원문정보
초록
영어
Voice-over-IP (VoIP) is being widely used to packetize and relay voice information over existing IP networks. Due to the cheaper costs involved in using VoIP as opposed to traditional PSTN networks it is quickly gaining momentum and has seen widespread use in both personal and business domains. If this technology is to grow and gain over normal phone calls it must fulfill certain conditions that Public Switched Telephone Networks (PSTN) currently provide. Since VoIP uses the same routes used by normal Internet traffic, it is prone to a wide range of security threats, similar to those faced by normal packet data. These include, but are not limited to, Denial of Service (DoS), intruders in the network who either eavesdrop or are able to make free calls, man-in-the-middle attacks, etc. It thus becomes imperative that a protocol be developed that is able to both guard against and take corrective action in the event of the occurrence of any attack. In this paper we propose a protocol that detects and prevents the occurrence of a distributed Denial of Service (DDoS) attack. It also enforces security mechanisms to ensure that an attacker has not gained access to a user's password and thus making illegitimate calls. We develop a trust mechanism that can be used to detect an attacker in the network. The protocol has been rigorously examined through a wide range of experiments and the results have been found to be quite promising.
목차
1. Introduction
1.1 Denial of Service
1.2 Flash Crowds
1.3 Related Work
2. The System Model
2.1 The Network Model
2.2 Preventing an Attack
2.3 Detecting an Attacker
3. Frame Formats
3.1 The Alert Packet
3.2 The User Information Packet
4. Experimental Evaluation
4.1 Varying the Network Size
4.2 Effect of Attack Interval on the Occurrence of an Attack
4.3 Quality of Service – Packet Loss against Network Size
5. Conclusions
References