SecMon: end-to-end quality and security monitoring system

Document type: Journal Articles
Article type: Original article
Peer reviewed: Yes
Author(s): Tomasz Ciszkowski, Charlott Eliasson, Markus Fiedler, Zbigniew Kotulski, Radu Lupu, Wojciech Mazurczyk
Title: SecMon: end-to-end quality and security monitoring system
Translated title: SecMon: end-till-end kvalitets- och säkerhetsmonitoreringssystem
Journal: Annales UMCS Informatica
Year: 2008
Volume: AI 8
Issue: 1
Pagination: 185-201
ISSN: 1732-1360
Publisher: Uniwersytet Marii Curie-Sklodowskiej
URI/DOI: 10.2478/v10065-008-0018-0
Organization: Blekinge Institute of Technology
Department: School of Computing (Sektionen för datavetenskap och kommunikation)
School of Computing S-371 79 Karlskrona
+46 455 38 50 00
http://www.bth.se/com
Authors e-mail: markus.fiedler@bth.se
Language: English
Abstract: The Voice over Internet Protocol (VoIP) is becoming a more available and popular way of communication for the Internet users. This also applies to the Peer-to-Peer (P2P) systems and merging these two have already proven to be successful (e.g. Skype). Even the existing standards of VoIP provide an assurance of security and Quality of Service (QoS), however, these features are usually optional and supported by a limited number of implementations. As a result, the lack of mandatory and widely applicable QoS and security guaranties makes the contemporary VoIP (P2P VoIP systems even more so than client-server ones) systems vulnerable to attacks and network disturbances. In this paper we are facing these issues and propose the SecMon system, which simultaneously provides a lightweight security mechanism and improves quality parameters of the call. SecMon is intended specially for VoIP service over P2P networks and its main advantage is that it provides authentication, data integrity services, adaptive QoS and (D)DoS attacks detection. Moreover, the SecMon approach represents a low-bandwidth consumption solution that is transparent to the users and possesses a self-organizing capability. The above- mentioned features are accomplished mainly by utilizing two information hiding techniques: digital audio watermarking and network steganography. These techniques are used to create covert channels that serve as transport channels for lightweight QoS measurement’s results. Furthermore, these metrics are aggregated in a reputation system that is used for the best route path selection in the P2P network. The reputation system also helps to mitigate (D)DoS attacks, maximize performance and increase transmission efficiency in the network.
Summary in Swedish: Ett system som hjälper att förbättra kvaliten och säkerheten i röstkommunikation via Internet presenteras. Mekanismen bygger på P2P teknik och behöver förhållandevis små resurser. Informationsutbyte sker med hjälp av gömda kanaler. Mer detaljer finns i den engelska versionen.
Subject: Telecommunications\General
Keywords: VoIP, Peer-to-peer, Quality of Service, data integrity, information hiding, watermarking, network steganography
Edit