Enhancing security and privacy in VoIP/IMS environments

Βράκας, Νίκος

Master Thesis

Author

Βράκας, Νίκος

Date

2013-04

View/Open

Μεταπτυχιακή διατριβή (6.600Mb)

Keywords

Voice over IP (VoIP) ; Υποσυστήματα πολυμέσων ; Multimedia Subsystem ; Session Initiation Protocol

Abstract

During the last decade, the development of technology has made Voice Over Internet Protocol (VoIP) and other multimedia services feasible even for mobile devices. Internet users have been gradually moving away from convectional computers since they can access such services from everywhere, through their mobile phones. The convergence of all these heterogeneous networks is achieved through the deployment of the IP Multimedia Subsystem (IMS). This platform is the main signaling component in next generation networks and can bring together all different types of networks under a common, all-IP, architecture. As the main signaling component, the IMS is responsible for the session establishment and management of the provided multimedia services, such as internet telephony, video and call conferences and many more, by utilizing the session initiation protocol (SIP). The variety of different networks and protocols, that take part in this architecture, introduce threats, vulnerabilities and new possibilities for attacks. The technical specifications of IMS cannot sufficiently prevent many security incidents while SIP has been proven vulnerable to many malicious acts. This thesis is concerned with security and privacy issues in SIP based communication services such as the ones provided by VoIP/IMS infrastructures. All the vulnerabilities that can be exploited and violate confidentiality, integrity, availability and privacy requirements are presented and evaluated considering many different factors such as the time frame of the attack, the access level of the attacker and the security mechanisms employed. Since signaling messages’ integrity can be protected with various methods, this research has been focused on preserving architecture’s availability, messages’ authenticity and users’ privacy. The development of a flooding attack detection mechanism has been the first objective of this research since such attacks pose serious threats to these environments. A metric, that is derived by modeling the session establishment procedure, has been proposed for detecting incomplete SIP connections. By applying simple mathematical computations, single and distributed source flooding attacks can be detected. Afterwards, a more advanced framework that provides prevention of both SIP signaling and flooding attacks has been introduced. The content of packets that encapsulate SIP signaling is analyzed and the information gathered are bound with SIP authentication. The generated tuples are stored into tables with the support of the Bloom filters. Messages’ manipulation can be detected by analysing the gathered data while a statistical model has been developed in order to detect deviations from devices’ normal traffic behaviour. Concerning privacy requirements, a mechanism that protects users’s anonymity has been introduced. The unprotected users’ identity is concealed by utilizing commutative functions. A new one-time identity is generated for every new session providing also unlinkability services. All the developed mechanisms have been implemented and evaluated through numerous different scenarios. The experimental results prove the proposed mechanisms’ efficiency while they demonstrate that only negligible overheads are introduced.