Michael Hirschbichler

Evaluating Performance Characteristics of SIP over IPv6

Due to the ongoing massive growth of the global Internet, the rising integration of Voice over IP (VoIP) services and the Fixed Mobile Convergence (FMC), the IPv6 protocol and the Session Initiation Protocol (SIP) are key technologies for the realization of next generation communications. For both topics, IPv6 and SIP, a lot of self-contained research has been done. However, the challenge of SIP over IPv6 as well as related issues and performance impacts were not considered so far. In this article, we close this gap and draw attention to theoretical and practical aspects of the integration of SIP and IPv6, referred to as SIPv6. In this context our special interest concerns the interworking of heterogeneous IP networks during the transition from IPv4 to IPv6 and their ramifications on the VoIP service. Inevitably, during this period of co-existence the available transition techniques have an impact on the network and application performance. To quantify this impact, we set up a SIPv6 VoIP testbed and measured the performance penalties introduced by four selected transition techniques. We characterize the performance of transition scenarios compared to native scenarios by presenting measurement results and gained insights. Our study reveals individual pros and cons of transition technologies and their available implementations.

Using E-Mail SPAM DNS Blacklists for Qualifying the SPAM-over-Internet-Telephony Probability of a SIP Call

SPIT is an upcoming threat for receiving unsolicited messages in Voice over IP systems. We assume, that future SPIT will be sent through the same infrastructure as SPAM today, namely through a network of compromised hosts. Therefore spammers will see SPIT as an additional business case. In this paper we show a viable way to increase the hit rate of a SPIT detection system. Our proposal is to query e-mail SPAM blacklists for IP addresses which are sent with SIP/SDP messages. We enabled a well-established e-mail filter application to handle information out of these messages. We also present the performance of such a solution with respect to call setup delays and success rates.

Mobile SIP: An Empirical Study on SIP Retransmission Timers in HSPA 3G Networks

Mobile packet-switched voice must replace mobile circuit-switched voice latest with the large-scale deployment of LTE. However, short-term full-area LTE coverage is highly unlikely, handover to and interworking with 3G HSPA networks being a must. This raises the question of how the Session Initiation Protocol SIP performs in today’s HSPA networks.

An Architectural and Evaluative Review of Implicit and Explicit SIP Overload Handling

Last years trend to migrate circuit-switched voice networks to packet switched Internet Protocol IP based networks has favored wide deployment of Session Initiation Protocol SIP based systems and networks. As a reaction to large-scale SIP deployment experiences in the field and the need to implement high availability and reliability within these new networks, the focus of SIP extension standardization has shifted from adding new SIP signaling functionality to operational and maintenance aspects, a particular importance being attributed to overload control. Overload denotes a situation in which the traffic injected into a system exceeds the systems designed capacity. The authors present a detailed categorization of overload architectures and outline main reasons why SIP-based networks are at high risk to collapse when operating at overload. Using measurements in a real SIP infrastructure this paper compares the performance of two overload protection schemes, namely implicit and explicit overload protection, against the performance of non-protected systems. The measurement results recommend overload protection as a mandatory component of commercial SIP deployments to safeguard operation and prevent system collapse in case of overload.

IMS security and what we should learn from the Internet

ZusammenfassungDas IP Multimedia Subsystem (IMS) stellt eine gemeinsame Anstrengung der Standardisierungsgremien für Festnetz- und Mobilkommunikation dar, deren Ziele sowohl die Entwicklung einer neuen Architektur für Betreibernetze als auch die Unterstützung zukünftiger Dienste sind. In diesem Artikel geben wir einen Überblick über die Implikationen der aus dem Internet bekannten Sicherheitsproblematiken. Wir analysieren die Sicherheitsanforderungen einer IMS-basierten Netzarchitektur und zeigen mögliche Lösungsansätze auf. Wir kommen zu dem Schluss, dass für eine sichere IMS-Umgebung ein über die Standardisierung hinausgehendes Maß an Netzüberwachung unbedingt notwendig ist, damit die grundlegende Funktionalität sicher gewährleistet werden kann.SummaryThe IP Multimedia Subsystem (IMS) was developed by a common initiative of the standardization bodies 3GPP and ETSI TISPAN with the aim to provide a platform for fixed and mobile network operators that supports future communication services. In this article we give an overview about the implications that security threats already known from the Internet have on IMS. We analyze the security requirements of an IMS based network architecture and describe possible security solutions. Finally, we argue that for a secure IMS environment extensive traffic monitoring is required in order to provide IMS-based services in a secure manner.

Performance Evaluation of SIPv6 Transitioning

Due to the continuous massive growth of the global Internet, available IPv4 network addresses will run out within the next years. The solution to this problem is the IPv6 protocol with its vast address space. During the transition period from IPv4 to IPv6, both protocols will coexist, which makes it necessary to have transition techniques in place to maintain interoperability. These transition techniques have an inevitable impact on network performance. To quantify this impact, we set up a testbed to measure the performance penalties introduced by four transition techniques. In general, measurements of the transition performance can be carried out on different layers. The decision to pick the session initiation protocol (SIP) as application layer protocol is based on the fact that voice over IP may be one of the major drivers for IPv6. This paper presents measurement results and conclusions for transition and native scenarios that we gained in performance studies.

Stop the Flood – Perimeter Security- and Overload- Pre-evaluation in Carrier Grade VoIP Infrastructures

With the upcoming introduction of the Session Initiation Protocol to carrier grade telecommunication infrastructures, the threat of attacks is increasing massively. Multiple types of unsolicited communication, like high and low rate Denial-of-Service attacks as well as Spam over Internet Telephony driven by Botnets will be an upcoming risk for all telecommunication operators.