Khalid Rashid

A Three-Layer Secure Architecture for IP Multimedia Subsystem-Based Instant Messaging

ABSTRACT A packet-based network to provide telecommunication services independent from the underlying access and transport technologies is known as a next generation network. An IP multimedia subsystem (IMS) provides an architectural framework for the next generation networks and includes variety of services such as presence, instant messaging, push-to-talk over cellular, multiparty conference, and so forth. IMS-based instant messaging is available in two flavors (immediate messaging and session-based messaging). Both flavors are subject to different types of security threats. An attacker can generate an immediate messaging flood by sending enormous number of messages to deny the services to a group of users or to an individual. Session-based messaging is facing threats such as invite flooding attack, session modification attack, and session teardown attack. In this paper, we developed a security mechanism, consisting of three layers, to secure the messaging service from flooding attacks and session-based attacks and the like. The simulation results show a good improvement in the existing security mechanism of the IMS-based instant messaging service.

Realization of Call-Back Authentication (CBA) for secure web to cellular phone SMS communication

In order to provide essential data services, the cellular networks have opened interface with Internet enabling communication with the users beyond the coverage of their wireless signals across the globe. Besides economical expansion of the global system for mobile communication (GSM) services, this interface has given birth to new security challenges. Especially recent research has divulged that an adversary equipped with little more than a cable modem can block all voice communication in a metropolitan area or even in entire country of the size of USA by sending enormous short message service (SMS) traffic via Internet. To overcome this threat in particular and other client-server communication problems in general, a new secure protocol, Call-Back Authentication (CBA), for web to phone SMS communication is proposed. The protocol introduces two-tier server architecture and pulls data traffic control (PDTC) mechanism for secure communication. The protocol is aimed to throat-knot malicious traffic at GSM-Internet interface gateway. The results show that the CBA protocol secures all GSM services from Internet originated SMS floods. Moreover the authentication mechanism of the CBA protocol identifies and blocks the spoofed as well as the zombie requests. The CBA server requires lesser resources to deliver SMS as compared to existing mechanism.