• The Journal of the Institute of Internet, Broadcasting and Communication
• /
• v.10 no.6
• /
• pp.63-69
• /
• 2010

Today, Internet Telephony Services based on VoIP are gaining tremendous popularity for general user. Therefore a various demands of the user keep up increase, the most important requirements of these is voice security about telephony system. It is needed to ensure secret of voice call in a special situation. Due to the fact that many users can connect to the internet at the same time, VoIP can always be in a defenseless state by hackers. Therefore, in this paper, we have developed VPN IP-PBX for the voice security and measured conversation quality by adopting VPN IPsec based on SIP and using tunnel method in transmitting voice data to prevent eavesdrop of voice data. This VPN IP-PBX that is connected Soft-phone provide various optional services.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.15 no.10
• /
• pp.2164-2170
• /
• 2011

Rapid surge in date quantity lead to increase in storage demand from corporate. The existing SAN with fiber channel is being changed to IP-based SAN environment due to installment and maintenance cost. But the IP-based network still have some similar security problems as existing TCP/IP network. Also, for the security reasons of storage traffic, data are encrypted, but with the existing system, data larger than 10G can't be handled. To address security and speed issue, this paper proposes to a structure applied to IP SAN environment with Parallel Structure Word-based FSR (PS-WFSR) as hardware.

• Proceedings of the KIEE Conference
• /
• 2004.11c
• /
• pp.123-125
• /
• 2004

The importance for Internet security has being increased and the Internet Protocol Security (IPSec) standard, which incorporates cryptographic algorithms, has been developed as one solution to this problem. IPSec provides security services in IP-Layer using IP Authentication Header (AH) and IP Encapsulation Security Payload (ESP). In this paper, we propose IPSec cryptographic processor design based AMBA architecture. Our design which is comprised Rijndael cryptographic algorithm and HAMC-SHA-1 authentication algorithm supports the cryptographic requirements of IP AH, IP ESP, and any combination of these two protocols. Also, our IPSec cryptographic processor operates as AMBA AHB Slave. We designed IPSec cryptographic processor using Xilinx ISE 5.2i and VHDL, and implemented our design using Xilinx's FPGA Vertex XCV600E.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.12
• /
• pp.3366-3383
• /
• 2012

Reliance on the Internet has introduced Voice over Internet Protocol (VoIP) to various security threats. A reliable security protocol and an authentication scheme are thus required to prevent the aforementioned threats. However, an authentication scheme often demands additional cost and effort. Accordingly, a security framework for known participants in VoIP communication is proposed in this paper. The framework is known as Randomness-Optimized Self-Securing (ROSS), which performs authentication automatically throughout the session by optimizing the uniqueness and randomness of the communication itself. Elliptic Curve Diffie-Hellman (ECDH) key exchange and Salsa20 stream cipher are utilized in the framework correspondingly to secure the key agreement and the communication with low computational cost. Human intelligence supports ROSS authentication process to ensure participant authenticity and communication regularity. The results show that with marginal overhead, the proposed framework is able to secure VoIP communication by performing reliable authentication.

• Journal of the Korea Society of Computer and Information
• /
• v.14 no.7
• /
• pp.65-72
• /
• 2009

This paper proposed VCR cryptographic algorithm that adapted in TCP/IP protocol architecture and wire/wireless communication network environments. we implemented by hardware chip level because proposed VCR cryptographic algorithm perform scalable & reconfigurable operations into the security system. Proposed VCR cryptographic algorithm strengthens security vulnerability of TCP/IP protocol and is very profitable real-time processing and encipherment of high-capacity data and multi-user communication because there is important purpose to keep security about many user as that have variable round numbers function in network environments.

• The KIPS Transactions:PartC
• /
• v.14C no.1 s.111
• /
• pp.55-64
• /
• 2007

Behind the popularity of VoIP in these days, it may present significant security challenges in privacy and accounting. Authentication and message encryption are considered to be essential mechanisms in VoIP to be comparable to PSTN. SIP is responsible for setting up a secure call in VoIP. SIP employs TLS, DTLS or IPSec combined with TCP, UDP or SCTP as a security protocol in VoIP. These security mechanisms may introduce additional overheads into the SIP performance. However, this overhead has not been understood in detail by the community. In this paper we present the effect of the security protocol on the performance of SIP by comparing the call setup delays among security protocols. We implement a simulation of the various combinations of three security protocols and three transport layer protocols suggested for SIP. UDP with any combination of security protocols performs a lot better than the combination of TCP. TLS over SCTP may impose higher impact on the performance in average because TLS might have to open secure channels as the same number of streams in SCTP. The reasons for differences in the SIP performances are given.

• KSCI Review
• /
• v.14 no.2
• /
• pp.215-224
• /
• 2006

Regarding a spam attack and the interception that a spinoff is largest among Vulnerability of VoIP at these papers study. Write scenario of a spam attack regarding VoIP Vulnerability, and execute Call spam. Instant Messaging spam, Presence spam attack. A spam attack is succeeded in laboratories, and prove. and confirm damage fact of a user in proposals of a spam interception way of VoIP service, 1) INVITE Request Flood Attack 2) Black/White list, 3) Traceback, 4) Black Hole-Sink Hole, 5) Content Filtering, 6) Consent based Communication, 7) Call act pattern investigation, 8) Reputation System Propose, and prove. Test each interception plan proposed in VoIP networks, and confirm security level of a spam interception. Information protection of VoIP service is enlarged at WiBro, BcN. and to realize Ubiquitous Security through result of research of this paper contribute, and may make.

• Convergence Security Journal
• /
• v.3 no.1
• /
• pp.73-84
• /
• 2003

The IPv4 that used to be generally used as a medium of computer communications in 1980s has reached its limits now. IPv6 (IP Version 6) is being prepared to solve the limitations of the IPv4. However, the biggest problem of IPv6 is that it is not compatible with the IPv4. To resolve the compatibility issue, Dual Stack, Tunneling and Header Converting methods have been proposed. The Header Converting method allows communications between the IPv4 and IPv6 networks with the converter. This method's strength is that it is easy to embody and the procedures for embodiment is simple. However, this method still contains the weaknesses that the existing IPv4 has. On the current document, the Header Converting method among the three methods is discussed to resolve the problems this method has. To solve the Header Converting method's weakness, the security problem between sections, the IP Header field values are converted to the relative field values and IPSec (IP Security) and ESP (Encapsulation Security Payload) are applied. The proposed "Encrypted Header Converting Method" that is encrypted in packet units has solved the weakness that the pre-existing Header Converting method used to have.d to have.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2008.05a
• /
• pp.295-297
• /
• 2008

Session Initiation Protocol (SIP) has become the call control protocol of choice for Voice over IP (VoIP) networks because of its open and extensible nature. However, the integrity of call signaling between sites is of utmost importance, and SIP is vulnerable to attackers when left unprotected. Currently a hop-by-hop security model is prevalent, wherein intermediaries forward a request towards the destination user agent server (UAS) without a user agent client (UAC) knowing whether or not the intermediary behaved in a trusted manner. This paper presents an integrated security model for SIP-based VoIP network by combining hop-by-hop security and end-to-end security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.14 no.1
• /
• pp.35-45
• /
• 2004

In explosively increasing internet environments, information security is one of the most important consideration. Nowadays, various security solutions are used as such problems countermeasure; IDS, Firewall and VPN. However, basically internet has much vulnerability of protocol itself. Specially, it is possible to establish a covert channel using TCP/IP header fields such as identification, sequence number, acknowledge number, timestamp and so on. In this Paper, we focus cm the covert channels using identification field of IP header and the sequence number field of TCP header. To detect such covert channels, we used Support Vector Machine which has excellent performance in pattern classification problems. Our experiments showed that proposed method could discern the abnormal cases(including covert channels) from normal TCP/IP traffic using Support Vector Machine.