• Korea Information Processing Society Review
• /
• v.8 no.2
• /
• pp.90-96
• /
• 2001

• Information and Communications Magazine
• /
• v.21 no.4
• /
• pp.29-38
• /
• 2004

VoIP(Voice Over IP) 기술은 인터넷 망 계층 프로토콜인 IP(Internet Protocol) 상에서 데이터 뿐만 아니라 음성 서비스를 동시에 제공할 수 있도록 지원하는 기능 이외에 멀티미디어와 각종 부가서비스를 제공할 수 있는 기술이다. 음성망과 데이터합이 어떤 형태로든 수렴, 통합하는 방향으로 진화될 것이라는 사실에는 대부분의 사람들이 이견이 없으며, 이러한 통합망에서의 가장 중요한 기술의 하나라고 인식되고 있다. VoIP 관련 표준화는 IETF와 ITU-T에서 진행되고 있으며 ITU-T는 H.323 시스템을 기반으로 하여 각종 표준을 제정하고 있으며 IETF에서는 SIP를 중심으로 표준화를 진행하고 있다. 현재 VoIP 기술에 초점이 되고 있는 주요 이슈는 데이터를 위해 최적인 패킷망을 통해 이용자의 요구를 충분히 만족시킬 수 있는 통화품질 보장 여부이다. 패킷화된 다중서비스망의 성공을 보장하기 위해서는 기존의 PSTN망과 동등한 수준의 품질을 제공하여야 한다. 본 고에서는 이러한 VoIP의 기술 동향, 시장 및 사용자 요구사항 분석, 최근의 VoIP의 이슈에 대해서 살펴보고자 한다.(중략)

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2002.11a
• /
• pp.875-879
• /
• 2002

CPL is a technique that serves various additional service in Internet telephony such as call forwarding, call blocking etc. IETF IPTEL working group developed this CPL standard. Users could request various additional services such as call forwarding, call blocking etc. by registering XML scripts to location servers. This paper would describe the design and the implementation skill of SIP proxy server that support these improved functionalities in detail. SIP registrar and SIP proxy server are designed and implemented in Linux platform because this platform serves fast and low cost development environment.

• Journal of the Korea Society of Computer and Information
• /
• v.11 no.4 s.42
• /
• pp.155-164
• /
• 2006

VoIP technology is Eight New Services among Ubiquitous-IT839 strategies. This paper tested wiretapping or VoIP service in connected a soft phone and LAN and WAN sections, Internet telephones and a device. IP PBX, a banner operator network to have been connected to VoIP Internet network. As a result of having experimented on wiretapping of VoIP networks, Vulnerability was found. and a wiretapping by attacks of a hacker was succeeded in a terminal and proxy and attachment points of a VoIP network like a hub to follow a CVE list. Currently applied a security plan of an each wiretapping section in viewpoints of 6 security function of Access Control. Confidentiality, Authentication. Availability, Integrity. Non-repudiation in VoIP networks named to 070. Prevented wiretapping of contents by the results, the AES encryption that executed wiretapping experiment about a packet after application of a security plan. Prevented wiretapping, and kept security and audit log. and were able to accomplish VoIP information protection to network monitoring and audit log by an access interception and qualification and message hash functions and use of an incoming refusal.

• The Journal of the Korea Contents Association
• /
• v.10 no.1
• /
• pp.46-58
• /
• 2010

The user valence of VoIP services with SIP protocol is increasing rapidly because of cheap communication cost and its conveniency. But attacker can easily modify the packet contents of SIP protocol as SIP header is transmitted by using UDP methods in text form. The reason is that SIP protocols does not provide an authentication function on the transmission session. Therefore, existing SIP protocol is very weak on SIP Packet Flooding attack etc. In order to solve like this kinds of SIP vulnerabilities, we used SIP status codes under the monitoring module for detecting SIP Flooding attacks and additionally proposed an advanced protocol where the authentication and security function is strengthened about SIP packet. We managed SIP session spontaneously in order to strengthen security with SIP authentication function and to solve the vulnerability of SIP protocol. The proposed mechanism can securely send SIP packet to solves the security vulnerability with minimum traffic transmission. Also service delay in SIP proxy servers will be minimized to solve the overload problem on SIP proxy server.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2007.05a
• /
• pp.1021-1024
• /
• 2007

VoIP 서비스는 인터넷을 기반으로 하므로 인터넷망에서 발생하는 보안 위험이 내재해 있고, 서비스가 실시간으로 이루어진다는 특성으로 인해 기존의 보안 솔루션으로 이러한 보안 위험을 해소하기는 어렵다. 따라서 VoIP 망 구축 초기단계부터 정보보호를 고려하여 보안대책을 세우고 이를 반영하는 것이 비용과 보안 효과 측면에서 바람직하다. 본 논문에서는 상용 VPN 제품에 공개 프로젝트인 SIP VoIP Gateway 'Asterisk'을 연동하여 사용자 인증과 데이터 기밀성을 효과적으로 수행하기 위한 VoVPN(Voice over Virtual Private Network)을 설계하고 구현하였다.

• Journal of Advanced Marine Engineering and Technology
• /
• v.27 no.1
• /
• pp.65-75
• /
• 2003

The internet telephony service is one of the successful internet application services. VoIP is the key technology for the service to come true. VoIP uses H.323 or SIP as the standard protocol for the distributed multimedia services over the internet environment, in which QoS is not guaranteed. VoIP carries the packetized voice by using the RTP/UDP/IP protocol stack. The UDP-based internet services cause the data transmission problem to the users behind the internet firewall. So does the internet telephony service. The users are not able to listen the voices of the counter-parts on the public internet or PSTN. It makes the problem more difficult that the internet telephony service addressed in this paper uses only one UDP port number to send the voice data of all sessions from gateway to terminal node. In this paper, two schemes including the usage of dummy UDP datagrams, and the protocol conversion are suggested. The implementation of one of the schemes, the protocol conversion, and the performance evaluation are described in detail.

• International Journal of Computer Science & Network Security
• /
• v.22 no.2
• /
• pp.175-184
• /
• 2022

Voice over Internet Protocol (VoIP) has grown in popularity as a low-cost, flexible alternative to the classic public switched telephone network (PSTN) that offers advanced digital features. However, additional security vulnerabilities are introduced by the VoIP system's flexibility and the convergence of voice and data networks. These additional challenges add to the normal security challenges that a VoIP system's underlying IP data network infrastructure confront. As a result, the VoIP network adds to the complexity of the security assurance task faced by businesses that use this technology. It's time to start documenting the many security risks that a VoIP infrastructure can face, as well as analyzing the difficulties and solutions that could help guide future efforts in research & development. We discuss and investigate the challenges and requirements of VoIP security in this research. Following a thorough examination of security challenges, we concentrate on VoIP system threats, which are critical for present and future VoIP deployments. Then, towards the end of this paper, some future study directions are suggested. This article intends to guide future scholars and provide them with useful guidance.

• Proceedings of the Korean Information Science Society Conference
• /
• 2004.10c
• /
• pp.331-333
• /
• 2004

본 논문에서는 SIP(Session initiation Protocol) 기반의 VoIP(Voice over Internet Protocol) 시스템에 효율적인 call-control을 위해 필요한 헤더와 파라미터를 추가한 Extension SIP를 제안하였다. 또한 이 제시된 Extension SIP에 따르는 SIP Proxy Server와 User Agent(User Agent Client, User Agent Server)를 리눅스 시스템에서 C언어를 통해 구현하였고, 이 구현된 Extension SIP 시스템을 통해 기존의 SIP 시스템과 cail-control을 위한 packet traffic을 비교.분석 함으로써 제안한 Extension SIP의 효율성 을 증명하였다.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2003.10a
• /
• pp.682-685
• /
• 2003

SIP(Session Initiation Protocol) 프로토콜은 구조가 간단하고 다양한 애플리케이션을 개발할 수 있는 등의 장점을 가지고 있기 때문에 차세대 네트워크에서 호 설정을 위한 사실상의 표준으로 자리 잡아가고 있다. SIP는 계층적 구조를 갖는 프로토콜로서, SIP의 일부 계층은 대부분의 SIP 응용 애플리케이션에서 공통적으로 사용될 수 있다. 본 논문에서는 SIP 애플리케이션 개발에 효과적으로 사용될 수 있는 SIP 공통모듈에 대한 간략한 설명과 이를 이용한 사용자 에이전트의 설계 및 구현에 대하여 설명한다.