• Journal of the Korea Society of Computer and Information
• /
• v.14 no.12
• /
• pp.147-156
• /
• 2009

This paper proposes a SRTP key exchange scheme using split transfer of divided RSA public key in SIP-based VoIP environment without PKI. The existing schemes are hard to apply to real VoIP environment, because they require a PKI and certificates in the end devices. But in case of ZRTP. which is one of existing schemes, it's able to exchange SRTP Key securely without PKI, but it is inconvenient since it needs user's involvement. To solve these problems, the proposed scheme will split RSA public key and transmit them to SIP signaling secession and media secession respectively. It can defend effectively possible Man-in-The-Middle attacks, and it is also able to exchange the SRTP key without the user's involvement. Besides, it meets the requirements for security of SRTP key exchange. Therefore, it's easy to apply to real VoIP environment that is not available to construct PKL.

• Proceedings of the Korean Information Science Society Conference
• /
• 2010.06a
• /
• pp.175-176
• /
• 2010

• The KIPS Transactions:PartC
• /
• v.12C no.2 s.98
• /
• pp.251-260
• /
• 2005

On the internet phone or PSTN(Public Switched Telephone Network), the automatic callback is an useful service in the case of busy state when one user calls the other. By using this service, automatic redial is possible when the other party hangs up. However, in the basic automatic callback service, the user who wants callback should wait until the other party hangs up even in the case of emergency. Therefore in this paper, to solve this problem we have extended CPL(Call Processing Language) and, within user system we have included and linked this extended CPL processing module and dialog event package which processes SIP INVITE initiated dialog state informations. We have implemented this system for being used in SIP(Session Initiation Protocol)-based VoIP(Voice over IP) system.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.176-179
• /
• 2003

The use of Multiparty Conference service based on SIP for VoIP provides is gradually magnified, and the work for continuous development and standardization on SIP is in the process of advancing. But, currently it is impossible for SIP to support identity discovery and distribution of each participant for multiparty conference. In this paper, we propose a SIP extension for guaranteeing security on the multiparty conference using SIP by adding new method and reconstructing header informations. With this, it is also possible to identify discovery and to distribute each participant using SIP extension when a call is established for closed multiparty conference.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2014.11a
• /
• pp.449-452
• /
• 2014

최근 이동통신 사업자들은 All-IP 기반의 서비스를 개발하고 상용화하기 위해 힘쓰고 있다. 그 이유는 All-IP 기반의 서비스가 LTE의 넓은 대역폭을 사용하여 기존 서비스와는 현저한 차별성을 가지고 있기 때문이다. 음성통화를 LTE 기반으로 제공하는 VoLTE 서비스도 그 중의 하나로서 현재 이동통신 3사 모두 상용화하여 이 새로운 고음질 및 고화질 커뮤니케이션 서비스에 대해 마케팅을 벌이고 있다. 하지만 VoLTE 서비스는 보안에 대한 충분한 고려가 이루어지지 않은 상태로 상용화되었으며, VoLTE에서 사용되는 SIP(Session Initiation Protocol) 프로토콜을 악용한 여러 유형의 공격에 매우 취약하다. 본 논문에서는 VoLTE 서비스에 대한 보안 위협 중 가장 기본이 되는 스캐닝 공격에 대해 기술하고 이를 탐지할 수 있는 방안을 제시한다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2011.10a
• /
• pp.273-276
• /
• 2011

Voice over Internet Protocol(VoIP) compared to the traditional PSTN communications costs and because of the ease of use has been widespread use of VoIP. Broadband Convergence Network (BCN) as part of building with private Internet service provider since 2010, all government agencies are turning to the telephone network and VoIP. In this paper, we used the Internet on your phone in the IETF SIP-based IP-PBX is a hacking attack analysis studies. VoIP systems are built the same way as a test bed for IP-PBX hacking attacks and vulnerabilities by analyzing the results yielded. Proposes measures to improve security vulnerabilities to secure VoIP.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.7
• /
• pp.1854-1873
• /
• 2012

Owing to its simplicity and flexibility, the session initiation protocol (SIP) has been widely adopted as a major session-management protocol for Internet telephony or Voice-over IP (VoIP) services. However, SIP has faced various types of security threats. Call-disruption attacks are some of the most severe threats they face, and can greatly inconvenience consumers. In this paper, we analyze such SIP call-disruption attacks, and propose a method for detecting and counteracting them by extending the SIP INFO method with authentication. Using the proposed method, both the target user and the SIP server can detect the existence of a call-disruption attack on a user and counteract the attack. We demonstrate the effectiveness of the proposed method from the viewpoint of computational complexity by configuring a test-bed with an Asterisk SIP proxy server and an SIP performance (SIPp) emulator.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.9 no.3
• /
• pp.493-497
• /
• 2005

This paper is about the research of the User Agent implementation under wireless embedded environment, using SIP which is one of protocol components construct the VoIP system. The User Agent is made of the User Agent configuration block, the device thread block to control devices and the SIP stack block to process SIP messages. The device thread consists of the RTP thread and the sound lard device processing block. Futhermore, the SIP stack consist of the worker thread to process proxy events, the SIP transceiver and SIP thread to transfer and receive SIP messages. The H/W platform is a board included the Intel's XScale PXA255 processor, flash memory, SDRAM, Audio CODEC module and wireless LAN threough PCMCIA socket, furthermore a microphone and headphone is used by the audio 1/0. The system has embedded linux kernel 2.4.19. For embedded environment, the function of User Agent and SIP method is diminished. Finally, the resource of system could be reduced about $12.9\%$, compared to overall system resource, by minimizing peripherals control and excepting TCP.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.18 no.3
• /
• pp.109-120
• /
• 2008

VoIP utilizes the Internet for the services, and therefore it is vulnerable to intrusions and attacks. Because provided services deal with information related to privacy of users, it requires high level security including authentication and the confidentiality/integrity of signaling messages and media streams. However, when such a protocol is implemented in a VoIP phone, the implementation can have limitations due to the limited resources. The present study purposed to implement VoIP security protocols and to evaluate their performance in terms of connection quality and voice quality by applying them to SIP proxy and UA (User Agent). In the result of performance evaluation, the application of the security protocols did not lower voice quality, but connection quality was high in the DTLS based security protocol. As the protocol was applicable to signaling and media paths based on DTLS, we found that it can be a solution for the limited resources of VoIP phone.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.04a
• /
• pp.880-882
• /
• 2004

본 논문에서는 차세대 이동통신 시스템으로 개발되고 있는 HMm시스템의 3계층 프로토콜 전송절차 검증 및 SIP기반의 VoIP서비스 및 웹브라우징 서비스를 제공할 수 있는 가상 단말을 설계하고 구현하였다. 현재 구현된 가상단말은 SIP서비스를 위한 UA기능과 웹 브라우징 기능을 포함하고 있으며, UA간의 직접적인 통화 기능 및 Proxy를 이용한 통화 기능, 그리고 웹 브라우징 기능을 시험하였다. 향후 개발된 가상단말을 바탕으로 보다 확장된 SIP헤더를 처리하고 HMm 3계층 프로토콜을 세부적으로 검증할 수 있는 기능을 추가할 예정이다.