440-4221/02 – Multimedia Communication and Content Security (MKZO)

Gurantor departmentDepartment of TelecommunicationsCredits4
Subject guarantorprof. Ing. Miroslav Vozňák, Ph.D.Subject version guarantorprof. Ing. Miroslav Vozňák, Ph.D.
Study levelundergraduate or graduateRequirementCompulsory
Web linkStudy languageEnglish
Year of introduction2016/2017Year of cancellation
Intended for the facultiesFEIIntended for study typesFollow-up Master
Instruction secured by
LoginNameTuitorTeacher giving lectures
REZ106 Ing. Filip Řezáč, Ph.D.
VOZ29 prof. Ing. Miroslav Vozňák, Ph.D.
Extent of instruction for forms of study
Form of studyWay of compl.Extent
Full-time Credit and Examination 2+2

Subject aims expressed by acquired skills and competences

After successful course completion, students: - will be able to understand principles of the audio and video content security in Internet and will be acquainted with fundamentals of the security design of communication; - will understand methods of attacks and countermeasures for the mitigation of security risks of multimedia transmissions; - will be able to implement server tools for multimedia communication with emphasis on the security; - will be able to reveal security risks of the solution compontens for multimedia transmissions.

Teaching methods

Lectures
Tutorials
Experimental work in labs

Summary

This course is focused on multimedia communication in IP networks, it deals with principles and aspects of the content security, frauds, attacks, VoIP honeypots, penetration testing and countermeasures for mitigation of security risks. Among the topics, relatively new areas are included such as the multimedia real-time communications in web browsers using the WebRTC technology or the VoIP steganography.

Compulsory literature:

• VOZŇÁK, M.: Architectures, Protocols and Services for IP Telephony for joint teaching programme of BUT and VSB-TUO. VŠB-TU Ostrava, 2014, 358 p., 978-80-248-3640-9. • COLLIER,M.,ENDLER,D. Hacking Exposed Unified Communications & VoIP Security Secrets & Solutions, New York: McGraww-Hill, 560p. 2013.

Recommended literature:

• SISALEM,D.,FLOROIU,J. SIP Security. New Jersey: JWS, Inc. 350p. 2009. • ŘEZÁČ, F., VOZŇÁK, M.: SIP Penetration Test System. In Networking Studies 2011 Selected Technical Reports, p.167-182, CESNET, May 2011, ISBN 978-80-904689-1-7.

Way of continuous check of knowledge in the course of semester

Every student has possibility to obtain max. 30 points during semester involving: • solution of project 15 points, • laboratory practice, 3x5 points.

E-learning

http://comtech.vsb.cz/moodle/

Další požadavky na studenta

There are no other requirements for students.

Minimum knowledge requirements

Prerequisities

Subject has no prerequisities.

Co-requisities

Subject has no co-requisities.

Subject syllabus:

Lectures 1. Safety multimedia communications over IP, content of the SRTP and ZRTP security protocols. 2. SIP protocol and its security - SIP TLS and DTLS. 3. The TLS / SRTP / DTLS safe trunking / peering in the PBX software Asterisk environment. 4. Communication in real-time using a web-browser, WebRTC and practical implementation of the Asterisk server using WebRTC2SIP and Doubango. 5. Security of the SIP Proxy Kamailio using TLS module. 6. Frauding in VoIP, misusing of the service and identity spoofing. 7. Eavesdropping and defense, attacks on the availability of SIP Proxy and degradation the quality of audio and video services. 8. Manipulation with the video and audio content, mixing. 9. SIP signaling manipulation (registration, redirection and terminating of the sessions). 10. Steganography in VoIP, injection of the information into SIP headers and media content. 12. Uncovering sources of attacks using honeypots and VoIP honeypot tools Dionaea and Artemisa. 13. Penetration and Performance testing of SIP elements for multimedia communications. 14. New trends and findings in the field of multimedia security, summary. Exercises 1. Introduction to the secure SW and HW IP phones, differences between secure and unsecure communications. 2. Introduction to the Asterisk PBX, making certificates for server and clients. 3. Denial of Service attacks on the SIP servers – INVITEflood, Eavesdropping, Man-in-the-middle – Cain and Abel. 4. Disturbing the voice stream in VoIP communication – RTPinsertsound, RTPmixsound. 5. Modification and manipulation with registrations in VoIP communication – add_registration, erase_registration. 6. Introduction into IDS/IPS systems – Suricata. 7. Penetration and benchmark tests of the VoIP infrastructure – Nessus, SIPB. 8. Project presentation (15p), credits assignment. Laboratories 1. Configuration of the Asterisk PBX from the security point of view, protocol 1 assignment. 2. Configuration of the Asterisk PBX with WebRTC, connection of the HTML5 clients, protocol 1 delivery (5p). 3. Configuration of the Kamailio from the security point of view, protocol 2 assignment. 4. Scanning and monitoring of the VoIP infrastructure – Nmap, SIPVicious,SiVus, protocol 2 delivery (5p), project assignment. 5. SIP and RTP traffic emulators, protocol 3 assignment. 6. Introduction into SIP VoIP honeypot – Dionaea, TCPdump, protocol 3 delivery (5p).

Conditions for subject completion

Full-time form (validity from: 2016/2017 Winter semester)
Task nameType of taskMax. number of points
(act. for subtasks)
Min. number of points
Credit and Examination Credit and Examination 100 (100) 51
        Credit Credit 30 (30) 15
                Laboratory Exercises Laboratory work 15  0
                Project Project 15  0
        Examination Examination 70 (70) 21
                Written Exam Written examination 50  0
                Oral Exam Oral examination 20  0
Mandatory attendence parzicipation:

Show history

Occurrence in study plans

Academic yearProgrammeField of studySpec.FormStudy language Tut. centreYearWSType of duty
2018/2019 (N2647) Information and Communication Technology (1801T064) Information and Communication Security P English Ostrava 1 Compulsory study plan
2017/2018 (N2647) Information and Communication Technology (1801T064) Information and Communication Security P English Ostrava 1 Compulsory study plan
2016/2017 (N2647) Information and Communication Technology (1801T064) Information and Communication Security P English Ostrava 1 Compulsory study plan

Occurrence in special blocks

Block nameAcademic yearForm of studyStudy language YearWSType of blockBlock owner