STI: A Security Architecture for IP Telephony

STI：IP 电话安全架构

• 批准号: 0334177
• 负责人: Dipak Ghosal
• 金额: $ 15.85万
• 依托单位: University of California-Davis
• 依托单位国家: 美国
• 项目类别: Standard Grant
• 财政年份: 2003
• 资助国家: 美国
• 起止时间: 2003-09-01 至 2006-08-31
• 项目状态: 已结题
• 来源: https://www.nsf.gov/awardsearch/showAward?AWD_ID=0334177&HistoricalAwards=false
• 关键词: STI; Security; Architecture; IP; Telephony

IP telephony is a complex application involving multiple layers of the protocols stack and interactions among multiple network devices. The complexity is exacerbated by two additional factors . 1) the requirement that IP telephony interoperate with the Public Switched Telephone Network (PSTN) and 2) the requirement that IP telephony functions with existing network middle-boxes such as network address translators (NATs) and firewalls. These complexities introduce vulnerabilities that are prone to both known and perhaps, new forms of attacks. The goals of this proposed focused research are 1) to perform a comprehensive vulnerability analysis of IP telephony and 2) to design a security architecture to counter various types of denial-of-service (DoS) attacks in IP telephony. The work will proceed as follows: first carry out a detailed vulnerability analysis of IP telephony using a property driven approach. In this approach, define a set of properties that an IP telephony application must satisfy for a specific type of deployment. Then the vulnerabilities will be then enumerated and classified as potential ways to violate these properties using a corresponding attack. This vulnerability analysis will form the basis for designing the security architecture. In developing the security architecture, our focus will be in the design and analysis of sensors to detect and control DoS attacks. While DoS attacks have been studied, IP telephony presents significant new challenges. Next will be an investigation of both signature-based and statistical anomaly detection algorithms. The detection algorithms are complex because the attacks can occur at multiple layers involving multiple network devices and attack both the control and data plane of the protocol architecture. Finally, in a converged network, an attack to the IP telephony system can be made from both the Internet as well as the PSTN. Recovery algorithms that can quickly recover once the attack has ceased will be designed. The overall architecture will involve cross-layer introspection, i.e., the data from the various sensors at the different protocol layers and at the different network elements will have to correlated to determine the type of attack and hence the desired response.

IP 电话是一种复杂的应用，涉及多层协议栈以及多个网络设备之间的交互。 另外两个因素加剧了复杂性。 1) IP 电话与公共交换电话网络 (PSTN) 互操作的要求，以及 2) IP 电话与现有网络中间件（例如网络地址转换器 (NAT) 和防火墙）配合使用的要求。这些复杂性引入了容易遭受已知攻击或新形式攻击的漏洞。本次重点研究的目标是 1) 对 IP 电话进行全面的漏洞分析，2) 设计一个安全架构来应对 IP 电话中各种类型的拒绝服务 (DoS) 攻击。 工作将按如下方式进行：首先使用属性驱动方法对 IP 电话进行详细的漏洞分析。 在此方法中，定义 IP 电话应用程序必须满足特定类型部署的一组属性。然后，将枚举这些漏洞并将其分类为使用相应攻击来违反这些属性的潜在方法。 该漏洞分析将构成设计安全架构的基础。在开发安全架构时，我们的重点是传感器的设计和分析，以检测和控制 DoS 攻击。 虽然 DoS 攻击已得到研究，但 IP 电话提出了重大的新挑战。 接下来将研究基于签名和统计异常检测算法。检测算法很复杂，因为攻击可能发生在涉及多个网络设备的多个层，并且攻击协议架构的控制平面和数据平面。 最后，在融合网络中，可以从互联网和 PSTN 对 IP 电话系统进行攻击。 将设计一旦攻击停止就可以快速恢复的恢复算法。 整体架构将涉及跨层自省，即来自不同协议层和不同网络元件的各种传感器的数据必须相互关联，以确定攻击类型，从而确定所需的响应。