• Proceedings of the Korean Information Science Society Conference
• /
• 2011.06d
• /
• pp.215-218
• /
• 2011

VoIP(Voice over Internet Protocol) 서비스는 기존의 음성전화 서비스(Public Switched Telephone Network, PSTN)와 달리 IP 프로토콜을 이용한 저렴한 통신비용 등의 장점이 있는 음성통신 기술로써, 기존의 아날로그 음성전화 서비스를 대신하는 서비스이며, 새로운 인터넷 융합서비스로 많은 사용자가 이용하고 있다. 하지만 VoIP 서비스가 인터넷망을 이용함으로 IP Spoofing, DoS (Denial of Server) / DDoS(Distributed Denial of Service), 등의 여러 가지 보안의 문제점을 가지고 있다. VoIP 서비스에서 DDoS 공격은 Proxy 서버 등에 대량의 공격 메시지를 보냄으로써 서버의 자원을 고갈시켜 정상적인 서비스를 하지 못하게 한다. DoS, DDoS 공격 중 Invite Flooding 공격은 1분에 수천 개의 Invite 메시지를 보내 회선의 자원을 고갈시키는 공격이다. 특히 IP/Port 위조하여 공격 경우 공격 패킷 탐지하기 어려우므로 차단할 수 없다. 따라서 본 논문에서는 VoIP의 DoS/DDoS 중 하나인 Invite Flooding 공격 시 SIP Proxy Server에서 메시지 분산시키는 방법과 MAC Address와 사용자 번호 등 IP 이외의 고정적인 사용자 정보를 확인하여 공격을 탐지하고, 공격 Agent에 감염된 Phone을 공격차단서비스로 보내 복구시키는 방법을 제안한다.

• Journal of the Korea Society for Simulation
• /
• v.19 no.4
• /
• pp.51-58
• /
• 2010

SIP is a flexible and extensible call setup protocol that may be combined with other protocols used in the Internet to make various services like voice communication. Voice communication can be classified into normal calls used for communication between common users and emergency calls for 112, 119 and other services through public safety networks. It is required to research to process effectively these normal calls and emergency calls through public networks such as the Internet. In this paper, we propose a bypass scheme for emergency calls by giving priority to INVITE messages for them and processing them with priority in the SIP proxy queue. We perform simulation studies using the network simulator ns-2 for the performance evaluation. Simulation results show that the proposed scheme processes emergency calls faster than normal calls and thus it is expected to make a special purpose network like the national disaster network efficiently by using the existing Internet.

• 한국IT서비스학회:학술대회논문집
• /
• 2008.05a
• /
• pp.590-593
• /
• 2008

본 논문에서는 SIP 기반의 VoIP 서비스에서 발생 가능한 스팸 위협중 도청을 이용하여 Redirect 서버에서 Proxy 서버로 송신되는 패킷을 불법적으로 위 변조하여 공격하는 기법의 시나리오와 이를 차단하기 위해 발신자 인증 기법을 제안하였다. UAC가 상대편 UAS에게 INVITE 메시지를 송신할 때 Proxy 서버에서 UAS와 연결되어 있는 Proxy 서버의 주소를 알지 못한다면 Redirect 서버에서 질의를 해야 하는데 그때 Redirect 서버는 302 메시지에 Proxy 서버가 요청한 주소를 실어 보내게 된다. 이 302 메시지 패킷을 스패머가 위 변조 할 경우 Proxy 서버는 잘못된 주소가 포함된 INVITE 메시지를 생성하게 되고 스패머와 RTP 세션이 열릴수 있다. 따라서 본 논문에서는 이를 차단하기 위해 인증 메시지가 포함된 ACK 메시지를 정의하여 인증 시스템을 설계하였다.

• Journal of Korea Multimedia Society
• /
• v.15 no.8
• /
• pp.1038-1047
• /
• 2012

The SIP(Session Initation Protocol) is an application layer protocol that is used to establish, release, and change the call session of the IP telephony. In the SIP signalling networks, when the number of the UA(User Agent) requested the call session increase, the number of messages to be processed by SIP proxy server increase. It often will be caused the overload of the SIP proxy server. In this paper, we proposed the overload control method with a normal queue and a delay queue in the SIP proxy server. When it is estimated the overload of the server by the excess of the high threshold in the normal queue, new INVITE messages will be put into the delay queue to reduce the load of the server. It results in some delay of the call session from the INVITE message. Subsequently when the number of messages in the normal queue is reduced below the low threshold, the INVITE messages in the delay queue is processed. The simulation results showed that the number of the retransmission messages by our proposed method was 45% less than the one by the method with single queue. The results also showed that the average call success rate by the proposed method was 2% higher than the one by the method with single queue.

• The Journal of Korean Institute of Communications and Information Sciences
• /
• v.34 no.8B
• /
• pp.797-804
• /
• 2009

Recently, SIP(Session Initiation Protocol) is used to set up and manage sessions for multimedia applications such as VoIP(Voice over IP) and IMS(IP Multimedia Subsystem). However, because SIP operates over the Internet, it is exposed to pre-existed internet security threats such as service degradation or service disruptions. Multimedia applications which are delay sensitive even suffers more from the threats mentioned above. The proposed methods so far to detect SIP INVITE flooding are CUSUM(Cumulative Sum), Hellinger distance and adaptive threshold, but among methods only take normal state into consideration. So, it is not capable of adapting the condition of the network congestion which are dynamically changing. In this paper, SIP INVITE flooding detection algorithm considering network congestion which enables efficient detections of such attacks is proposed. The proposed algorithm is expected to detect other types of attacks such as BYE and CANCEL more precisely compared to other methods.

• Journal of the Korea Society for Simulation
• /
• v.19 no.4
• /
• pp.43-50
• /
• 2010

Recently, the Internet telephony has been used rather than the traditional telephony by many Internet users, with low cost. Session Initiation Protocol(SIP) is the standard of application layer protocol for establishment and disconnection of the session for Internet telephony. SIP mainly runs over the UDP for transport. So in case of the loss of the INVITE request message, the message is retransmitted by an appropriate timer for reliable transmission of the UDP message. Though the retransmission is useful for ensuring the reliability of SIP messages sent by the users, it may cause the overload traffic in the SIP proxy server. The overload in SIP proxy servers results in the loss of many input messages. This paper presents a non-linear overload control algorithm to resolve the overload condition of the server. we simulate our proposed algorithm using the network simulator ns-2. The simulation results show that the throughput of the server with the proposed algorithm have been improved about 12% compared to the existing linear control algorithm.

• The KIPS Transactions:PartC
• /
• v.11C no.3
• /
• pp.371-378
• /
• 2004

SIP(Session Initiation Protocol) is a text based call signaling protocol that has characteristics such as flexibilities and extensibility for various application services over Internet. In this paper, we have implemented SIP based integrated Instant Messenger system which includes Presence Watcher Information service that can notify various current users status. In this system, voice and video communications are also possible as well as text based instant messages. For voice and video communication, we have newly proposed a method in which direct connection is possible between users without creation of SW INVITE dialog by extending PRESENCE TUPLE of presence information. In this case, PRESENCE TUPLE stores some informations necessary for the session.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2016.10a
• /
• pp.250-253
• /
• 2016

Car black box is saved in the video recording important to determine the cause of the accident caused a traffic accident occurred. Remote monitoring of the current black box may be monitored or transmitted to shock your smartphone as a yourself. It complements if the parties to an accident lost per injury due to an accident or mind when responding to spend the "INVITE" message using the SIP visual communication in messanger applications "Notify" to inform transferring video to a message acquaintances to check Video the accident to identify the location and check the contents and to implement and research that can respond quickly.

• Korean journal of communication and information
• /
• v.36
• /
• pp.399-422
• /
• 2006

Whether to reduce the current 'screen quota' for domestic films in conjunction with the FTA discussions between Korea and the United States is one of the hotly debated issues in Korea. Using Toulmin's Argumentation Model, this study attempts to trace the use of data and warrants for each pro and con claims as portrayed in newspaper editorial columns and to find its rhetorical significance. A total of 67 editorial columns were collected from 9 nationwide news dailies in Korea for the purpose. The rhetorical analysis of those articles showed that the major warrants used in each pro and con opinion were absent of the potential issues of the opponents, which inherently fails to invite rebuttals from the opposite sides. This conceptual wall in each argumentation models implies an inactive conversation and subsequent absence of clash between the pro and con argumentation fields. It is thus suggested for opinion writers to find more adequate evidences to support the data and warrants to hold persuasive power of their respective claims, ultimately to enhance the public discourse among citizens.