共查询到20条相似文献,搜索用时 31 毫秒
1.
2.
本文首先概述了基于C/S模式的传统SIP系统的缺陷、P2PSIP系统的由来及发展现状,然后提出了一种构建于P2P层之上的SIP网络电话(P2PSIP)系统的设计方案,其中P2P层采用全分布式哈希表算法Kademlia算法实现;接着重点分析了该方案中DHT(Kad)模块的工作机制以及SIP over P2P中的交互消息;最后给出基于该方案的原型系统的测试结果。 相似文献
3.
Gang Wang Chunhong Zhang Xiaofeng Qiu Zhimin Zeng 《Multimedia Tools and Applications》2013,64(3):599-625
Peer-to-peer (P2P) systems have been widely deployed and used to provide voice-over-IP (VoIP) service in the Internet. However, the current best-effort Internet cannot readily provide the service guarantees that meet the quality standards achieved in the public switched telephone network (PSTN). To address this problem, many studies have demonstrated that exploiting path diversity is a promising approach, such as multi-homing and overlay routing. In this paper, we focus on the overlay scenario and bring forward a previously unexplored approach that exploits the properties of delay space of Internet to select relay node to enhance the performance of P2P-based VoIP applications in Chinese Internet. By conducting intensive Internet measurements, we analyze the properties of delay space of Chinese Internet and show these properties can be readily exploited to select relay node with as small a cost as possible. Exploiting these properties we bring forward an efficient relay node selection scheme to improve the performance of P2P-based VoIP applications in Chinese Internet. Our intensive evaluation by trace-driven simulation shows our scheme is highly efficient and easy to be implemented. 相似文献
4.
5.
抵御SIP分布式洪泛攻击的入侵防御系统 总被引:1,自引:0,他引:1
针对SIP分布式洪泛攻击检测与防御的研究现状,结合基于IP的分布式洪泛攻击和SIP消息的特点,提出了一种面向SIP分布式洪泛攻击的两级防御分布式拒绝服务(DDoS)攻击体系结构(TDASDFA):一级防御子系统(FDS)和二级防御子系统(SDS)。FDS对SIP的信令流进行粗粒度检测与防御,旨在过滤非VoIP消息和丢弃超出指定速率的IP地址的SIP信令,保证服务的可用性;SDS利用一种基于安全级别设定的攻击减弱方法对SIP信令流进行细粒度检测,并过滤具有明显DoS攻击特征的恶意攻击和低流量攻击。FDS和SDS协同工作来实时检测网络状况,减弱SIP分布式洪泛攻击。实验结果表明,TDASDFA能实时地识别和防御SIP分布式洪泛攻击,并且在异常发生时有效地减弱SIP代理服务器/IMS服务器被攻击的可能性。 相似文献
6.
软交换是下一代网络中的核心技术,SIP协议作为下一代网络最重要的协议之一,已经被广泛应用于VoIP系统中。 SIP协议无法支持SIP信令和媒体流的NAT穿越,从而限制了其在广域网上的应用和发展。虽然目前解决NAT穿越的方案已经很多,但都存在着一定的局限性。文中详细解释了NAT对SIP通信的影响,介绍了UDP打洞技术的基本原理,介绍了UDP打洞技术穿越锥形NAT的流程,以及Http代理网关方式穿越各种NAT的流程。文中通过比较各种NAT穿越方案的优缺点,提出一种综合UDP打洞与Http代理网关的NAT穿越方案。经过论证与实验,证明了该方案的可行性。 相似文献
7.
近几年基于P2P的文件共享系统得到了广泛的应用.与此同时,大量的虚假文件、病毒也得以在P2P网络中散布,而某些用户在使用这类系统时也存在一系列不负责任的行为,这也就导致了系统的安全受到威胁,系统的服务质量不高.针对上述问题,基于查询请求以及目标节点的选择建立了一种信任机制.该机制一方面能够减少查询消息数,避免网络拥塞,另一方面能够有效防止选中提供虚假文件、病毒的节点以及不负责任的节点,进而提高文件共享系统的安全性与服务质量. 相似文献
8.
This paper studies reliable and resilient deployment of video over IP across a multi-location organization, where a number of wireless mesh network (WMN) clouds are connected by a virtual private network (VPN). Particularly, we propose a scheme of enhanced SIP proxy server which can support an accountable network. In our proposed solution, the enhanced SIP proxy server consists of three modules, namely traffic load prediction, VPN bandwidth negotiation, and call admission control (CAC) in order to provide trustable service. We identify traffic load prediction as the key component among the three modules, and we further develop a linear predictor of variable sampling rate-normalized least mean square (VSR-NLMS) to estimate the traffic patterns. VSR-NLMS predictor employs adjustable sampling rate to achieve improved efficiency and performance. Numerical results show that our proposed scheme can automatically choose suitable sampling rate to track and predict the traffic load curve with acceptable accuracy and reasonable computational complexity. 相似文献
9.
一种SIP NAT应用网关的设计与实现 总被引:6,自引:0,他引:6
使用私有地址的SIP软交换系统用户如何与公网用户进行会话,即如何SIP消息进行NAT操作,目前还没有应用标准,现有草案中提出的方法无论是否实现于应用层,都对SIP协议本身进行了扩展,这无疑给具体实现增加了很大的难度,同时也带来了兼容性问题,本文从SIP消息体的特点出发,提出了一种无需扩展SIP协议的易于实现的应用层解决方案,并结合呼叫流程详细叙述了具体实现过程。 相似文献
10.
VOIP是一种新型的语音通信技术,由于其以Internet作为载体受到了广泛的关注.利用已有的WLAN网络实现无线的VoIP通话,可以提高网络资源的利用率并降低了通话成本.提出了一种基于SIP协议把VoIP和WLAN技术相融合的嵌入式无线终端方案,进行了硬件和软件设计,为系统开发提供了可行的实现途径. 相似文献
11.
Dimitris Gritzalis Panagiotis Katsaros Stylianos Basagiannis Yannis Soupionis 《International Journal of Information Security》2012,11(2):121-135
Anti-SPIT policies counter the SPam over Internet Telephony (SPIT) by distinguishing bots launching unsolicited bulks of VoIP
calls from human beings. We propose an Anti-SPIT Policy Management mechanism (aSPM) that detects spam calls and prevents VoIP
session establishment by the Session Initiation Protocol (SIP). The SPIN model checker is used to formally model and analyze
the robustness of the aSPM mechanism in execution scenarios with parallel SIP sessions. In case of a possible design flaw,
the model checker provides a trace of the caught unexpected behavior (counterexample), that can be used for the revision of
the mechanism’s design. Our SPIN model is parameterized, based on measurements from experiments with VoIP users. Non-determinism
plays a key role in representing all possible anti-SPIT policy decisions, in terms of the SIP messages that may be exchanged.
The model checking results provide evidence for the timeliness of the parallel SIP sessions, the absence of deadlocks or livelocks,
and the fairness for the VoIP service users. These findings ensure robust anti-SPIT protection, meaning that the aSPM mechanism
operates as expected, despite the occurrence of random SPIT calls and communication error messages. To the best of our knowledge,
this is the first analysis for exhaustively searching security policy flaws, due to complex interactions between anti-SPIT
measures and the SIP protocol services. 相似文献
12.
13.
14.
Fei Wang Fu Rong Wang Benxiong Huang Laurence T. Yang 《The Journal of supercomputing》2013,64(3):744-761
Interconnection among VoIP networks over the Internet is being an important trend. Therefore, distributed and self-organized VoIP networks are emerging as the times require. Because of VoIP’s cheapness and simplicity, many institutes forecast that it emerges as next spam entryway, like e-mail service. Especially, interconnected VoIP networks are self-organized and lack centralized authority. In this paper, we propose a novel scheme, called ADVS (Anti-Distributed Voice Spam), against SPIT (SPam over Internet Telephony) on the distributed and self-organized VoIP networks. ADVS presents a proper reputation model to evaluate end-user’s past behavior and accumulate other users’ referrals for detecting and filtering spam calls. In the VoIP network, ADVS acts as a middleware of VoIP proxy and constructs a DHT-based P2P network over call proxies and part of P2P-VoIP client to interlink each other and share end-user’s reputation. At the end of the paper, we verify AVDS through building simulation test bed. The results of experiment show that ADVS could detect spam calls accurately and stably. 相似文献
15.
16.
彭红姣 《计算机技术与发展》2013,(11):213-215,219
文中以解决VoIP系统的语音质量问题为目标,深入研究了基于SIP的VoIP系统QoS控制技术。参照IMS网络结构,考虑通信业务的QoS要求,研究以SIP为信令协议的VoIP系统如何进行呼叫控制、资源预留和策略决策,融人到SIP用户代理、SIP代理服务器,提出了一个具有QoS能力的SIP代理服务器的设计方案,增加了策略决策功能(PDF)等网络实体,支持QoS的能力得到增强。文中详细讨论了支持QoS的siP网络的增强能力,具有QoS能力的SIP代理服务器的功能结构,QoS功能模块,以及QoS资源授权和预留决策过程。 相似文献
17.
18.
为了解决VoIP认证计费问题,介绍了RADIUS协议及SIP认证方式,提出了扩展RADIUS协议以支持SIP认证的方法,并详细说明了经由认证处理的呼叫建立过程,给出了基于RADIUS和SIP协议的VoIP认证的具体实现方式,最后通过在SIP代理服务器上部署相应的计费策略,并结合RADIUS服务器的计费功能,给出了VoIP计费的实现方法. 相似文献
19.
《Information Forensics and Security, IEEE Transactions on》2009,4(1):140-150
20.
SIP协议以其在开放性、扩展性以及与Internet结合紧密的优势在VoIP应用中广泛采用,而NAT是主要用来通过防火墙或者路由器使多个局域网的私有IP共享一个共有的IP的技术。介绍了NAT的穿透原理,然后介绍了在SIP Proxy系统中穿透NAT的方法,并且分析了这种方法如何和SIP的信令结合在一起。该方法可以大大地拓宽VoIP系统的应用范围,使得在目前IP地址资源非常紧缺的情况下有更多的用户可以享受到VoIP的服务,并已经在开发的VoIP系统得到了运用,系统稳定且有效。 相似文献