Abstract
In multimedia wireless networks, VoIP (voice over internet protocol) technology is commonly used to compress the voice information based on a various type of coding techniques, transform it to the packet data, and transmit with real time on IP network. Since the VoIP network is often faced by external threats, a number of security failures may occur at each level of end-user, server and service provider. In this paper we focus on an intrusion tolerant architecture combined an IMS (IP multimedia subsystem), which is a information management middleware developed by IBM Inc., with the VoIP network system. More specifically, we describe the stochastic behavior of the IMS-based VoIP network systems with/without intrusion tolerant mechanism by semi-Markov processes, and evaluate quantitatively their security effects and robustness in terms of both service availability and mean time to security failure.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Bai, Y., Vuong, S.: A survey of VoIP intrusions and intrusion detection systems. In: Proceedings of 6th International Conference on Advanced Communication Technology (ICACT 2004), pp. 317–322. IEEE CS Press, Los Alamitos (2004)
Chan, C.K., Pant, H.: Reliability and security modeling in upgrading wireless backbone networks. Bell Labs Technical Journal 8(4), 39–53 (2004)
Deswarte, Y., Blain, L., Fabre, J.C.: Intrusion tolerance in distributed computing systems. In: Proceedings of 1991 IEEE Symposium on Research in Security and Privacy, pp. 110–121. IEEE CS Press, Los Alamitos (1991)
Deswarte, Y., Powell, D.: Internet security: an intrusion torelance approach. Proceedings of the IEEE 94(2), 432–441 (2006)
Goseva-Popstojanova, K., Wang, F., Wang, R., Gong, F., Vaidyanathan, K., Trivedi, K., Muthusamy, B.: Characterizing intrusion tolerant systems using a state transition model. In: DARPA Information Survivability Conference and Exposition (DISCEX II), vol. 2, pp. 211–221 (2001)
Guputa, V., et al.: Dependability and performance evaluation of intrusion-tolerant server architectures. In: de Lemos, R., Weber, T.S., Camargo Jr., J.B. (eds.) LADC 2003. LNCS, vol. 2847, pp. 81–101. Springer, Heidelberg (2003)
Jonsson, E., Olovsson, T.: A quantitative model of the security intrusion process based on attacker behavior. IEEE Transactions on Software Engineering 23(4), 235–245 (1997)
Littlewood, B., Brocklehurst, S., Fenton, N., Mellor, P., Page, S., Wright, D., Doboson, J., McDermid, J., Gollmann, D.: Towards operational measures of computer security. Journal of Computer Security 2(2/3), 211–229 (1993)
Liu, P.: Architectures for intrusion tolerant database systems. In: Proceedings of 18th Annual Computer Security Applications Conference (ACSAC 2002), pp. 311–320. IEEE CS Press, Los Alamitos (2002)
Liu, P., Jing, J., Luenam, P., Wang, Y., Li, L., Ingsriswang, S.: The design and implementation of a self-healing database system. Journal of Intelligent Information Systems 23(3), 247–269 (2004)
Madan, B.B., Goseva-Popstojanova, K., Vaidyanathan, K., Trivedi, K.S.: Modeling and quantification of security attributes of software systems. In: Proceedings of 32nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2002), pp. 505–514. IEEE CS Press, Los Alamitos (2002)
Madan, B.B., Goseva-Popstojanova, K., Vaidyanathan, K., Trivedi, K.S.: A method for modeling and quantifying the security attributes of intrusion tolerant systems. Performance Evaluation 56(1/4), 167–186 (2004)
Ortalo, R., Deswarte, Y., Kaaniche, M.: Experimenting with quantitative evaluation tools for monitoring operational security. IEEE Transactions on Software Engineering 25(5), 633–650 (1999)
Pant, H., McGee, A.R., Chandrashekhar, U., Richman, S.H.: Optimal availability and security for IMS-based VoIP networks. Bell Labs Technical Journal 11(3), 211–223 (2006)
Sengar, H., Wijesekera, D., Wang, H., Jajodia, S.: VoIP intrusion detection through interacting protocol state machines. In: Proceedings of 36th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2006), pp. 393–402. IEEE CS Press, Los Alamitos (2006)
Singh, S., Cukier, M., Sanders, W.H.: Probabilistic validation of an intrusion tolerant replication system. In: Proceedings of 33rd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2003), pp. 615–624. IEEE CS Press, Los Alamitos (2003)
Stevens, F., Courtney, T., Singh, S., Agbaria, A., Meyer, J.F., Sanders, W.H., Pal, P.: Model-based validation of an intrusion-tolerant information system. In: Proceedings of 23rd IEEE Reliable Distributed Systems Symposium (SRDS 2004), pp. 184–194. IEEE CS Press, Los Alamitos (2004)
Stroud, R., Welch, I., Warne, J., Ryan, P.: A qualitative analysis of the intrusion-tolerant capabilities of the MAFTIA architecture. In: Proceedings of 34th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2004), pp. 453–461. IEEE CS Press, Los Alamitos (2004)
Uemura, T., Dohi, T.: Quantitative evaluation of intrusion tolerant systems subject to DoS attacks via semi-Markov cost models. In: Denko, M.K., Shih, C.-s., Li, K.-C., Tsao, S.-L., Zeng, Q.-A., Park, S.H., Ko, Y.-B., Hung, S.-H., Park, J.-H. (eds.) EUC-WS 2007. LNCS, vol. 4809, pp. 31–42. Springer, Heidelberg (2007)
Uemura, T., Dohi, T.: Optimizing security measures in an intrusion tolerant database system. In: Nanya, T., Maruyama, F., Pataricza, A., Malek, M. (eds.) ISAS 2008. LNCS, vol. 5017, pp. 26–42. Springer, Heidelberg (2008)
Uemura, T., Dohi, T.: Optimal security patch management policies maximizing system availability. Journal of Communications (to appear)
Verissimo, P.E., Neves, N.F., Correia, M.: Intrusion-tolerant architectures: concepts and design. In: de Lemos, R., Gacek, C., Romanovsky, A. (eds.) Architecting Dependable Systems. LNCS, vol. 2677, pp. 3–36. Springer, Heidelberg (2003)
Verissimo, P.E., Neves, N.F., Cachin, C., Poritz, J., Powell, D., Deswarte, Y., Stroud, R., Welch, I.: Intrusion-tolerant middleware. IEEE Security and Privacy 4(4), 54–62 (2006)
Wang, F., Gong, F., Sargor, C., Goseva-Popstojanova, K., Trivedi, K., Jou, F.: SITAR: A scalable intrusion-tolerant architecture for distributed services. In: Proceedings of 2nd Annual IEEE Systems, Man and Cybernetics, Information Assurance Workshop, West Point, NY (June 2001)
Wang, H., Liu, P.: Modeling and evaluating the survivability of an intrusion tolerant database system. In: Gollmann, D., Meier, J., Sabelfeld, A. (eds.) ESORICS 2006. LNCS, vol. 4189, pp. 207–224. Springer, Heidelberg (2006)
Wu, Y.-S., Bagchi, S., Garg, S., Singh, N., Tsai, T.: SCIDIVE: a stateful and cross protocol intrusion detection architecture for voice-over-IP environments. In: Proceedings of 34th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2004), pp. 433–442. IEEE CS Press, Los Alamitos (2004)
Yu, M., Liu, P., Zang, W.: Self-healing workflow systems under attacks. In: Proceedings of 24th International Conference on Distributed Computing Systems (ICDCS 2004), pp. 418–425. IEEE CS Press, Los Alamitos (2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Uemura, T., Dohi, T., Kaio, N. (2010). Availability Analysis of an IMS-Based VoIP Network System. In: Taniar, D., Gervasi, O., Murgante, B., Pardede, E., Apduhan, B.O. (eds) Computational Science and Its Applications – ICCSA 2010. ICCSA 2010. Lecture Notes in Computer Science, vol 6019. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12189-0_39
Download citation
DOI: https://doi.org/10.1007/978-3-642-12189-0_39
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12188-3
Online ISBN: 978-3-642-12189-0
eBook Packages: Computer ScienceComputer Science (R0)