to define and elaborate unexplored security and privacy risks on standardized VoIP protocols and their implementations as well as to develop suitable countermeasures. Three research questions are addressed to achieve this objective:

    Question 1:  What are potential unexplored threats in a SIP VoIP network with regard to availability, confidentiality and privacy by means of unwanted traffic and information disclosure?

    Question 2:  How far are existing security and privacy mechanisms sufficient to counteract these threats and what are their shortcomings?

    Question 3:  How can new countermeasures be designed for minimizing or preventing the consequences caused by these threats efficiently in practice?

    Part I of the thesis concentrates on the threats caused by "unwanted traffic", which includes Denial of Service (DoS) attacks and voice spam. They generate unwanted traffic to consume the resources and annoy users. Part II of this thesis explores unauthorized information disclosure in VoIP traffic. Confidential user data such as calling records, identity information, PIN code and data revealing a user's social networks might be disclosed or partially disclosed from VoIP traffic. We studied both threats and countermeasures by conducting experiments or using theoretical assessment. Part II also presents a survey research related to threats and countermeasures for anonymous VoIP communication.

  • 606.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Berthold, Stefan
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Hidden VoIP Calling Records from Networking Intermediaries2010Konferensbidrag (Refereegranskat)
    Abstract

    While confidentiality of telephone conversation contents has recently received considerable attention in Internet telephony (VoIP), the protection of the caller--callee relation is largely unexplored. From the privacy research community we learn that this relation can be protected by Chaum's mixes. In early proposals of mix networks, however, it was reasonable to assume that high latency is acceptable. While the general idea has been deployed for low latency networks as well, important security measures had to be dropped for achieving performance. The result is protection against a considerably weaker adversary model in exchange for usability. In this paper, we show that it is unjustified to conclude that low latency network applications imply weak protection. On the contrary, we argue that current Internet telephony protocols provide a range of promising preconditions for adopting anonymity services with security properties similar to those of high latency anonymity networks. We expect that implementing anonymity services becomes a major challenge as customer privacy becomes one of the most important secondary goals in any (commercial) Internet application.

  • 607.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Cheng, Feng
    Meinel, Christoph
    SIMPA: A SIP-based Mobile Payment Architecture2008Konferensbidrag (Refereegranskat)
    Abstract [en]

    In recent years, many mobile payment (MP) schemes have been proposed and used in practise. However, a prerequisite for extended acceptance and adoption of MP technologies is to deploy an effective MP system. So far, there is no such a standardised and scalable MP platform. Most current MP schemes are circumscribed by its mobile network infrastructures. Fortunately, the fast advancement of 3G technology equips next generation mobile phone network more benefits. Following this direction, we propose SIMPA - A SIP-based Mobile Payment Architecture for next generation mobile network, which not only supports P2P payment communications between customers and merchants using Session Initiation Protocol (SIP), but also supports several traditional Internet security protocols, to enhance privacy, confidentiality and integrity during the transaction. This paper depicts detailed protocol and system architecture of SIMPA. Some application examples from customers' view are shown to demonstrate its function and feature

  • 608.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Cheng, Feng
    Meinel, Christoph
    Towards Secure Mobile Payment Based on SIP2008Konferensbidrag (Refereegranskat)
    Abstract [en]

    Mobile payment has some unique advantages over more traditional payment methods in, for example, TV shopping and mobile multimedia services. Unfortunately, most existing mobile payment solutions rely heavily on underlying communication infrastructures, which are platform-dependent and have no unified implementation criteria. This limitation is reducing, however, through the rapid spread of the Voice over IP (VoIP) telephony service and its integration with mobile phones. The Session Initiation Protocol (SIP) is currently the standard signalling protocol of VoIP. Mobile payment is expected to be implemented and deployed in an SIP environment in order to keep pace with the evolution of the mobile phone network. The goal of this paper is firstly to propose a new mobile payment scheme based on SIP. The protocol of the proposed framework is thoroughly analysed. Secondly, we evaluate security issues and propose enhanced solutions to make this new framework applicable in practise

  • 609.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Peer-to-Peer VoIP Communications Using Anonymisation Overlay Networks2010Ingår i: Communications and Multimedia Security: Proceedings of the 11th IFIP TC 6/TC 11, CMS2010, international conference on Communications and Multimedia Security / [ed] De Decker, Bart; Schaumüller-Bichl, Ingrid, Berlin: Springer , 2010, s. 130-141Konferensbidrag (Refereegranskat)
    Abstract [en]

    Nowadays, Voice over Internet Protocol (VoIP) which enables voice conversation remotely over packet switched networks gains much attentions for its low costs and flexible services. However, VoIP calling anonymity, particularly to withhold who called whom, is difficult to achieve since VoIP infrastructures are usually deployed in an open networking environment (e.g., the Internet). Our work studies an anonymisation overlay network (AON) based solution to prevent surveillance from external attackers, who are able to wiretap the communication channels as well as to manipulate voice packets in the channels. However, it has been demonstrated that the VoIP combined with traditional AONs are vulnerable to two attacks, namely watermark attack and complementary matching attack. Taking these two attacks into account, we investigate the defensive dropping method in VoIP: A VoIP user-agent sends packets to an AON in a constant rate, but packets during periods of silence are marked. Then, the AON drops some silence packets and forwards the remaining ones to their destinations. The result of our experiments shows that the dropping rate must be carefully selected to counteract both of the two attacks. Finally, we discuss further threats in terms of this solution

  • 610.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Bezzi, Michele
    Duquenoy, Penny
    Hansen,, Marit
    Privacy and Identity Management for Life: 5th IFIP primelife international summer school revised selected papers2010Konferensbidrag (Refereegranskat)
  • 611.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Pallares, Jordi Jaen
    Rebahi, Yacine
    SIP Proxies: New Reflectors? Attacks and Defenses2010Konferensbidrag (Refereegranskat)
    Abstract

    To mitigate identity theft in SIP networks, an inter-domain authentication mechanism based on certificates is proposed in RFC 4474 [10]. Unfortunately, the design of the certificate distribution in this mechanism yields some vulnerabilities. In this paper, we investigate an attack which exploits SIP infrastructures as reflectors to bring down a web server. Our experiments demonstrate that the attacks can be easily mounted. Finally, we discuss some potential methods to prevent this vulnerability

  • 612.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer-Huebner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Detecting Near-Duplicate SPITs in Voice Mailboxes Using Hashes2011Ingår i: Proceedings of the 14th international conference on Information security ISC'11, Berlin: Springer Berlin/Heidelberg, 2011, s. 152-167Konferensbidrag (Refereegranskat)
    Abstract [en]

    Spam over Internet Telephony (SPIT) is a threat to the use of Voice of IP (VoIP) systems. One kind of SPIT can make unsolicited bulk calls to victims' voice mailboxes and then send them a prepared audio message. We detect this threat within a collaborative detection framework by comparing unknown VoIP flows with known SPIT samples since the same audio message generates VoIP flows with the same flow patterns (e.g., the sequence of packet sizes). In practice, however, these patterns are not exactly identical: (1) a VoIP flow may be unexpectedly altered by network impairments (e.g., delay jitter and packet loss); and (2) a sophisticated SPITer may dynamically generate each flow. For example, the SPITer employs a Text-To-Speech (TTS) synthesis engine to generate a speech audio instead of using a pre-recorded one. Thus, we measure the similarity among flows using local-sensitive hash algorithms. A close distance between the hash digest of flow x and a known SPIT suggests that flow x probably belongs the same bulk of the known SPIT. Finally, we also experimentally study the detection performance of the hash algorithms

  • 613.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer-Huebner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap. Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Centrum för HumanIT.
    Timing Attacks on PIN Input in VoIP Networks: Short paper2011Ingår i: Detection of Intrusions and Malware, and Vulnerability Assessment: 8th International Conference, DIMVA 2011 / [ed] Holz, Thorsten; Bos, Herbert, Berlin: Springer Berlin/Heidelberg, 2011, s. 75-84Konferensbidrag (Refereegranskat)
    Abstract [en]

    To access automated voice services, Voice over IP (VoIP) users sometimes are required to provide their Personal Identification Numbers (PIN) for authentication. Therefore when they enter PINs, their user-agents generate packets for each key pressed and send them immediately over the networks. This paper shows that a malicious intermediary can recover the inter-keystroke time delay for each PIN input even if the standard encryption mechanism has been applied. The inter-keystroke delay can leak information of what has been typed: Our experiments show that the average search space of a brute force attack on PIN can be reduced by around 80%.

  • 614.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer-Hübner, Simone
    Karlstads universitet, Institutionen för informationsteknologi.
    A survey on anonymous voice over IP communication: attacks and defenses2019Ingår i: Electronic Commerce Research, ISSN 1389-5753, E-ISSN 1572-9362, ISSN 1389-5753, Vol. 19, nr 3, s. 655-687Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    Anonymous voice over IP (VoIP) communication is important for many users, in particular, journalists, human rights workers and themilitary. Recent research work has shown an increasing interest in methods of anonymous VoIP communication. This survey starts by introducing and identifying the major concepts and challenges in this field. Then we review anonymity attacks on VoIP and the existing work done to design defending strategies. We also propose a taxonomy of attacks and defenses. Finally, we discuss possible future work.

  • 615.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer-Hübner, Simone
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap (from 2013).
    Counteract DNS Attacks on SIP Proxies Using Bloom Filters2013Ingår i: 2013 International Conference on Availability, Reliability and Security, IEEE, 2013, s. 678-684Konferensbidrag (Refereegranskat)
    Abstract [en]

    SIP proxies play an important part in VoIP services. A Denial of Service (DoS) attack on them may cause the failure of the whole network. We investigate such a DoS attack by exploiting DNS queries. A SIP proxy needs to resolve domain names for processing a message. However, a DNS resolution may take a while. To avoid being blocked, a proxy suspends the processing task of the current message during its name resolution, so that it can continue to deal with other messages. Later when the answer is received, the suspended task will be resumed. It is an asynchronous implementation of DNS queries. Unfortunately, this implementation consumes memory storage and also brings troubles like a race condition. An attacker can collect a list of domain names which take seconds to resolve. Then, the attacker sends to a victim SIP proxy messages which contain these domain names. As a result, the victim proxy has to suspend a number of messages in a short while. Our experiments show that a SIP proxy can be easily crashed by such an attack and thus be not available anymore. To solve the problem, we analyzed the reasons that make a DNS query time-consuming, and then proposed a prevention scheme using bloom filters to blacklist suspicious DNS authoritative servers. Results of our experiments show it efficiently mitigates the attack with a reasonable false positive rate.

  • 616.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer-Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Ehlert, Sven
    Blocking attacks on SIP VoIP proxies caused by external processing2010Ingår i: Telecommunications Systems, ISSN 1018-4864, E-ISSN 1572-9451, Vol. 45, nr 1, s. 61-76Artikel i tidskrift (Refereegranskat)
  • 617.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Fischer-Hübner, Simone
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Martucci, Leonardo A.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Ehlert, Sven
    Fraunhofer FOKUS, Berlin, Germany.
    Revealing the calling history on SIP VoIP systems by timing attacks2009Ingår i: Proceedings of the 4th International Conference on Availability, Reliability and Security (ARES 2009), IEEE Press, IEEE Computer Society, 2009, s. 135-142Konferensbidrag (Refereegranskat)
    Abstract [en]

    Many emergent security threats which did not exist in the traditional telephony network are introduced in SIP VoIP services. To provide high-level security assurance to SIP VoIP services, an inter-domain authentication mechanism is defined in RFC 4474. However, this mechanism introduces another vulnerability: a timing attack which can be used for effectively revealing the calling history of a group of VoIP users. The idea here is to exploit the certificate cache mechanisms supported by SIP VoIP infrastructures, in which the certificate from a caller's domain will be cached by the callee's proxy to accelerate subsequent requests. Therefore, SIP processing time varies depending whether the two domains had been into contact beforehand or not. The attacker can thus profile the calling history of a SIP domain by sending probing requests and observing the time required for processing. The result of our experiments demonstrates that this attack can be easily launched. We also discuss countermeasures to prevent such attacks

  • 618.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Pallares, Jordi Jaen
    Rebahi, Yacine
    Fischer-Hübner, Simone
    Karlstads universitet, Institutionen för informationsteknologi.
    SIP Proxies: New Reflectors in the Internet2010Ingår i: Communications and Multimedia Security: 11th IFIP TC 6/TC 11 International Conference, CMS 2010, Linz, Austria, May 31 – June 2, 2010. Proceedings, Springer, 2010, s. 142-153Konferensbidrag (Refereegranskat)
    Abstract [en]

    To mitigate identity theft in SIP networks, an inter-domain authentication mechanism based on certificates is proposed in RFC 4474 [10]. Unfortunately, the design of the certificate distribution in this mechanism yields some vulnerabilities. In this paper, we investigate an attack which exploits SIP infrastructures as reflectors to bring down a web server. Our experiments demonstrate that the attacks can be easily mounted. Finally, we discuss some potential methods to prevent this vulnerability.

  • 619.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Rebahi, Yacine
    Side effects of identity management in SIP VoIP environment2011Ingår i: Information Security Technical Report, ISSN 1363-4127, Vol. 16, nr 1, s. 29-35Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    In this article, we summarize the security threats targeting SIP proxy servers or other infrastructures in NGN by misusing a specific signaling authentication mechanism, which has been proposed in RFC 4474 (Peterson and Jennings, 2006). This mechanism is designed to authenticate inter-domain SIP requests based on domain certificates to prevent identity theft. Nevertheless, despite its contribution, this protection raises some “side effects”, that actually lead to new vulnerabilities in both the availability and confidentiality of SIP services. We provide an overview of different attack possibilities and explain them in more detail, including attacks utilizing algorithm complexity, certificates storage, and certificates distribution. We also suggest some alternative design to prevent or reduce the attacks. SIP, VoIP, NGN, Authentication, Denial of Service, Timing attack.

  • 620.
    Zhang, Ge
    et al.
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Rebahi, Yacine
    Tuan Minh, Nguyen
    Performance Analysis of Identity Management in the Session Initiation protocol (SIP)2009Ingår i: Communications of the ACS, ISSN 2090-102X, Vol. 2, nr 001Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    The Session Initiation Protocol (SIP) is a standard for managing IP multimedia sessions in the Internet. Identity management in SIP is a crucial security field that deals with identifying users in SIP networks and controlling their access to the corresponding resources. RFC 4474 describes a mechanism, based on certificates, for dealing with the SIP users identities. This RFC recommends the use of the RSA algorithm as it is currently the most popular public key cryptography system. The proliferation of small and simple devices as well as the need to increase the capacity of the SIP servers to handle the increasing VoIP traffic will make continued reliance on RSA more challenging over time. In this paper, we describe our implementation of the current RFC 4474, our integration of elliptic curves cryptography into this RFC and show that the corresponding performance is much more significant than the one where RSA is used. This paper can be considered as a first step in standardizing the use of elliptic curves in the identity management for SIP

  • 621.
    Zhou, Shuqiao
    et al.
    Tsinghua University.
    Yuan, Ruixi
    Tsinghua University.
    Dely, Peter
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Kassler, Andreas
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Mitigating Control Channel Saturation in the Dynamic Channel Assignment Protocol2011Ingår i: JCIT: Journal of Convergence Information Technology, ISSN 2233-9299, Vol. 6, nr 6, s. 271-281Artikel i tidskrift (Refereegranskat)
    Abstract [en]

     Multi-channel MAC protocols that rely on a dedicated control channel (CC) for data channel reservation face the problem of control channel saturation. When the control channel becomes the bottleneck, data channels are not fully utilized and the spectrum allocated for the network is not used efficiently. For a popular dedicated control channel based multi-channel MAC protocol, the dynamic channel assignment protocol (DCA), we propose and compare two methods for mitigating control channel saturation. The first method is based on the ability of modern wireless cards to use different channel bandwidths. Increasing the bandwidth of the CC allows higher transmission rates and thereby relieves the saturation on the CC. The second method involves TXOP (Transmission Opportunity)-like burst-transmissions, where several date packets are transmitted using one reservation operation on the control channel. Network simulations and analysis show that, in an 802.11 based network, the bandwidth adaptation method yields a throughput improvement of around 30%. The TXOP mechanism performs much better and increases the throughput by a factor of 2 to 10, depending on the length of the data packets.

  • 622. Zola, Enrica
    et al.
    Dely, Peter
    Karlstads universitet, Fakulteten för hälsa, natur- och teknikvetenskap (from 2013), Institutionen för matematik och datavetenskap.
    Kassler, Andreas
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Barcelo-Arroyo, Francisco
    Robust Association for Multi-radio Devices under Coverage of Multiple Networks2013Konferensbidrag (Refereegranskat)
  • 623.
    Zola, Enrica
    et al.
    UPC, Dept Network Engn, Barcelona, Spain.
    Kassler, Andreas
    Karlstads universitet, Fakulteten för ekonomi, kommunikation och IT, Avdelningen för datavetenskap.
    Energy Efficient Virtual Machine Consolidation under Uncertain Input Parameters for Green Data Centers2015Ingår i: 2015 IEEE 7th International Conference on Cloud Computing Technology and Science (CloudCom), IEEE, 2015, s. 436-439Konferensbidrag (Refereegranskat)
    Abstract [en]

    Reducing the energy consumption of data centers and the Cloud is very important in order to lower CO2 footprint and operational cost (OPEX) of a Cloud operator. To this extent, it becomes crucial to minimise the energy consumption by consolidating the number of powered-on physical servers that host the given virtual machines (VMs). In this work, we propose a novel approach to the energy efficient VM consolidation problem by applying Robust Optimisation Theory. We develop a mathematical model as a robust Mixed Integer Linear Program under the assumption that the input to the problem (e.g. resource demands of the VMs) is not known precisely, but varies within given bounds. A numerical evaluation shows that our model allows the Cloud Operator to tradeoff between the power consumption and the protection from more severe and unlikely deviations of the uncertain input.

10111213 601 - 623 av 623
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf