440-4221/01 – Multimedia Communication and Content Security (MKZO)
Gurantor department | Department of Telecommunications | Credits | 4 |
Subject guarantor | prof. Ing. Miroslav Vozňák, Ph.D. | Subject version guarantor | prof. Ing. Miroslav Vozňák, Ph.D. |
Study level | undergraduate or graduate | Requirement | Compulsory |
Year | 1 | Semester | winter |
| | Study language | Czech |
Year of introduction | 2016/2017 | Year of cancellation | |
Intended for the faculties | FEI | Intended for study types | Follow-up Master |
Subject aims expressed by acquired skills and competences
After successful course completion, students:
- will be able to understand principles of the audio and video content security in Internet and will be acquainted with fundamentals of the security design of communication;
- will understand methods of attacks and countermeasures for the mitigation of security risks of multimedia transmissions;
- will be able to implement server tools for multimedia communication with emphasis on the security;
- will be able to reveal security risks of the solution compontens for multimedia transmissions.
Teaching methods
Lectures
Tutorials
Experimental work in labs
Summary
This course is focused on multimedia communication in IP networks, it deals with principles and aspects of the content security, frauds, attacks, VoIP honeypots, penetration testing and countermeasures for mitigation of security risks. Among the topics, relatively new areas are included such as the multimedia real-time communications in web browsers using the WebRTC technology or the VoIP steganography.
Compulsory literature:
• VOZŇÁK, M.: Architectures, Protocols and Services for IP Telephony for joint teaching programme of BUT and VSB-TUO. VŠB-TU Ostrava, 2014, 358 p., 978-80-248-3640-9.
• COLLIER,M.,ENDLER,D. Hacking Exposed Unified Communications & VoIP Security Secrets & Solutions, New York: McGraww-Hill, 560p. 2013.
Recommended literature:
Additional study materials
Way of continuous check of knowledge in the course of semester
Every student has possibility to obtain max. 30 points during semester involving:
• solution of project 15 points,
• laboratory practice, 3x5 points.
E-learning
http://comtech.vsb.cz/moodle/
Other requirements
There are no other requirements for students.
Prerequisities
Subject has no prerequisities.
Co-requisities
Subject has no co-requisities.
Subject syllabus:
Lectures
1. Safety multimedia communications over IP, content of the SRTP and ZRTP security protocols.
2. SIP protocol and its security - SIP TLS and DTLS.
3. The TLS / SRTP / DTLS safe trunking / peering in the PBX software Asterisk environment.
4. Communication in real-time using a web-browser, WebRTC and practical implementation of the Asterisk server using WebRTC2SIP and Doubango.
5. Security of the SIP Proxy Kamailio using TLS module.
6. Frauding in VoIP, misusing of the service and identity spoofing.
7. Eavesdropping and defense, attacks on the availability of SIP Proxy and degradation the quality of audio and video services.
8. Manipulation with the video and audio content, mixing.
9. SIP signaling manipulation (registration, redirection and terminating of the sessions).
10. Steganography in VoIP, injection of the information into SIP headers and media content.
12. Uncovering sources of attacks using honeypots and VoIP honeypot tools Dionaea and Artemisa.
13. Penetration and Performance testing of SIP elements for multimedia communications.
14. New trends and findings in the field of multimedia security, summary.
Exercises
1. Introduction to the secure SW and HW IP phones, differences between secure and unsecure communications.
2. Introduction to the Asterisk PBX, making certificates for server and clients.
3. Denial of Service attacks on the SIP servers – INVITEflood, Eavesdropping, Man-in-the-middle – Cain and Abel.
4. Disturbing the voice stream in VoIP communication – RTPinsertsound, RTPmixsound.
5. Modification and manipulation with registrations in VoIP communication – add_registration, erase_registration.
6. Introduction into IDS/IPS systems – Suricata.
7. Penetration and benchmark tests of the VoIP infrastructure – Nessus, SIPB.
8. Project presentation (15p), credits assignment.
Laboratories
1. Configuration of the Asterisk PBX from the security point of view, protocol 1 assignment.
2. Configuration of the Asterisk PBX with WebRTC, connection of the HTML5 clients, protocol 1 delivery (5p).
3. Configuration of the Kamailio from the security point of view, protocol 2 assignment.
4. Scanning and monitoring of the VoIP infrastructure – Nmap, SIPVicious,SiVus, protocol 2 delivery (5p), project assignment.
5. SIP and RTP traffic emulators, protocol 3 assignment.
6. Introduction into SIP VoIP honeypot – Dionaea, TCPdump, protocol 3 delivery (5p).
Conditions for subject completion
Occurrence in study plans
Occurrence in special blocks
Assessment of instruction