• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.11a
• /
• pp.875-879
• /
• 2002

CPL is a technique that serves various additional service in Internet telephony such as call forwarding, call blocking etc. IETF IPTEL working group developed this CPL standard. Users could request various additional services such as call forwarding, call blocking etc. by registering XML scripts to location servers. This paper would describe the design and the implementation skill of SIP proxy server that support these improved functionalities in detail. SIP registrar and SIP proxy server are designed and implemented in Linux platform because this platform serves fast and low cost development environment.

• 한국IT서비스학회:학술대회논문집
• /
• 2008.11a
• /
• pp.461-464
• /
• 2008

본 논문에서는 SIP 기반의 VoIP 서비스 환경에서 보안성 확보를 위해 속성인증서를 사용한 사용자 인증 시스템을 설계하였다. Redirect Server와 인증 서버를 각 Proxy Server 사이에 두어 인증서의 발급 및 검증, 사용자의 등록 및 관리 기능을 수행한다. 기존에 인증 시스템은 사용자 인증서가 외부에 노출이 되면 심각한 보안상의 문제가 발생할 수 있지만 속성인증서를 사용하면 외부에 노출에도 강력한 보안을 적용할 수 있다. 이에 본 논문에서는 속성인증서를 인증 서버가 발급과 검증을 하므로 안전한 통신 시스템을 구현할 수 있으며, 서비스 사용자를 Redirect Server에 등록 하게 함으로써 불법사용자의 접근을 제한하고, 정상적인 사용자를 인증하여 사용자의 정보보안 및 올바른 서비스의 제공이나 서비스 이용 요금의 과금시 유용하게 사용될 수 있다.

• Journal of Advanced Marine Engineering and Technology
• /
• v.27 no.1
• /
• pp.65-75
• /
• 2003

The internet telephony service is one of the successful internet application services. VoIP is the key technology for the service to come true. VoIP uses H.323 or SIP as the standard protocol for the distributed multimedia services over the internet environment, in which QoS is not guaranteed. VoIP carries the packetized voice by using the RTP/UDP/IP protocol stack. The UDP-based internet services cause the data transmission problem to the users behind the internet firewall. So does the internet telephony service. The users are not able to listen the voices of the counter-parts on the public internet or PSTN. It makes the problem more difficult that the internet telephony service addressed in this paper uses only one UDP port number to send the voice data of all sessions from gateway to terminal node. In this paper, two schemes including the usage of dummy UDP datagrams, and the protocol conversion are suggested. The implementation of one of the schemes, the protocol conversion, and the performance evaluation are described in detail.

• Proceedings of the Korean Information Science Society Conference
• /
• 2002.10e
• /
• pp.217-219
• /
• 2002

호처리 언어(CPL)는 기존의 공중전화망에서 제공하는 다양한 부가 전화 서비스를 인터넷상에서 개발할 수 있도록 하는 기술로서, IETF IPTEL 워킹그룹에서 개발한 표준이다. CPL은 하위 수송계층 프로토콜로서 H.323이나 SIP (Session Initiation Protocol)를 이용할 수 있는데, 이 중 IETF의 SIP 워킹그룹에서 개발한 SIP는 프리젠트, 인스턴스 메시징, 컨퍼런스 등 다양한 VoIP 서비스 개발에 활용되고 있다. 사용자들은 CPL을 이용하여 원하는 부가 서비스들을 요청할 수 있으며, 이들은 SIP Registrar에 등록되어 실질적인 서비스를 제공받게 된다. 본 논문에서는 이러한 다양한 부가서비스 지원을 위한 프락시 서버의 동작에 대해 기술하고자 한다. CPL을 지원하는 SIP Proxy Server는 리눅스 커널버전 2.4.x 상에서 C언어를 이용하여 설계 및 구현한다.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10c
• /
• pp.331-333
• /
• 2004

본 논문에서는 SIP(Session initiation Protocol) 기반의 VoIP(Voice over Internet Protocol) 시스템에 효율적인 call-control을 위해 필요한 헤더와 파라미터를 추가한 Extension SIP를 제안하였다. 또한 이 제시된 Extension SIP에 따르는 SIP Proxy Server와 User Agent(User Agent Client, User Agent Server)를 리눅스 시스템에서 C언어를 통해 구현하였고, 이 구현된 Extension SIP 시스템을 통해 기존의 SIP 시스템과 cail-control을 위한 packet traffic을 비교.분석 함으로써 제안한 Extension SIP의 효율성 을 증명하였다.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.6 no.7
• /
• pp.1854-1873
• /
• 2012

Owing to its simplicity and flexibility, the session initiation protocol (SIP) has been widely adopted as a major session-management protocol for Internet telephony or Voice-over IP (VoIP) services. However, SIP has faced various types of security threats. Call-disruption attacks are some of the most severe threats they face, and can greatly inconvenience consumers. In this paper, we analyze such SIP call-disruption attacks, and propose a method for detecting and counteracting them by extending the SIP INFO method with authentication. Using the proposed method, both the target user and the SIP server can detect the existence of a call-disruption attack on a user and counteract the attack. We demonstrate the effectiveness of the proposed method from the viewpoint of computational complexity by configuring a test-bed with an Asterisk SIP proxy server and an SIP performance (SIPp) emulator.

• Journal of the Korea Academia-Industrial cooperation Society
• /
• v.9 no.4
• /
• pp.929-935
• /
• 2008

As internet telephony services based on Session initiation Protocol (SIP) enter the spotlight as marketable technology, many products based on SIPs have been developed and utilized for home and office telephony services. The call connection of an internet phone is classified into specific call connections and group call connections. Group call connections have a forking function which delivers the message to all of the group members. This function requires excessive message control for a call connection and creates heavy traffic in the network. In the internet cail system model. most of the call-setup messages are directed to the proxy server during a short time period. This heavy message load brings an unwanted delay in message processing and. as a result, call setup can not be made. To solve the delay problem, we simplified the analysis of the call-setup message in the proxy server, and processed the forking function distributed for the group call-setup message. In this thesis, a new system model to minimize the load is proposed and the subsequent implementation of this model demonstrates the performance improvement.

• The Journal of the Korea Contents Association
• /
• v.10 no.1
• /
• pp.46-58
• /
• 2010

The user valence of VoIP services with SIP protocol is increasing rapidly because of cheap communication cost and its conveniency. But attacker can easily modify the packet contents of SIP protocol as SIP header is transmitted by using UDP methods in text form. The reason is that SIP protocols does not provide an authentication function on the transmission session. Therefore, existing SIP protocol is very weak on SIP Packet Flooding attack etc. In order to solve like this kinds of SIP vulnerabilities, we used SIP status codes under the monitoring module for detecting SIP Flooding attacks and additionally proposed an advanced protocol where the authentication and security function is strengthened about SIP packet. We managed SIP session spontaneously in order to strengthen security with SIP authentication function and to solve the vulnerability of SIP protocol. The proposed mechanism can securely send SIP packet to solves the security vulnerability with minimum traffic transmission. Also service delay in SIP proxy servers will be minimized to solve the overload problem on SIP proxy server.