Remote fidelity of Container-Based Network Emulators
- Authors: Peach, Schalk Willem
- Date: 2021-10-29
- Subjects: Computer networks Security measures , Intrusion detection systems (Computer security) , Computer security , Host-based intrusion detection systems (Computer security) , Emulators (Computer programs) , Computer network protocols , Container-Based Network Emulators (CBNEs) , Network Experimentation Platforms (NEPs)
- Language: English
- Type: Master's theses , text
- Identifier: http://hdl.handle.net/10962/192141 , vital:45199
- Description: This thesis examines if Container-Based Network Emulators (CBNEs) are able to instantiate emulated nodes that provide sufficient realism to be used in information security experiments. The realism measure used is based on the information available from the point of view of a remote attacker. During the evaluation of a Container-Based Network Emulator (CBNE) as a platform to replicate production networks for information security experiments, it was observed that nmap fingerprinting returned Operating System (OS) family and version results inconsistent with that of the host Operating System (OS). CBNEs utilise Linux namespaces, the technology used for containerisation, to instantiate \emulated" hosts for experimental networks. Linux containers partition resources of the host OS to create lightweight virtual machines that share a single OS kernel. As all emulated hosts share the same kernel in a CBNE network, there is a reasonable expectation that the fingerprints of the host OS and emulated hosts should be the same. Based on how CBNEs instantiate emulated networks and that fingerprinting returned inconsistent results, it was hypothesised that the technologies used to construct CBNEs are capable of influencing fingerprints generated by utilities such as nmap. It was predicted that hosts emulated using different CBNEs would show deviations in remotely generated fingerprints when compared to fingerprints generated for the host OS. An experimental network consisting of two emulated hosts and a Layer 2 switch was instantiated on multiple CBNEs using the same host OS. Active and passive fingerprinting was conducted between the emulated hosts to generate fingerprints and OS family and version matches. Passive fingerprinting failed to produce OS family and version matches as the fingerprint databases for these utilities are no longer maintained. For active fingerprinting the OS family results were consistent between tested systems and the host OS, though OS version results reported was inconsistent. A comparison of the generated fingerprints revealed that for certain CBNEs fingerprint features related to network stack optimisations of the host OS deviated from other CBNEs and the host OS. The hypothesis that CBNEs can influence remotely generated fingerprints was partially confirmed. One CBNE system modified Linux kernel networking options, causing a deviation from fingerprints generated for other tested systems and the host OS. The hypothesis was also partially rejected as the technologies used by CBNEs do not influence the remote fidelity of emulated hosts. , Thesis (MSc) -- Faculty of Science, Computer Science, 2021
- Full Text:
- Date Issued: 2021-10-29
- Authors: Peach, Schalk Willem
- Date: 2021-10-29
- Subjects: Computer networks Security measures , Intrusion detection systems (Computer security) , Computer security , Host-based intrusion detection systems (Computer security) , Emulators (Computer programs) , Computer network protocols , Container-Based Network Emulators (CBNEs) , Network Experimentation Platforms (NEPs)
- Language: English
- Type: Master's theses , text
- Identifier: http://hdl.handle.net/10962/192141 , vital:45199
- Description: This thesis examines if Container-Based Network Emulators (CBNEs) are able to instantiate emulated nodes that provide sufficient realism to be used in information security experiments. The realism measure used is based on the information available from the point of view of a remote attacker. During the evaluation of a Container-Based Network Emulator (CBNE) as a platform to replicate production networks for information security experiments, it was observed that nmap fingerprinting returned Operating System (OS) family and version results inconsistent with that of the host Operating System (OS). CBNEs utilise Linux namespaces, the technology used for containerisation, to instantiate \emulated" hosts for experimental networks. Linux containers partition resources of the host OS to create lightweight virtual machines that share a single OS kernel. As all emulated hosts share the same kernel in a CBNE network, there is a reasonable expectation that the fingerprints of the host OS and emulated hosts should be the same. Based on how CBNEs instantiate emulated networks and that fingerprinting returned inconsistent results, it was hypothesised that the technologies used to construct CBNEs are capable of influencing fingerprints generated by utilities such as nmap. It was predicted that hosts emulated using different CBNEs would show deviations in remotely generated fingerprints when compared to fingerprints generated for the host OS. An experimental network consisting of two emulated hosts and a Layer 2 switch was instantiated on multiple CBNEs using the same host OS. Active and passive fingerprinting was conducted between the emulated hosts to generate fingerprints and OS family and version matches. Passive fingerprinting failed to produce OS family and version matches as the fingerprint databases for these utilities are no longer maintained. For active fingerprinting the OS family results were consistent between tested systems and the host OS, though OS version results reported was inconsistent. A comparison of the generated fingerprints revealed that for certain CBNEs fingerprint features related to network stack optimisations of the host OS deviated from other CBNEs and the host OS. The hypothesis that CBNEs can influence remotely generated fingerprints was partially confirmed. One CBNE system modified Linux kernel networking options, causing a deviation from fingerprints generated for other tested systems and the host OS. The hypothesis was also partially rejected as the technologies used by CBNEs do not influence the remote fidelity of emulated hosts. , Thesis (MSc) -- Faculty of Science, Computer Science, 2021
- Full Text:
- Date Issued: 2021-10-29
An analysis of the use of DNS for malicious payload distribution
- Authors: Dube, Ishmael
- Date: 2019
- Subjects: Internet domain names , Computer networks -- Security measures , Computer security , Computer network protocols , Data protection
- Language: English
- Type: text , Thesis , Masters , MSc
- Identifier: http://hdl.handle.net/10962/97531 , vital:31447
- Description: The Domain Name System (DNS) protocol is a fundamental part of Internet activities that can be abused by cybercriminals to conduct malicious activities. Previous research has shown that cybercriminals use different methods, including the DNS protocol, to distribute malicious content, remain hidden and avoid detection from various technologies that are put in place to detect anomalies. This allows botnets and certain malware families to establish covert communication channels that can be used to send or receive data and also distribute malicious payloads using the DNS queries and responses. Cybercriminals use the DNS to breach highly protected networks, distribute malicious content, and exfiltrate sensitive information without being detected by security controls put in place by embedding certain strings in DNS packets. This research undertaking broadens this research field and fills in the existing research gap by extending the analysis of DNS being used as a payload distribution channel to detection of domains that are used to distribute different malicious payloads. This research undertaking analysed the use of the DNS in detecting domains and channels that are used for distributing malicious payloads. Passive DNS data which replicate DNS queries on name servers to detect anomalies in DNS queries was evaluated and analysed in order to detect malicious payloads. The research characterises the malicious payload distribution channels by analysing passive DNS traffic and modelling the DNS query and response patterns. The research found that it is possible to detect malicious payload distribution channels through the analysis of DNS TXT resource records.
- Full Text:
- Date Issued: 2019
- Authors: Dube, Ishmael
- Date: 2019
- Subjects: Internet domain names , Computer networks -- Security measures , Computer security , Computer network protocols , Data protection
- Language: English
- Type: text , Thesis , Masters , MSc
- Identifier: http://hdl.handle.net/10962/97531 , vital:31447
- Description: The Domain Name System (DNS) protocol is a fundamental part of Internet activities that can be abused by cybercriminals to conduct malicious activities. Previous research has shown that cybercriminals use different methods, including the DNS protocol, to distribute malicious content, remain hidden and avoid detection from various technologies that are put in place to detect anomalies. This allows botnets and certain malware families to establish covert communication channels that can be used to send or receive data and also distribute malicious payloads using the DNS queries and responses. Cybercriminals use the DNS to breach highly protected networks, distribute malicious content, and exfiltrate sensitive information without being detected by security controls put in place by embedding certain strings in DNS packets. This research undertaking broadens this research field and fills in the existing research gap by extending the analysis of DNS being used as a payload distribution channel to detection of domains that are used to distribute different malicious payloads. This research undertaking analysed the use of the DNS in detecting domains and channels that are used for distributing malicious payloads. Passive DNS data which replicate DNS queries on name servers to detect anomalies in DNS queries was evaluated and analysed in order to detect malicious payloads. The research characterises the malicious payload distribution channels by analysing passive DNS traffic and modelling the DNS query and response patterns. The research found that it is possible to detect malicious payload distribution channels through the analysis of DNS TXT resource records.
- Full Text:
- Date Issued: 2019
An analysis of the risk exposure of adopting IPV6 in enterprise networks
- Authors: Berko, Istvan Sandor
- Date: 2015
- Subjects: International Workshop on Deploying the Future Infrastructure , Computer networks , Computer networks -- Security measures , Computer network protocols
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4722 , http://hdl.handle.net/10962/d1018918
- Description: The IPv6 increased address pool presents changes in resource impact to the Enterprise that, if not adequately addressed, can change risks that are locally significant in IPv4 to risks that can impact the Enterprise in its entirety. The expected conclusion is that the IPv6 environment will impose significant changes in the Enterprise environment - which may negatively impact organisational security if the IPv6 nuances are not adequately addressed. This thesis reviews the risks related to the operation of enterprise networks with the introduction of IPv6. The global trends are discussed to provide insight and background to the IPv6 research space. Analysing the current state of readiness in enterprise networks, quantifies the value of developing this thesis. The base controls that should be deployed in enterprise networks to prevent the abuse of IPv6 through tunnelling and the protection of the enterprise access layer are discussed. A series of case studies are presented which identify and analyse the impact of certain changes in the IPv6 protocol on the enterprise networks. The case studies also identify mitigation techniques to reduce risk.
- Full Text:
- Date Issued: 2015
- Authors: Berko, Istvan Sandor
- Date: 2015
- Subjects: International Workshop on Deploying the Future Infrastructure , Computer networks , Computer networks -- Security measures , Computer network protocols
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4722 , http://hdl.handle.net/10962/d1018918
- Description: The IPv6 increased address pool presents changes in resource impact to the Enterprise that, if not adequately addressed, can change risks that are locally significant in IPv4 to risks that can impact the Enterprise in its entirety. The expected conclusion is that the IPv6 environment will impose significant changes in the Enterprise environment - which may negatively impact organisational security if the IPv6 nuances are not adequately addressed. This thesis reviews the risks related to the operation of enterprise networks with the introduction of IPv6. The global trends are discussed to provide insight and background to the IPv6 research space. Analysing the current state of readiness in enterprise networks, quantifies the value of developing this thesis. The base controls that should be deployed in enterprise networks to prevent the abuse of IPv6 through tunnelling and the protection of the enterprise access layer are discussed. A series of case studies are presented which identify and analyse the impact of certain changes in the IPv6 protocol on the enterprise networks. The case studies also identify mitigation techniques to reduce risk.
- Full Text:
- Date Issued: 2015
An investigation of parameter relationships in a high-speed digital multimedia environment
- Authors: Chigwamba, Nyasha
- Date: 2014
- Subjects: Multimedia communications , Digital communications , Local area networks (Computer networks) , Computer network architectures , Computer network protocols , Computer sound processing , Sound -- Recording and reproducing -- Digital techniques
- Language: English
- Type: Thesis , Doctoral , PhD
- Identifier: vital:4725 , http://hdl.handle.net/10962/d1021153
- Description: With the rapid adoption of multimedia network technologies, a number of companies and standards bodies are introducing technologies that enhance user experience in networked multimedia environments. These technologies focus on device discovery, connection management, control, and monitoring. This study focused on control and monitoring. Multimedia networks make it possible for devices that are part of the same network to reside in different physical locations. These devices contain parameters that are used to control particular features, such as speaker volume, bass, amplifier gain, and video resolution. It is often necessary for changes in one parameter to affect other parameters, such as a synchronised change between volume and bass parameters, or collective control of multiple parameters. Thus, relationships are required between the parameters. In addition, some devices contain parameters, such as voltage, temperature, and audio level, that require constant monitoring to enable corrective action when thresholds are exceeded. Therefore, a mechanism for monitoring networked devices is required. This thesis proposes relationships that are essential for the proper functioning of a multimedia network and that should, therefore, be incorporated in standard form into a protocol, such that all devices can depend on them. Implementation mechanisms for these relationships were created. Parameter grouping and monitoring capabilities within mixing console implementations and existing control protocols were reviewed. A number of requirements for parameter grouping and monitoring were derived from this review. These requirements include a formal classification of relationship types, the ability to create relationships between parameters with different underlying value units, the ability to create relationships between parameters residing on different devices on a network, and the use of an event-driven mechanism for parameter monitoring. These requirements were the criteria used to govern the implementation mechanisms that were created as part of this study. Parameter grouping and monitoring mechanisms were implemented for the XFN protocol. The mechanisms implemented fulfil the requirements derived from the review of capabilities of mixing consoles and existing control protocols. The formal classification of relationship types was implemented within XFN parameters using lists that keep track of the relationships between each XFN parameter and other XFN parameters that reside on the same device or on other devices on the network. A common value unit, known as the global unit, was defined for use as the value format within value update messages between XFN parameters that have relationships. Mapping tables were used to translate the global unit values to application-specific (universal) units, such as decibels (dB). A mechanism for bulk parameter retrieval within the XFN protocol was augmented to produce an event-driven mechanism for parameter monitoring. These implementation mechanisms were applied to an XFN-protocol-compliant graphical control application to demonstrate their usage within an end user context. At the time of this study, the XFN protocol was undergoing standardisation within the Audio Engineering Society. The AES-64 standard has now been approved. Most of the implementation mechanisms resulting from this study have been incorporated into this standard.
- Full Text:
- Date Issued: 2014
- Authors: Chigwamba, Nyasha
- Date: 2014
- Subjects: Multimedia communications , Digital communications , Local area networks (Computer networks) , Computer network architectures , Computer network protocols , Computer sound processing , Sound -- Recording and reproducing -- Digital techniques
- Language: English
- Type: Thesis , Doctoral , PhD
- Identifier: vital:4725 , http://hdl.handle.net/10962/d1021153
- Description: With the rapid adoption of multimedia network technologies, a number of companies and standards bodies are introducing technologies that enhance user experience in networked multimedia environments. These technologies focus on device discovery, connection management, control, and monitoring. This study focused on control and monitoring. Multimedia networks make it possible for devices that are part of the same network to reside in different physical locations. These devices contain parameters that are used to control particular features, such as speaker volume, bass, amplifier gain, and video resolution. It is often necessary for changes in one parameter to affect other parameters, such as a synchronised change between volume and bass parameters, or collective control of multiple parameters. Thus, relationships are required between the parameters. In addition, some devices contain parameters, such as voltage, temperature, and audio level, that require constant monitoring to enable corrective action when thresholds are exceeded. Therefore, a mechanism for monitoring networked devices is required. This thesis proposes relationships that are essential for the proper functioning of a multimedia network and that should, therefore, be incorporated in standard form into a protocol, such that all devices can depend on them. Implementation mechanisms for these relationships were created. Parameter grouping and monitoring capabilities within mixing console implementations and existing control protocols were reviewed. A number of requirements for parameter grouping and monitoring were derived from this review. These requirements include a formal classification of relationship types, the ability to create relationships between parameters with different underlying value units, the ability to create relationships between parameters residing on different devices on a network, and the use of an event-driven mechanism for parameter monitoring. These requirements were the criteria used to govern the implementation mechanisms that were created as part of this study. Parameter grouping and monitoring mechanisms were implemented for the XFN protocol. The mechanisms implemented fulfil the requirements derived from the review of capabilities of mixing consoles and existing control protocols. The formal classification of relationship types was implemented within XFN parameters using lists that keep track of the relationships between each XFN parameter and other XFN parameters that reside on the same device or on other devices on the network. A common value unit, known as the global unit, was defined for use as the value format within value update messages between XFN parameters that have relationships. Mapping tables were used to translate the global unit values to application-specific (universal) units, such as decibels (dB). A mechanism for bulk parameter retrieval within the XFN protocol was augmented to produce an event-driven mechanism for parameter monitoring. These implementation mechanisms were applied to an XFN-protocol-compliant graphical control application to demonstrate their usage within an end user context. At the time of this study, the XFN protocol was undergoing standardisation within the Audio Engineering Society. The AES-64 standard has now been approved. Most of the implementation mechanisms resulting from this study have been incorporated into this standard.
- Full Text:
- Date Issued: 2014
Service provisioning in two open-source SIP implementation, cinema and vocal
- Authors: Hsieh, Ming Chih
- Date: 2013-06-18
- Subjects: Real-time data processing , Computer network protocols , Internet telephony , Digital telephone systems , Communication -- Technological innovations
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4687 , http://hdl.handle.net/10962/d1008195 , Real-time data processing , Computer network protocols , Internet telephony , Digital telephone systems , Communication -- Technological innovations
- Description: The distribution of real-time multimedia streams is seen nowadays as the next step forward for the Internet. One of the most obvious uses of such streams is to support telephony over the Internet, replacing and improving traditional telephony. This thesis investigates the development and deployment of services in two Internet telephony environments, namely CINEMA (Columbia InterNet Extensible Multimedia Architecture) and VOCAL (Vovida Open Communication Application Library), both based on the Session Initiation Protocol (SIP) and open-sourced. A classification of services is proposed, which divides services into two large groups: basic and advanced services. Basic services are services such as making point-to-point calls, registering with the server and making calls via the server. Any other service is considered an advanced service. Advanced services are defined by four categories: Call Related, Interactive, Internetworking and Hybrid. New services were implemented for the Call Related, Interactive and Internetworking categories. First, features involving call blocking, call screening and missed calls were implemented in the two environments in order to investigate Call-related services. Next, a notification feature was implemented in both environments in order to investigate Interactive services. Finally, a translator between MGCP and SIP was developed to investigate an Internetworking service in the VOCAL environment. The practical implementation of the new features just described was used to answer questions about the location of the services, as well as the level of required expertise and the ease or difficulty experienced in creating services in each of the two environments. , KMBT_363 , Adobe Acrobat 9.54 Paper Capture Plug-in
- Full Text:
- Authors: Hsieh, Ming Chih
- Date: 2013-06-18
- Subjects: Real-time data processing , Computer network protocols , Internet telephony , Digital telephone systems , Communication -- Technological innovations
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4687 , http://hdl.handle.net/10962/d1008195 , Real-time data processing , Computer network protocols , Internet telephony , Digital telephone systems , Communication -- Technological innovations
- Description: The distribution of real-time multimedia streams is seen nowadays as the next step forward for the Internet. One of the most obvious uses of such streams is to support telephony over the Internet, replacing and improving traditional telephony. This thesis investigates the development and deployment of services in two Internet telephony environments, namely CINEMA (Columbia InterNet Extensible Multimedia Architecture) and VOCAL (Vovida Open Communication Application Library), both based on the Session Initiation Protocol (SIP) and open-sourced. A classification of services is proposed, which divides services into two large groups: basic and advanced services. Basic services are services such as making point-to-point calls, registering with the server and making calls via the server. Any other service is considered an advanced service. Advanced services are defined by four categories: Call Related, Interactive, Internetworking and Hybrid. New services were implemented for the Call Related, Interactive and Internetworking categories. First, features involving call blocking, call screening and missed calls were implemented in the two environments in order to investigate Call-related services. Next, a notification feature was implemented in both environments in order to investigate Interactive services. Finally, a translator between MGCP and SIP was developed to investigate an Internetworking service in the VOCAL environment. The practical implementation of the new features just described was used to answer questions about the location of the services, as well as the level of required expertise and the ease or difficulty experienced in creating services in each of the two environments. , KMBT_363 , Adobe Acrobat 9.54 Paper Capture Plug-in
- Full Text:
Deploying DNSSEC in islands of security
- Authors: Murisa, Wesley Vengayi
- Date: 2013 , 2013-03-31
- Subjects: Internet domain names , Computer security , Computer network protocols , Computer security -- Africa
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4577 , http://hdl.handle.net/10962/d1003053 , Internet domain names , Computer security , Computer network protocols , Computer security -- Africa
- Description: The Domain Name System (DNS), a name resolution protocol is one of the vulnerable network protocols that has been subjected to many security attacks such as cache poisoning, denial of service and the 'Kaminsky' spoofing attack. When DNS was designed, security was not incorporated into its design. The DNS Security Extensions (DNSSEC) provides security to the name resolution process by using public key cryptosystems. Although DNSSEC has backward compatibility with unsecured zones, it only offers security to clients when communicating with security aware zones. Widespread deployment of DNSSEC is therefore necessary to secure the name resolution process and provide security to the Internet. Only a few Top Level Domains (TLD's) have deployed DNSSEC, this inherently makes it difficult for their sub-domains to implement the security extensions to the DNS. This study analyses mechanisms that can be used by domains in islands of security to deploy DNSSEC so that the name resolution process can be secured in two specific cases where either the TLD is not signed or the domain registrar is not able to support signed domains. The DNS client side mechanisms evaluated in this study include web browser plug-ins, local validating resolvers and domain look-aside validation. The results of the study show that web browser plug-ins cannot work on their own without local validating resolvers. The web browser validators, however, proved to be useful in indicating to the user whether a domain has been validated or not. Local resolvers present a more secure option for Internet users who cannot trust the communication channel between their stub resolvers and remote name servers. However, they do not provide a way of showing the user whether a domain name has been correctly validated or not. Based on the results of the tests conducted, it is recommended that local validators be used with browser validators for visibility and improved security. On the DNS server side, Domain Look-aside Validation (DLV) presents a viable alternative for organizations in islands of security like most countries in Africa where only two country code Top Level Domains (ccTLD) have deployed DNSSEC. This research recommends use of DLV by corporates to provide DNS security to both internal and external users accessing their web based services. , LaTeX with hyperref package , pdfTeX-1.40.10
- Full Text:
- Date Issued: 2013
- Authors: Murisa, Wesley Vengayi
- Date: 2013 , 2013-03-31
- Subjects: Internet domain names , Computer security , Computer network protocols , Computer security -- Africa
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4577 , http://hdl.handle.net/10962/d1003053 , Internet domain names , Computer security , Computer network protocols , Computer security -- Africa
- Description: The Domain Name System (DNS), a name resolution protocol is one of the vulnerable network protocols that has been subjected to many security attacks such as cache poisoning, denial of service and the 'Kaminsky' spoofing attack. When DNS was designed, security was not incorporated into its design. The DNS Security Extensions (DNSSEC) provides security to the name resolution process by using public key cryptosystems. Although DNSSEC has backward compatibility with unsecured zones, it only offers security to clients when communicating with security aware zones. Widespread deployment of DNSSEC is therefore necessary to secure the name resolution process and provide security to the Internet. Only a few Top Level Domains (TLD's) have deployed DNSSEC, this inherently makes it difficult for their sub-domains to implement the security extensions to the DNS. This study analyses mechanisms that can be used by domains in islands of security to deploy DNSSEC so that the name resolution process can be secured in two specific cases where either the TLD is not signed or the domain registrar is not able to support signed domains. The DNS client side mechanisms evaluated in this study include web browser plug-ins, local validating resolvers and domain look-aside validation. The results of the study show that web browser plug-ins cannot work on their own without local validating resolvers. The web browser validators, however, proved to be useful in indicating to the user whether a domain has been validated or not. Local resolvers present a more secure option for Internet users who cannot trust the communication channel between their stub resolvers and remote name servers. However, they do not provide a way of showing the user whether a domain name has been correctly validated or not. Based on the results of the tests conducted, it is recommended that local validators be used with browser validators for visibility and improved security. On the DNS server side, Domain Look-aside Validation (DLV) presents a viable alternative for organizations in islands of security like most countries in Africa where only two country code Top Level Domains (ccTLD) have deployed DNSSEC. This research recommends use of DLV by corporates to provide DNS security to both internal and external users accessing their web based services. , LaTeX with hyperref package , pdfTeX-1.40.10
- Full Text:
- Date Issued: 2013
GPF : a framework for general packet classification on GPU co-processors
- Authors: Nottingham, Alastair
- Date: 2012
- Subjects: Graphics processing units , Coprocessors , Computer network protocols , Computer networks -- Security measures , NVIDIA Corporation
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4661 , http://hdl.handle.net/10962/d1006662 , Graphics processing units , Coprocessors , Computer network protocols , Computer networks -- Security measures , NVIDIA Corporation
- Description: This thesis explores the design and experimental implementation of GPF, a novel protocol-independent, multi-match packet classification framework. This framework is targeted and optimised for flexible, efficient execution on NVIDIA GPU platforms through the CUDA API, but should not be difficult to port to other platforms, such as OpenCL, in the future. GPF was conceived and developed in order to accelerate classification of large packet capture files, such as those collected by Network Telescopes. It uses a multiphase SIMD classification process which exploits both the parallelism of packet sets and the redundancy in filter programs, in order to classify packet captures against multiple filters at extremely high rates. The resultant framework - comprised of classification, compilation and buffering components - efficiently leverages GPU resources to classify arbitrary protocols, and return multiple filter results for each packet. The classification functions described were verified and evaluated by testing an experimental prototype implementation against several filter programs, of varying complexity, on devices from three GPU platform generations. In addition to the significant speedup achieved in processing results, analysis indicates that the prototype classification functions perform predictably, and scale linearly with respect to both packet count and filter complexity. Furthermore, classification throughput (packets/s) remained essentially constant regardless of the underlying packet data, and thus the effective data rate when classifying a particular filter was heavily influenced by the average size of packets in the processed capture. For example: in the trivial case of classifying all IPv4 packets ranging in size from 70 bytes to 1KB, the observed data rate achieved by the GPU classification kernels ranged from 60Gbps to 900Gbps on a GTX 275, and from 220Gbps to 3.3Tbps on a GTX 480. In the less trivial case of identifying all ARP, TCP, UDP and ICMP packets for both IPv4 and IPv6 protocols, the effective data rates ranged from 15Gbps to 220Gbps (GTX 275), and from 50Gbps to 740Gbps (GTX 480), for 70B and 1KB packets respectively. , LaTeX with hyperref package
- Full Text:
- Date Issued: 2012
- Authors: Nottingham, Alastair
- Date: 2012
- Subjects: Graphics processing units , Coprocessors , Computer network protocols , Computer networks -- Security measures , NVIDIA Corporation
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4661 , http://hdl.handle.net/10962/d1006662 , Graphics processing units , Coprocessors , Computer network protocols , Computer networks -- Security measures , NVIDIA Corporation
- Description: This thesis explores the design and experimental implementation of GPF, a novel protocol-independent, multi-match packet classification framework. This framework is targeted and optimised for flexible, efficient execution on NVIDIA GPU platforms through the CUDA API, but should not be difficult to port to other platforms, such as OpenCL, in the future. GPF was conceived and developed in order to accelerate classification of large packet capture files, such as those collected by Network Telescopes. It uses a multiphase SIMD classification process which exploits both the parallelism of packet sets and the redundancy in filter programs, in order to classify packet captures against multiple filters at extremely high rates. The resultant framework - comprised of classification, compilation and buffering components - efficiently leverages GPU resources to classify arbitrary protocols, and return multiple filter results for each packet. The classification functions described were verified and evaluated by testing an experimental prototype implementation against several filter programs, of varying complexity, on devices from three GPU platform generations. In addition to the significant speedup achieved in processing results, analysis indicates that the prototype classification functions perform predictably, and scale linearly with respect to both packet count and filter complexity. Furthermore, classification throughput (packets/s) remained essentially constant regardless of the underlying packet data, and thus the effective data rate when classifying a particular filter was heavily influenced by the average size of packets in the processed capture. For example: in the trivial case of classifying all IPv4 packets ranging in size from 70 bytes to 1KB, the observed data rate achieved by the GPU classification kernels ranged from 60Gbps to 900Gbps on a GTX 275, and from 220Gbps to 3.3Tbps on a GTX 480. In the less trivial case of identifying all ARP, TCP, UDP and ICMP packets for both IPv4 and IPv6 protocols, the effective data rates ranged from 15Gbps to 220Gbps (GTX 275), and from 50Gbps to 740Gbps (GTX 480), for 70B and 1KB packets respectively. , LaTeX with hyperref package
- Full Text:
- Date Issued: 2012
Bluetooth audio and video streaming on the J2ME platform
- Authors: Sahd, Curtis Lee
- Date: 2011 , 2010-09-09
- Subjects: Bluetooth technology , Mobile communication systems , Communication -- Technological innovations , Communication -- Network analysis , Wireless communication systems , L2TP (Computer network protocol) , Computer network protocols , Streaming audio , Streaming video
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4633 , http://hdl.handle.net/10962/d1006521 , Bluetooth technology , Mobile communication systems , Communication -- Technological innovations , Communication -- Network analysis , Wireless communication systems , L2TP (Computer network protocol) , Computer network protocols , Streaming audio , Streaming video
- Description: With the increase in bandwidth, more widespread distribution of media, and increased capability of mobile devices, multimedia streaming has not only become feasible, but more economical in terms of space occupied by the media file and the costs involved in attaining it. Although much attention has been paid to peer to peer media streaming over the Internet using HTTP and RTSP, little research has focussed on the use of the Bluetooth protocol for streaming audio and video between mobile devices. This project investigates the feasibility of Bluetooth as a protocol for audio and video streaming between mobile phones using the J2ME platform, through the analysis of Bluetooth protocols, media formats, optimum packet sizes, and the effects of distance on transfer speed. A comparison was made between RFCOMM and L2CAP to determine which protocol could support the fastest transfer speed between two mobile devices. The L2CAP protocol proved to be the most suitable, providing average transfer rates of 136.17 KBps. Using this protocol a second experiment was undertaken to determine the most suitable media format for streaming in terms of: file size, bandwidth usage, quality, and ease of implementation. Out of the eight media formats investigated, the MP3 format provided the smallest file size, smallest bandwidth usage, best quality and highest ease of implementation. Another experiment was conducted to determine the optimum packet size for transfer between devices. A tradeoff was found between packet size and the quality of the sound file, with highest transfer rates being recorded with the MTU size of 668 bytes (136.58 KBps). The class of Bluetooth transmitter typically used in mobile devices (class 2) is considered a weak signal and is adversely affected by distance. As such, the final investigation that was undertaken was aimed at determining the effects of distance on audio streaming and playback. As can be expected, when devices were situated close to each other, the transfer speeds obtained were higher than when devices were far apart. Readings were taken at varying distances (1-15 metres), with erratic transfer speeds observed from 7 metres onwards. This research showed that audio streaming on the J2ME platform is feasible, however using the currently available class of Bluetooth transmitter, video streaming is not feasible. Video files were only playable once the entire media file had been transferred.
- Full Text:
- Date Issued: 2011
- Authors: Sahd, Curtis Lee
- Date: 2011 , 2010-09-09
- Subjects: Bluetooth technology , Mobile communication systems , Communication -- Technological innovations , Communication -- Network analysis , Wireless communication systems , L2TP (Computer network protocol) , Computer network protocols , Streaming audio , Streaming video
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4633 , http://hdl.handle.net/10962/d1006521 , Bluetooth technology , Mobile communication systems , Communication -- Technological innovations , Communication -- Network analysis , Wireless communication systems , L2TP (Computer network protocol) , Computer network protocols , Streaming audio , Streaming video
- Description: With the increase in bandwidth, more widespread distribution of media, and increased capability of mobile devices, multimedia streaming has not only become feasible, but more economical in terms of space occupied by the media file and the costs involved in attaining it. Although much attention has been paid to peer to peer media streaming over the Internet using HTTP and RTSP, little research has focussed on the use of the Bluetooth protocol for streaming audio and video between mobile devices. This project investigates the feasibility of Bluetooth as a protocol for audio and video streaming between mobile phones using the J2ME platform, through the analysis of Bluetooth protocols, media formats, optimum packet sizes, and the effects of distance on transfer speed. A comparison was made between RFCOMM and L2CAP to determine which protocol could support the fastest transfer speed between two mobile devices. The L2CAP protocol proved to be the most suitable, providing average transfer rates of 136.17 KBps. Using this protocol a second experiment was undertaken to determine the most suitable media format for streaming in terms of: file size, bandwidth usage, quality, and ease of implementation. Out of the eight media formats investigated, the MP3 format provided the smallest file size, smallest bandwidth usage, best quality and highest ease of implementation. Another experiment was conducted to determine the optimum packet size for transfer between devices. A tradeoff was found between packet size and the quality of the sound file, with highest transfer rates being recorded with the MTU size of 668 bytes (136.58 KBps). The class of Bluetooth transmitter typically used in mobile devices (class 2) is considered a weak signal and is adversely affected by distance. As such, the final investigation that was undertaken was aimed at determining the effects of distance on audio streaming and playback. As can be expected, when devices were situated close to each other, the transfer speeds obtained were higher than when devices were far apart. Readings were taken at varying distances (1-15 metres), with erratic transfer speeds observed from 7 metres onwards. This research showed that audio streaming on the J2ME platform is feasible, however using the currently available class of Bluetooth transmitter, video streaming is not feasible. Video files were only playable once the entire media file had been transferred.
- Full Text:
- Date Issued: 2011
A proxy approach to protocol interoperability within digital audio networks
- Authors: Igumbor, Osedum Peter
- Date: 2010
- Subjects: Digital communications , Local area networks (Computer networks) , Computer sound processing , Computer networks , Computer network protocols
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4601 , http://hdl.handle.net/10962/d1004852 , Digital communications , Local area networks (Computer networks) , Computer sound processing , Computer networks , Computer network protocols
- Description: Digital audio networks are becoming the preferred solution for the interconnection of professional audio devices. Prominent amongst their advantages are: reduced noise interference, signal multiplexing, and a reduction in the number of cables connecting networked devices. In the context of professional audio, digital networks have been used to connect devices including: mixers, effects units, preamplifiers, breakout boxes, computers, monitoring controllers, and synthesizers. Such networks are governed by protocols that define the connection management rocedures, and device synchronization processes of devices that conform to the protocols. A wide range of digital audio network control protocols exist, each defining specific hardware requirements of devices that conform to them. Device parameter control is achieved by sending a protocol message that indicates the target parameter, and the action that should be performed on the parameter. Typically, a device will conform to only one protocol. By implication, only devices that conform to a specific protocol can communicate with each other, and only a controller that conforms to the protocol can control such devices. This results in the isolation of devices that conform to disparate protocols, since devices of different protocols cannot communicate with each other. This is currently a challenge in the professional music industry, particularly where digital networks are used for audio device control. This investigation seeks to resolve the issue of interoperability between professional audio devices that conform to different digital audio network protocols. This thesis proposes the use of a proxy that allows for the translation of protocol messages, as a solution to the interoperability problem. The proxy abstracts devices of one protocol in terms of another, hence allowing all the networked devices to appear as conforming to the same protocol. The proxy receives messages on behalf of the abstracted device, and then fulfills them in accordance with the protocol that the abstracted device conforms to. Any number of protocol devices can be abstracted within such a proxy. This has the added advantage of allowing a common controller to control devices that conform to the different protocols.
- Full Text:
- Date Issued: 2010
- Authors: Igumbor, Osedum Peter
- Date: 2010
- Subjects: Digital communications , Local area networks (Computer networks) , Computer sound processing , Computer networks , Computer network protocols
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4601 , http://hdl.handle.net/10962/d1004852 , Digital communications , Local area networks (Computer networks) , Computer sound processing , Computer networks , Computer network protocols
- Description: Digital audio networks are becoming the preferred solution for the interconnection of professional audio devices. Prominent amongst their advantages are: reduced noise interference, signal multiplexing, and a reduction in the number of cables connecting networked devices. In the context of professional audio, digital networks have been used to connect devices including: mixers, effects units, preamplifiers, breakout boxes, computers, monitoring controllers, and synthesizers. Such networks are governed by protocols that define the connection management rocedures, and device synchronization processes of devices that conform to the protocols. A wide range of digital audio network control protocols exist, each defining specific hardware requirements of devices that conform to them. Device parameter control is achieved by sending a protocol message that indicates the target parameter, and the action that should be performed on the parameter. Typically, a device will conform to only one protocol. By implication, only devices that conform to a specific protocol can communicate with each other, and only a controller that conforms to the protocol can control such devices. This results in the isolation of devices that conform to disparate protocols, since devices of different protocols cannot communicate with each other. This is currently a challenge in the professional music industry, particularly where digital networks are used for audio device control. This investigation seeks to resolve the issue of interoperability between professional audio devices that conform to different digital audio network protocols. This thesis proposes the use of a proxy that allows for the translation of protocol messages, as a solution to the interoperability problem. The proxy abstracts devices of one protocol in terms of another, hence allowing all the networked devices to appear as conforming to the same protocol. The proxy receives messages on behalf of the abstracted device, and then fulfills them in accordance with the protocol that the abstracted device conforms to. Any number of protocol devices can be abstracted within such a proxy. This has the added advantage of allowing a common controller to control devices that conform to the different protocols.
- Full Text:
- Date Issued: 2010
Extending the reach of personal area networks by transporting Bluetooth communications over IP networks
- Authors: Mackie, David Sean
- Date: 2007 , 2007-03-29
- Subjects: Bluetooth technology , Communication -- Technological innovations , Communication -- Network analysis , TCP/IP (Computer network protocol) , Computer networks , Computer network protocols , Wireless communication systems
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4637 , http://hdl.handle.net/10962/d1006551 , Bluetooth technology , Communication -- Technological innovations , Communication -- Network analysis , TCP/IP (Computer network protocol) , Computer networks , Computer network protocols , Wireless communication systems
- Description: This thesis presents an investigation of how to extend the reach of a Bluetooth personal area network by introducing the concept of Bluetooth Hotspots. Currently two Bluetooth devices cannot communicate with each other unless they are within radio range, since Bluetooth is designed as a cable-replacement technology for wireless communications over short ranges. An investigation was done into the feasibility of creating Bluetooth hotspots that allow distant Bluetooth devices to communicate with each other by transporting their communications between these hotspots via an alternative network infrastructure such as an IP network. Two approaches were investigated, masquerading of remote devices by the local hotspot to allow seamless communications and proxying services on remote devices by providing them on a local hotspot using a distributed service discovery database. The latter approach was used to develop applications capable of transporting Bluetooth’s RFCOMM and L2CAP protocols. Quantitative tests were performed to establish the throughput performance and latency of these transport applications. Furthermore, a number of selected Bluetooth services were tested which lead us to conclude that most data-based protocols can be transported by the system.
- Full Text:
- Date Issued: 2007
- Authors: Mackie, David Sean
- Date: 2007 , 2007-03-29
- Subjects: Bluetooth technology , Communication -- Technological innovations , Communication -- Network analysis , TCP/IP (Computer network protocol) , Computer networks , Computer network protocols , Wireless communication systems
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4637 , http://hdl.handle.net/10962/d1006551 , Bluetooth technology , Communication -- Technological innovations , Communication -- Network analysis , TCP/IP (Computer network protocol) , Computer networks , Computer network protocols , Wireless communication systems
- Description: This thesis presents an investigation of how to extend the reach of a Bluetooth personal area network by introducing the concept of Bluetooth Hotspots. Currently two Bluetooth devices cannot communicate with each other unless they are within radio range, since Bluetooth is designed as a cable-replacement technology for wireless communications over short ranges. An investigation was done into the feasibility of creating Bluetooth hotspots that allow distant Bluetooth devices to communicate with each other by transporting their communications between these hotspots via an alternative network infrastructure such as an IP network. Two approaches were investigated, masquerading of remote devices by the local hotspot to allow seamless communications and proxying services on remote devices by providing them on a local hotspot using a distributed service discovery database. The latter approach was used to develop applications capable of transporting Bluetooth’s RFCOMM and L2CAP protocols. Quantitative tests were performed to establish the throughput performance and latency of these transport applications. Furthermore, a number of selected Bluetooth services were tested which lead us to conclude that most data-based protocols can be transported by the system.
- Full Text:
- Date Issued: 2007
Securing softswitches from malicious attacks
- Authors: Opie, Jake Weyman
- Date: 2007
- Subjects: Internet telephony -- Security measures , Computer networks -- Security measures , Digital telephone systems , Communication -- Technological innovations , Computer network protocols , TCP/IP (Computer network protocol) , Switching theory
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4683 , http://hdl.handle.net/10962/d1007714 , Internet telephony -- Security measures , Computer networks -- Security measures , Digital telephone systems , Communication -- Technological innovations , Computer network protocols , TCP/IP (Computer network protocol) , Switching theory
- Description: Traditionally, real-time communication, such as voice calls, has run on separate, closed networks. Of all the limitations that these networks had, the ability of malicious attacks to cripple communication was not a crucial one. This situation has changed radically now that real-time communication and data have merged to share the same network. The objective of this project is to investigate the securing of softswitches with functionality similar to Private Branch Exchanges (PBX) from malicious attacks. The focus of the project will be a practical investigation of how to secure ILANGA, an ASTERISK-based system under development at Rhodes University. The practical investigation that focuses on ILANGA is based on performing six varied experiments on the different components of ILANGA. Before the six experiments are performed, basic preliminary security measures and the restrictions placed on the access to the database are discussed. The outcomes of these experiments are discussed and the precise reasons why these attacks were either successful or unsuccessful are given. Suggestions of a theoretical nature on how to defend against the successful attacks are also presented.
- Full Text:
- Date Issued: 2007
- Authors: Opie, Jake Weyman
- Date: 2007
- Subjects: Internet telephony -- Security measures , Computer networks -- Security measures , Digital telephone systems , Communication -- Technological innovations , Computer network protocols , TCP/IP (Computer network protocol) , Switching theory
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4683 , http://hdl.handle.net/10962/d1007714 , Internet telephony -- Security measures , Computer networks -- Security measures , Digital telephone systems , Communication -- Technological innovations , Computer network protocols , TCP/IP (Computer network protocol) , Switching theory
- Description: Traditionally, real-time communication, such as voice calls, has run on separate, closed networks. Of all the limitations that these networks had, the ability of malicious attacks to cripple communication was not a crucial one. This situation has changed radically now that real-time communication and data have merged to share the same network. The objective of this project is to investigate the securing of softswitches with functionality similar to Private Branch Exchanges (PBX) from malicious attacks. The focus of the project will be a practical investigation of how to secure ILANGA, an ASTERISK-based system under development at Rhodes University. The practical investigation that focuses on ILANGA is based on performing six varied experiments on the different components of ILANGA. Before the six experiments are performed, basic preliminary security measures and the restrictions placed on the access to the database are discussed. The outcomes of these experiments are discussed and the precise reasons why these attacks were either successful or unsuccessful are given. Suggestions of a theoretical nature on how to defend against the successful attacks are also presented.
- Full Text:
- Date Issued: 2007
Investigating the viability of a framework for small scale, easily deployable and extensible hotspot management systems
- Authors: Thinyane, Mamello P
- Date: 2006
- Subjects: Local area networks (Computer networks) , Computer networks -- Management , Computer network architectures , Computer network protocols , Wireless communication systems , XML (Document markup language)
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4638 , http://hdl.handle.net/10962/d1006553
- Description: The proliferation of PALs (Public Access Locations) is fuelling the development of new standards, protocols, services, and applications for WLANs (Wireless Local Area Networks). PALs are set up at public locations to meet continually changing, multiservice, multi-protocol user requirements. This research investigates the essential infrastructural requirements that will enable further proliferation of PALs, and consequently facilitate ubiquitous computing. Based on these requirements, an extensible architectural framework for PAL management systems that inherently facilitates the provisioning of multiple services and multiple protocols on PALs is derived. The ensuing framework, which is called Xobogel, is based on the microkernel architectural pattern, and the IPDR (Internet Protocol Data Record) specification. Xobogel takes into consideration and supports the implementation of diverse business models for PALs, in respect of distinct environmental factors. It also facilitates next-generation network service usage accounting through a simple, flexible, and extensible XML based usage record. The framework is subsequently validated for service element extensibility and simplicity through the design, implementation, and experimental deployment of SEHS (Small Extensible Hotspot System), a system based on the framework. The robustness and scalability of the framework is observed to be sufficient for SMME deployment, withstanding the stress testing experiments performed on SEHS. The range of service element and charging modules implemented confirm an acceptable level of flexibility and extensibility within the framework.
- Full Text:
- Date Issued: 2006
- Authors: Thinyane, Mamello P
- Date: 2006
- Subjects: Local area networks (Computer networks) , Computer networks -- Management , Computer network architectures , Computer network protocols , Wireless communication systems , XML (Document markup language)
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4638 , http://hdl.handle.net/10962/d1006553
- Description: The proliferation of PALs (Public Access Locations) is fuelling the development of new standards, protocols, services, and applications for WLANs (Wireless Local Area Networks). PALs are set up at public locations to meet continually changing, multiservice, multi-protocol user requirements. This research investigates the essential infrastructural requirements that will enable further proliferation of PALs, and consequently facilitate ubiquitous computing. Based on these requirements, an extensible architectural framework for PAL management systems that inherently facilitates the provisioning of multiple services and multiple protocols on PALs is derived. The ensuing framework, which is called Xobogel, is based on the microkernel architectural pattern, and the IPDR (Internet Protocol Data Record) specification. Xobogel takes into consideration and supports the implementation of diverse business models for PALs, in respect of distinct environmental factors. It also facilitates next-generation network service usage accounting through a simple, flexible, and extensible XML based usage record. The framework is subsequently validated for service element extensibility and simplicity through the design, implementation, and experimental deployment of SEHS (Small Extensible Hotspot System), a system based on the framework. The robustness and scalability of the framework is observed to be sufficient for SMME deployment, withstanding the stress testing experiments performed on SEHS. The range of service element and charging modules implemented confirm an acceptable level of flexibility and extensibility within the framework.
- Full Text:
- Date Issued: 2006
Investigating call control using MGCP in conjuction with SIP and H.323
- Authors: Jacobs, Ashley
- Date: 2005 , 2005-03-14
- Subjects: Communication -- Technological innovations , Digital telephone systems , Computer networks , Computer network protocols , Internet telephony
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4631 , http://hdl.handle.net/10962/d1006516 , Communication -- Technological innovations , Digital telephone systems , Computer networks , Computer network protocols , Internet telephony
- Description: Telephony used to mean using a telephone to call another telephone on the Public Switched Telephone Network (PSTN), and data networks were used purely to allow computers to communicate. However, with the advent of the Internet, telephony services have been extended to run on data networks. Telephone calls within the IP network are known as Voice over IP. These calls are carried by a number of protocols, with the most popular ones currently being Session Initiation Protocol (SIP) and H.323. Calls can be made from the IP network to the PSTN and vice versa through the use of a gateway. The gateway translates the packets from the IP network to circuits on the PSTN and vice versa to facilitate calls between the two networks. Gateways have evolved and are now split into two entities using the master/slave architecture. The master is an intelligent Media Gateway Controller (MGC) that handles the call control and signalling. The slave is a "dumb" Media Gateway (MG) that handles the translation of the media. The current gateway control protocols in use are Megaco/H.248, MGCP and Skinny. These protocols have proved themselves on the edge of the network. Furthermore, since they communicate with the call signalling VoIP protocols as well as the PSTN, they have to be the lingua franca between the two networks. Within the VoIP network, the numbers of call signalling protocols make it difficult to communicate with each other and to create services. This research investigates the use of Gateway Control Protocols as the lowest common denominator between the call signalling protocols SIP and H.323. More specifically, it uses MGCP to investigate service creation. It also considers the use of MGCP as a protocol translator between SIP and H.323. A service was created using MGCP to allow H.323 endpoints to send Short Message Service (SMS) messages. This service was then extended with minimal effort to SIP endpoints. This service investigated MGCP’s ability to handle call control from the H.323 and SIP endpoints. An MGC was then successfully used to perform as a protocol translator between SIP and H.323.
- Full Text:
- Date Issued: 2005
- Authors: Jacobs, Ashley
- Date: 2005 , 2005-03-14
- Subjects: Communication -- Technological innovations , Digital telephone systems , Computer networks , Computer network protocols , Internet telephony
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4631 , http://hdl.handle.net/10962/d1006516 , Communication -- Technological innovations , Digital telephone systems , Computer networks , Computer network protocols , Internet telephony
- Description: Telephony used to mean using a telephone to call another telephone on the Public Switched Telephone Network (PSTN), and data networks were used purely to allow computers to communicate. However, with the advent of the Internet, telephony services have been extended to run on data networks. Telephone calls within the IP network are known as Voice over IP. These calls are carried by a number of protocols, with the most popular ones currently being Session Initiation Protocol (SIP) and H.323. Calls can be made from the IP network to the PSTN and vice versa through the use of a gateway. The gateway translates the packets from the IP network to circuits on the PSTN and vice versa to facilitate calls between the two networks. Gateways have evolved and are now split into two entities using the master/slave architecture. The master is an intelligent Media Gateway Controller (MGC) that handles the call control and signalling. The slave is a "dumb" Media Gateway (MG) that handles the translation of the media. The current gateway control protocols in use are Megaco/H.248, MGCP and Skinny. These protocols have proved themselves on the edge of the network. Furthermore, since they communicate with the call signalling VoIP protocols as well as the PSTN, they have to be the lingua franca between the two networks. Within the VoIP network, the numbers of call signalling protocols make it difficult to communicate with each other and to create services. This research investigates the use of Gateway Control Protocols as the lowest common denominator between the call signalling protocols SIP and H.323. More specifically, it uses MGCP to investigate service creation. It also considers the use of MGCP as a protocol translator between SIP and H.323. A service was created using MGCP to allow H.323 endpoints to send Short Message Service (SMS) messages. This service was then extended with minimal effort to SIP endpoints. This service investigated MGCP’s ability to handle call control from the H.323 and SIP endpoints. An MGC was then successfully used to perform as a protocol translator between SIP and H.323.
- Full Text:
- Date Issued: 2005
An empirical, in-depth investigation into service creation in H.323 Version 4 Networks
- Authors: Penton, Jason Barry
- Date: 2003 , 2013-05-24
- Subjects: Computer programming , Computer networks , Computer network protocols
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4681 , http://hdl.handle.net/10962/d1007637 , Computer programming , Computer networks , Computer network protocols
- Description: Over the past few years there has been an increasing tendency to carry voice on IP networks as opposed to the PSTN and other switched circuit networks. Initially this trend was favoured due to reduced costs but occurred at the expense of sacrificing the quality of the voice communications. Switched circuit networks have therefore remained the preferred carrier-grade voice communication network, but this is again changing. The advancement in improved quality of service (QoS) of real-time traffic on the IP network is a contributing factor to the anticipated future of the IP network supplying carrier-grade voice communications. Another contributing factor is the possibility of creating a new range of innovative, state-of-the-art telephony and communications services that acquire leverage through the intelligence and flexibility of the IP network. The latter has yet to be fully explored. Various protocols exist that facilitate the transport of voice and other media on IP networks. The most well known and widely supported of these is H.323. This work presents and discusses H.323 version 4 service creation. The work also categorises the various H.323 services and presents the mechanisms provided by H.323 version 4 that have facilitated the development of the three services I have developed, EmailReader, Telgo323 and CANS.
- Full Text:
- Date Issued: 2003
- Authors: Penton, Jason Barry
- Date: 2003 , 2013-05-24
- Subjects: Computer programming , Computer networks , Computer network protocols
- Language: English
- Type: Thesis , Masters , MSc
- Identifier: vital:4681 , http://hdl.handle.net/10962/d1007637 , Computer programming , Computer networks , Computer network protocols
- Description: Over the past few years there has been an increasing tendency to carry voice on IP networks as opposed to the PSTN and other switched circuit networks. Initially this trend was favoured due to reduced costs but occurred at the expense of sacrificing the quality of the voice communications. Switched circuit networks have therefore remained the preferred carrier-grade voice communication network, but this is again changing. The advancement in improved quality of service (QoS) of real-time traffic on the IP network is a contributing factor to the anticipated future of the IP network supplying carrier-grade voice communications. Another contributing factor is the possibility of creating a new range of innovative, state-of-the-art telephony and communications services that acquire leverage through the intelligence and flexibility of the IP network. The latter has yet to be fully explored. Various protocols exist that facilitate the transport of voice and other media on IP networks. The most well known and widely supported of these is H.323. This work presents and discusses H.323 version 4 service creation. The work also categorises the various H.323 services and presents the mechanisms provided by H.323 version 4 that have facilitated the development of the three services I have developed, EmailReader, Telgo323 and CANS.
- Full Text:
- Date Issued: 2003
- «
- ‹
- 1
- ›
- »