共查询到20条相似文献,搜索用时 0 毫秒
1.
该文分析了基于SIP的VoIP安全问题,阐述了SIP基本网络模型和多层安全认证机制,提出了一种基于SIP的企业级VoIP安全框架,分析表明该框架可以消除VoIP通信存在的安全隐患。 相似文献
2.
SIP协议提供了一个全新的支持会话的移动性的概念.几个无线技术论坛,比如3GPP2,已经决定采用SIP作为移动因特网会话管理的基础,但其QoS、性能和故障率并没有达到最优.如今已经成熟的GSM/UMTS移动通信已经对终端移动性树立了一个典范.利用这个事实作为依据,本文对SIP的移动性技术做了新的研究,并且分析了性能负担、加密和故障恢复等.这必将是SIP移动性的一个更有效的运作方式. 相似文献
3.
4.
In the era of IP-based service, people expect a simple, cheap, and competent Voice over IP (VoIP) service as an alternative
of the traditional voice over PSTN. The introduction of the SIP protocol realizes the expectation. Following the cost saving
spirit of VoIP, we focus on studying inexpensive high availability solutions for the SIP-based VoIP Service. In this paper,
Peer-to-Peer (P2P) based and DN-LB based schemes are mainly compared in the paper. A P2P-based scheme enables an inexpensive
high availability solution to the VoIP service by the shared computation resources form P2P nodes. Such a P2P-based solution
may be appropriate for an individual VoIP user. However, a caller may take a large volume of messages to find out a callee
via the proxy nodes in the P2P network. This inherent property of a P2P network may induce the message overhead and long call
setup delay. Based on above, another inexpensive scheme, which is a probing-based name resolution solution, is proposed to
achieve high availability and load balancing for the VoIP service. We tag the probing mechanism onto the open source project
Domain Name Relay Daemon (DNRD) to become a domain name resolution based load balancer (DN-LB). With DN-LB, all request messages
from clients can be fairly distributed to all failure-proof proxy servers in the server farm without using any additional
costly intermediate network device and changing the standard SIP architecture. Such a DN-LB based solution may be a good choice
for a VoIP service provider. 相似文献
5.
VoIP应用程序可以以相对低廉的价格,为用户提供优质的语音甚至是视频实时通信服务,然而,IETF提供的请求/应答机制在当前充满NAT的网络环境面前,经常无法正常工作.目前的解决方案都是基于STUN协议的,而该协议会周期性地发出心跳消息以维持公网和私网地址的映射关系;这些消息对VoIP服务器来说是一种极大的资源浪费,设计并实现了一种基于SIP的自适应端到端通信系统,支持NAT下的端到端VoIP通信.系统扩展了SDP请.求/应答模型,使其能够令一个会话中的各个端用户交换公网和私网地址/端口号.通过实现一个实际系统证明了该扩展方案的可行性.一系列实验证明了提出的系统相比其它基于超级结点转发机制的VoIP应用在效率和表现上的优越性. 相似文献
6.
SIP协议是NGN中的重要协议之一,它在Internet环境下建立并管理会话,正以迅猛的速度改变当今企业及各种机构的沟通方式,因此对SIP协议安全性的研究也就显得格外重要.尽管多年来全球无数网络安全专家都在潜心研究DoS攻击的解决办法,但到目前为止收效不大,因为DoS攻击利用了协议本身的弱点.研究了针对VoIP环境下的DoS攻击,在简单介绍SIP协议和DoS攻击的基础上,详细地描述了基于SIP的VoIP网络环境中的DoS攻击的多种攻击类型,并给出针对这些攻击的网络安全维护对策. 相似文献
7.
8.
Security of session initiation protocol (SIP) servers is a serious concern of Voice over Internet (VoIP) vendors. The important contribution of our paper is an accurate and real-time attack classification system that detects: (1) application layer SIP flood attacks that result in denial of service (DoS) and distributed DoS attacks, and (2) Spam over Internet Telephony (SPIT). The major advantage of our framework over existing schemes is that it performs packet-based analysis using a set of spatial and temporal features. As a result, we do not need to transform network packet streams into traffic flows and thus save significant processing and memory overheads associated with the flow-based analysis. We evaluate our framework on a real-world SIP traffic—collected from the SIP server of a VoIP vendor—by injecting a number of application layer anomalies in it. The results of our experiments show that our proposed framework achieves significantly greater detection accuracy compared with existing state-of-the-art flooding and SPIT detection schemes. 相似文献
9.
《Computer》2001,34(11):32-38
Most organizations recognize the importance of cyber security and are implementing various forms of protection. However, many are failing to find and fix known security problems in the software packages they use as the building blocks of their networks and systems, a vulnerability that a hacker can exploit to bypass all other efforts to secure the enterprise. The Common Vulnerabilities and Exposures (CVE) initiative seeks to avoid such disasters and transform this area from a liability to a key asset in the fight to build and maintain secure systems. Coordinating international, community-based efforts from industry, government and academia, CVE strives to find and fix software product vulnerabilities more rapidly, predictably, and efficiently. The initiative seeks the adoption of a common naming practice for describing software vulnerabilities. Once adopted, these names will be included within security tools and services and on the fix sites of commercial and open source software package providers. As vendors respond to more users requests for CVE-compatible fix sites, securing the enterprise will gradually include the complete cycle of finding, analyzing, and fixing vulnerabilities 相似文献
10.
Many law enforcement wiretap systems are vulnerable to simple, unilateral countermeasures that exploit the unprotected in-band signals passed between the telephone network and the collection system. This article describes the problem as well as some remedies and workarounds. 相似文献
11.
12.
SIP协议(Session Initiation Protocol)作为一种应用层的信令控制协议具有灵活、方便、易扩展的特性。文章针对目前远程教学系统灵活度不够的问题,综合SIP协义的特性,提出了一种基于SIP协议的远程教学系统。 相似文献
13.
14.
15.
16.
17.
Since 2002, over 10% of total cyber vulnerabilities were SQL injection vulnerabilities (SQLIVs). This paper presents an algorithm of prepared statement replacement for removing SQLIVs by replacing SQL statements with prepared statements. Prepared statements have a static structure, which prevents SQL injection attacks from changing the logical structure of a prepared statement. We created a prepared statement replacement algorithm and a corresponding tool for automated fix generation. We conducted four case studies of open source projects to evaluate the capability of the algorithm and its automation. The empirical results show that prepared statement code correctly replaced 94% of the SQLIVs in these projects. 相似文献
18.
19.