Secure cluster-based SIP service over Ad hoc networks

2013 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)

Secure Cluster-Based SIP Service over Ad hoc Networks Lamya Abdullah, Iman Almomani

Ala’ Aburumman

Computer Science Department, King Abdullah II for Information Technology (KASIT) The University of Jordan, Amman 11942, Jordan [email protected]

Division of Information Technology, Engineering and the Environment, University of South Australia, South Australia, Australia [email protected]

Abstract— Session Initiation Protocol (SIP) is the dominant protocol used for VoIP signaling. SIP is required to be adapted for use over decentralized environment instead of the overlay infrastructure-based networks. This research proposes a secure cluster-based SIP service over Ad hoc network to protect the adapted SIP service from several types of attacks. It eliminates the shortcomings of centralized approaches such as single point of failure. Additionally, it cuts off the overhead presented by fully distributed approaches. We conducted sets of simulation experiments to evaluate the proposed solution through different metrics. The advantage of using secure solution versus the nonsecure solution has been studied. Secure solution overcomes the use of the non-secure one. It maintains higher call signaling success ratio than non-secure by 58% under high black hole attacker ratio. Non-secure solution, under Denial of Service (DoS) attack, suffers overhead that can reach up to 13.5 times the overhead resulted from the use of the secure solution. Keywords— Session Initiation Protocol; SIP; VoIP; Wireless Ad hoc Networks; Networks Security; Clustering; DoS attacks.

I.

INTRODUCTION

Wireless, 802.11/Wi-Fi enabled, devices play important role in our daily communication; they are becoming more powerful in capabilities such as cell phones and PDAs. Thus, increasingly spread and demanding applications make Voice over IP (VoIP) service over Ad hoc network an important trend as well as challenging one due to the open issues and characteristics of each one of them. As an example, students in a campus building need to communicate on fly through calls. With the availability of Wi-Fi devices, VoIP applications could be used to allow them communicate directly instead of using legacy communication ways ‎[1]. VoIP is a general term for the family set of technologies used to deliver voice over Internet Protocol (IP) networks, instead of the Public Switched Telephone Network (PSTN). The most known signaling protocols are the: H.323- defined by the ITU, and the Session Initiation Protocol (SIP) - defined by the IETF. Progressively SIP is taking general publicity over H.323, basically due to SIP’s flexibility and relative simplicity‎[2]‎[1]. To provide pervasive VoIP communication, it is required to adapt existing SIP to decentralized infrastructure-less peer-topeer communication environment. The modified service is needed to maintain availability, flexible design and accepted call ratio‎[1]‎[2]‎[3].

978-1-4799-2303-8/13/$31.00 ©2013 IEEE

Number of attempts is found in the literature to use infrastructure-based wireless networks to implement VoIP on Ad hoc networks. Very few researches used Ad hoc network in their experiments. The challenge is to come up with a welldefined and logically sequenced algorithm to provide an integrated solution. In this work, we provide a compromised solution that achieves reliability and availability in secure way by proposing a secure cluster-based SIP service for Ad hoc networks. The proposed service builds a cluster-based logical overlay network on top of the network’s nodes. SIP users can communicate with each other either directly or they inquire contact information from logical SIP servers distributed among the network. This design solves the bottleneck problem of standalone SIP server while serving massive client requests. In addition, among other advantages, it reduces information redundancy that produced in distributed approaches. It uses Hash-based Message Authentication Code (HMAC)‎[4] to secure messages used for registration and discovery. The rest of this paper is organized as follows: ‎II reviews background and related work. Then system model and design goals are illustrated in Section ‎III. Section ‎IV describes the proposed Secure cluster-based SIP Service over Ad hoc networks. Analysis and simulation results are presented in Section ‎V. Finally Section ‎VI concludes this paper and presents possible future work trends. II.

BACKGROUND AND RELATED WORK

A. Background Overview VoIP application is a mean to talk over IP network instead of traditional analog systems. It is a term refers to the use of IP network to transfer voice in much the same way that normal forms of data are transferred. Each VoIP technology is protocol that is dedicated for certain functionality, i.e. SIP is used for signaling and Session Description Protocol (SDP) for describing techniques used in media transfer. It also uses Real-Time Transport Protocol (RTP) for media packets transfer. The functional building block for multimedia application is the signaling protocol. In IP-based network the most known signaling protocols are: H.323 and SIP ‎[5]. SIP is an application layer open standard developed by the IETF, defined in RFC3261‎[6]. It is a powerful, transportindependent, text-based, request-response paradigm and flexible signaling protocol, initially designed to accommodate

2013 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)

multimedia sessions. Fundamentally, SIP is used for initiating, managing and terminating multimedia sessions across IP networks‎[6]‎[7]. SIP builds an overlay network on top of regular infrastructure IP-network using entities that communicate via SIP messages. SIP Entities are three main categories: User Agents (UA), Servers (Proxy, Registrar and Redirect) and Gateways ‎[6]‎[7]. Typical SIP overlay network architecture is illustrated in Fig. 1. Address of Record (AoR) is SIP User Resource Identifier (URI), which is the addressing scheme used for SIP calling. AoR points to a domain with a location service that maps URI to another where the user might be available‎‎[6].

Fig. 1: SIP Overly Network architecture.

It is important to differentiate between securing SIP enabled sessions and SIP security. The first is the security of media data exchanged between parties. The second one is concerned with the exchanged SIP signaling. Despite the diverse security mechanisms that have been proposed for SIPbased applications ‎[6]‎[8]‎, there are still many vulnerabilities. Wireless Ad hoc networks differ from classical wired networks in several characteristics, such as:  Higher interference with low bandwidth availability.  Limited computing capabilities and weak security.  Multi-hop connectivity, dynamic topology. Wireless nodes shall track changes in the network themselves with the absence of administrator point in the network ‎[1]‎[1]‎[3]. Thus, setting a secure VoIP session in such distributed environment is a challenging task. Since SIP is the dominating signaling protocol for VoIP service, it is important to deploy secure SIP into Ad hoc networks. B. Related work Stuedi et al. ‎[3] proposed a middleware infrastructure for session setup and management in Ad hoc networks named SIPHoc, based on SLP framework proposed by‎ ‎[2]. They provided same interface as SIP standard with fully decentralized fashion. The presented solution is for both isolated and converged Ad hoc networks. SIPHoc’s components are divided into two groups: Service Location Protocol (SLP) and SIPHoc proxy. Also, gateway and connection providers are used for Internet connection.

Bai et al. ‎[10]‎presented a distributed architecture to deploy SIP for wireless Network. The design presented a test-bed that consisted of centralized servers, SIP server and AAA server for user authentication. The studied design did not consider a decentralized environment exists in Ad hoc networks. The solution is a centralized approach based on distributed servers. By “distributed” they refer to distributed system. Banerjee et al. ‎[11] proposed two approaches. The first is Loosely Coupled Approach (LCA), which provides a mechanism similar to Ad hoc On-Demand Distance Vector (AODV) protocol to allow SIP user discovery. The second is Tightly Coupled Approach (TCA) which employs routing information already known by the routing protocol to be used in SIP user discovery. The former one locates the target SIP user to get its binding information via using query and reply approach similar to AODV. This research presented the use of AODV and clusters to prove the implementation of the proposed (TCA). Both LCA and TCA have been compared against each other. In ‎[12], Aburumman, presented a solution to secure SIP functionality in Ad hoc networks by combining Distributed SIP Location Service (DSLS) with two security techniques: Digest Authentication Access (DAA) and Simple/ Multipurpose Internet Mail Extensions(S/MIME). DAA and S/MIME are used to secure log in service for users and data exchanged between proxies; respectively. This research mainly depends on electing a proxy server (PS) to handle SIP functionality and elect another node Change d’affair (CD) to hold backup for the server. The election approach presents overhead to the network. Moreover, approach consistency was not presented. Wang and Zhang ‎[13], presented secure authentication for SIP using certificate-less public key cryptography. Such a system is not applicable for Ad hoc network as it makes use of a Trusted Third Party (TTP) that does not exist in Ad hoc networks. Gurbani et al. ‎[14] presented a scheme that once applied, the proxies become transparent. The SIP proxy is allowed to create a secure overlay network between UAs. They showed that the mechanism can be applied on classical client/server, Peer-to-Peer and P2P-SIP. Leggio et al. ‎[15] adapted an extension called SIP authentication identity which was originally designed for infrastructure based SIP ‎[16]. SIP servers run the authentication service. SIP users are connected to and authenticated by SIP server. Mourtaji et al. ‎[17] presented MANET Call Admission Control (MCAC) to distribute SIP services on MANET. Their proposed solution used a supervisor module virtual network algorithm to activate/deactivate servers’ functionality. The main purpose was to limit the number of new calls when the available bandwidth on the access network is limited to maintain the currently established calls. Few researches have considered the security issues. Moreover, most of existed approaches were evaluated using test beds with small number of nodes but not a realistic Ad hoc network size. Also, they did not study different evaluation

2013 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)

 

metrics for SIP signaling neither examined the impact of security mechanisms on keeping SIP network alive. III.

SYSTEM MODEL AND DESIGN GOALS

This section describes the general system model and design goals of the proposed solution. Calls are needed to be made among peer-nodes ubiquitously using infrastructure-less environment. It is assumed that SIP application can perform the simplest form of one hop message broadcasting. SIP entities are basically SIP UA, SIP Proxy, SIP Registrar and SIP Discovery Server (SIP DS). Each node has SIP UA and SIP servers’ implementation on their protocol stack. All nodes can function as normal SIP UA and SIP proxy. Clusters consist of Cluster Head (CH) nodes which act as SIP DS. The terms CH and SIP DS or SIP server are used interchangeably in this paper. This paper assumes that the network can be vulnerable to security attacks. Attackers can launch different attacks to target the availability of the SIP network, poison the information of the SIP users so that main functionality of SIP network fails. SIP users are assumed to share security associations (e.g., they have exchanged their security keys offline). All SIP users are capable of performing basic security algorithms such as HMAC. ‎TABLE I demonstrates notations and terminologies used for the proposed solution description. TABLE I. Term

End-user transparency. Providing security solution that enables SIP service to function correctly under possible attacks.

NOTATIONS AND TERMINOLOGIES Meaning

IV.

SECURE CLUSTER-BASED SIP SERVICE

This section illustrates the secure SIP service for wireless Ad hoc networks. It is a cluster-based solution that distributes SIP servers’ functionality over subset of nodes according to cluster formation criteria. It implements SIP user discovery and SIP functionalities based on cluster. Many researches have proved that cluster-based solutions provide advantages for different issues in Ad hoc networks such as in routing, traffic coordination and fault-tolerance ‎[8]. The proposed approach builds logical clusters over the SIP network. SIP network’s clusters formation is based on nodes positions and neighborhood degree. Moreover, it does not use additional types of messages. Generally, it reuses the well-known SIP messages by adding special headers. Headers are used to indicate the purpose of message. It uses SIP Registration with headers for cluster formation, SIP INVITE for user discovery in call signaling. ‎TABLE II lists the headers while ‎TABLE III lists the used SIP messages with additional headers. TABLE II.

LIST OF HEADERS

Headers

Purpose

Id

Node’s Id or SIP user Id

Position

Sender’s position as coordinates: x, y

Weight

Value of sender’s calculated weight Indicate whether message is used to announce the cluster head status

SIP Netwrok

IP-Network uses SIP for VoIP signaling

CHAnnounce

SIP node

Ad hoc node with SIP implementation.

Nghbrs

Set of sender’s neighbors’ Ids

Local Proxy

Local SIP Proxy combined with SIP Registrar implemented locally in each node.

DiscoveryMo de

Indicate whether message used for SIP user discovery

SIP DS

SIP Discovery Server, handles the SIP user discovery.

SIP entities

SIP UA, SIP Proxy, Registrar, Discovery.

Cluster

Subset of nodes gathered logically.

REG

REGISTER + (Id, Position)

CH

Cluster Head; controller node in a cluster.

OK REG

OK + (Id, Position, Nghbrs)

CM

Cluster Member, node in the cluster besides the CH nodes.

SIP AoR DB

SIP AoR database, used for AoR resolution.

MAC

Message Authentication Code

Weight Announce (WA) CH Announce (CH-A)

HMAC

Hash-based Message Authentication Code

OKCH-A

OK + (Id, Position, CHAnnounce, Nghbrs)

DReq

INVITE + DiscoveryMode

The overall target is to build a comprehensive signaling solution that support both standard and Ad hoc SIP operations, transparently, for end user while considering security issues. Major design goals are as follows:    

Enabling Ad hoc peers to make calls over the decentralized environment based on SIP. Overcoming shortages of relying on static, fixed, centralized entities. Benefits from clustering approaches in wireless Ad hoc network to inherit features of scalability, less energy and bandwidth consumption with reduced overhead. Compatibility with standard SIP.

TABLE III. Message

SIP MESSAGES WITH ADDITIONAL HEADERS Original SIP message

REGISTER + ( Id, Position, Weight, Nghbrs) REGISTER + (Id, Position , CHAnnounce, Nghbrs)

To keep the general structure of SIP operations, each node has SIP UA and SIP Proxy, Registrar and Discovery servers implemented locally. The local Proxy combined with Registrar handles registration requests and call signaling for SIP UA. When node is elected as CH, DS server implementation is used for discovery and AoR resolution, as illustrated in Fig. 2. Network’s lifetime can be distinguished into two phases for illustration purposes: Registration phase and call signaling phase. In the Registration phase, contact information is exchanged and SIP clusters are formed. In call signaling phase actual calls can take place among SIP users.

2013 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)

As a result, each node builds its own SIP AoR Database (DB). SIP node’s AoR DB contains records about one hop neighbors contact information instead of all network’s members. Therefore, after clusters have been formed, each node shall have SIP contact binding information about its neighbor SIP UAs which are only one hop away. Also, each CH has SIP AoR of all its neighbors including CMs.

Fig. 2. Distributed SIP Functionality

A. Registeration Phase SIP UAs exchange SIP registration information, combined with parameters used for formation process. Each SIP node uses a self-distributed cluster formation algorithm which calculates node’s weight based on number of its neighbors and distances between itself and the neighbors. SIP node with maximum weight among its neighbors announces itself as a cluster head via CH-A message as described in ‎TABLE III. Upon receiving a CH-A message, SIP node decides whether to set the sender as its own CH. If SIP node itself has not been set as a CH, then it sets the sender node to be its CH. If SIP node receives CH-A message from more than one CH, then it calculates CH weight threshold for each CH-A message sender. SIP node calculates CH threshold based on the sender CH’s weight and distance between itself and the sender CH. SIP UA chooses CH with the maximum threshold to be its SIP server. Registration and clustering formation process is summarized in ‎TABLE IV. TABLE IV.

REGISTRATION AND CLUSTER FORMATION ALGORITHM

Algorithm: Registration and Cluster Formation, for all nodes 1. Each node Broadcasts REG [Id, Position] 2. Receiving REG: a- Reply with OKREG [Id, Position] b- Calculate distance to the sender node using Euclidian Distance:

B. Signaling Phase After Registration phase ends, each SIP node is either SIP server or SIP node. Distributed SIP server serves local proxies for SIP user discovery. When a SIP UA is trying to call another SIP UA whose contact information is not available in local AoR DB, local Proxy inquiries SIP server (CH) for contact information. Due to network’s size in some circumstances, CH may handle another discovery process on behalf of the request initiator. It communicates another CH to find the requested AoR. Being a SIP server does not restrict SIP node’s functionality; a CH node still can function as SIP UA and use its local Proxy to initiate/terminate calls. It functions as SIP DS only when it receives request for SIP user discovery via DReq messages. The DReq message is based on well-known SIP INVITE message, as illustrated in ‎TABLE III. with a header flag indicating the purpose of the received INVITE message. Signaling is performed between the local Proxies implemented inside each SIP node. CH does not have role in call signaling between SIP nodes. But, it functions for user location information discovery service to reduce both overhead and delay for call signaling. SIP UA (caller) needs to call another SIP UA (callee); hands the signaling process to its local proxy. In contrast to the standard SIP, number of messages used in call signaling is reduced due to the absence of SIP messages used in signaling such as TRYING message which is sent from SIP Proxy to callee in the standard. Fig. 3 illustrates the messages flow involving a CH in call signaling to find called party.

where Xs and Ys, and Xr and Yr are position coordinates of sender and receiver; respectively. 3. 4. 5. 6. 7.

Build neighborhood table. Receiving OKREG: Perform 2-b and 3. Calculate weight based on number of neighbor and distances. Broadcast weight to neighbors. If weight is maximum among neighbors Then set CH status = 1 and broadcast CH-A message. 8. Receiving CH-A: Check whether it is already set as CH. 9. If Yes: Then do nothing. 10. If No and own weight not larger than received weight Then: 11. - If received more than CH-A: calculate CHs weight threshold as: CHiW = α Wi + (1-α)di, where Wi and di are CH’s weight and distance; respectively. 12. - Set CH status = 0. 13. - Set node’s CH= sender with the maximum of . 14. - Unicast OKCH-A to chosen CH. 15. - Else (received only one CH-A): set sender as SIP server and perform steps 12 and 14. 16. Finally, Check whether being set as CH or CM, otherwise broadcasts CH-A.

Fig. 3 Messages Flow for Call Signaling Involving SIP Server (CH)

It is the SIP server’s responsibility to get contact information, similar to SIP servers in the standard; to reduce overhead and delay for the discovery process. When SIP server

2013 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)

does not have the inquired contact information it forwards the received DReq message to another SIP server. The described solution cuts off between direct signaling and the need for control signaling party. Caller local proxy calls target’s local proxy directly. The called proxy replies using a RINGING message. If needed, caller local Proxy contacts its SIP server to get the contact information of the called SIP UA. C. Security Implementation This subsection deals with securing the signaling environment which leads to secure call establishment. It illustrates security requirements, possible attacks to which cluster-based SIP service may be vulnerable to and security mechanisms. Security Requirements: Securing SIP service over Ad hoc network plays a significant role in keeping SIP service available. Due to the bynature vulnerabilities of applications running on Ad hoc networks and to avoid service failure, security requirements must be considered as a vital design goal. Authentication and Integrity of exchanged control messages shall be fulfilled, thus external attacker cannot interfere in SIP functionalities. To provide authentication, SIP users verify each other’s identity. Proofing sender’s identity prevents attacker’s message from being part of the communication. It is important to identify with whom SIP users are dealing, and to ensure that SIP users receive trustworthy messages. Authentication establishes trust between parties and curbs deceptive and phishing messages.

Security Mechanisms Several protocols have been used to enforce security requirements for SIP networks. Such as SIP Authentication which borrows HTTP authentication mechanism based on challenge/response approach. Almost all security mechanisms addressed the security issues are based on the existing SIP infrastructure i.e. existence of SIP centralized servers. Those are not applicable to be used for SIP service deployed on the decentralized infrastructure-less environment of Ad hoc network. The proposed solution uses HMAC algorithm to secure control messages used in the Registration phase and SIP user discovery. HMAC is a specific construction for calculating MAC that uses a cryptographic hash function in a combination with a secret key. Any cryptographic hash function, such as MD5 or SHA-1, may be used in the calculation of an HMAC ‎[4]. Fig. 4 shows the process of generating and verifying HMAC used by the proposed solution to achieve both authentication and integrity. By adding MAC to the control message, SIP users can verify message authenticity and ensure that message content has not been modified; consequently information can be trusted. Thus, cluster formation is considered safe, trusted and therefore provide a successful SIP discovery service. The main reason behind choosing HMAC was its characteristics that allow message security while maintaining energy consumption and overhead less than other approaches. The following section shows how several attacks can cause the SIP service to malfunction in the absence of security.

Providing authentication makes it easy to push data integrity. This is because authentication and integrity can be implemented via the same security mechanisms. Data integrity has a serious role as it provides kind of messages trustworthiness as it ensures that an attacker cannot poison the SIP network with false information implanted within control messages. Attacks Model Attacks that target control messages, either during Registration or during midst SIP user discovery in call signaling, are considered. Attacker can send false information in different stages of the algorithm thus can result in several kinds of attack forms. ‎TABLE V. summarizes the possible attacks over used messages. Most of the attack models mainly aim to reduce service function in SIP network - calls signaling success ratio. Therefore those issues cannot be neglected. TABLE V.

ATTACK MODEL

Attack Black hole

Control message DReq

Man In The Middle (MITM)

DRep

Denial of Service (DoS)

DReq

Description Does not Reply after being set as a SIP server Modify reply message sent from SIP server implying false contact info. Keep sending DReq to a SIP server.

Fig. 4 Message Authentication and Integrity Using HMAC

V.

EVALUATION AND EXPERIMENTAL RESULTS

This section shows the simulation results to illustrate the implementation of cluster-based secure SIP. Ad hoc networks scenarios where built using default transmission rate of IEEE 802.11 with a network terrain 1500x1500, on which 10-50 nodes were distributed in a way that avoids very high dense networks, at the same time provides multi-hop paradigm. The study evaluates the following metrics: 1.

Attacker Control on network service: Attacker ability to control SIP network via several attack models.

2013 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)

2. 3. 4.

Success ratio under security threats: The number of successful calls signaling among calls attempts in network lifetime under specific attack model. Control Messages Overhead: The total number of messages used to provide the service. Stability: Consistency while increasing number of nodes with the existence of attackers.

85% for small size networks. As the network gets larger, number of attackers being CHs reaches 94%. While using secure deployment prevents attackers from being CHs regardless of the network size.

The study of security issues has focused on attacker ratio in the network which is calculated as: Att Ration = ∑Ai=1 ai / ∑Ni=1 ni

(1)

where ∑Ai=1 ai is the total number of attackers and ∑Ni=1 ni is the total number of nodes. Success ratio is calculated as the ratio of success calls to the total number of call attempts: Success Ratio = ∑Ci=1 SuccCalli / ∑Ci=1 Calli

(2)

(∑Ci=1

where SuccCalli ) is the total number of success calls signaling and (∑Ci=1 Calli) is the total number of calls attempts. The following subsections demonstrate the studied scenarios. A. Black Hole For an attacker who becomes a CH; possible attack model is to be a black hole for the discovery requests as mentioned in the previous section. The attacker can simply receive a request but does not send any DRep. As a result, the caller will abort call signaling attempts which eventually will decrease the overall call signaling success ratio.

Fig. 6 Percentage Of Attackers Assigned as CHs, Attacker Ratio 30%.

B. Man In The Middle Fig. 7 demonstrates call signaling success ratio under MITM attack. Attacker does not have to be a SIP server; it can modify DRep sent to a requester SIP user. By forging false contact information to DRep, overall signaling ratio is affected. Call success ratio can reach 0.37 of calls attempts under MITM attack when security mechanisms are not implemented. In contrasts, high success ratio is maintained using secure solution.

Fig. 5 compares results of call signaling success ratio when secure solution is used versus non-secure solution against black hole attack ratio in the network. Non-secure solution suffers from low success ratio that reaches 0.49 of call attempts in the best case when attacker ratio is small. That success ratio degrades to reach 0.37 as the attacker ratio gets higher. On the other hand, secure solution can maintain high stable success ratio that overcomes non-secure one with 0.58 for higher attacker ratio. That is due to the fact that the attackers cannot be CHs, and therefore black hole attack cannot take place.

Fig. 7 Call Signaling Success Ratio under MIIM Attack

Fig. 5 Call Signaling Success Ratio Under Black Hole Attack

Fig. 6 shows that in non-secure solution, number of attackers that can be assigned as CHs increases as the network size increases. For attacker ratio reaches 30% of the nodes, the percentage of attackers being assigned as CHs jumps to reach

C. Denial of Service To depict the influence of DoS attack against the network with and without security, two different time intervals have been studied. Also in this kind of attacking, the attacker does not have to be a SIP server it only sends many unneeded false DReq to SIP servers in its neighborhood. For DoS attacker to be simulated, it needs to set time interval at which the attacker sends these DReqs. Attacker may send DReq every second, 10 seconds, or n seconds. To have actual impact of DoS attack, time interval between DReqs is supposed to be short. This work simulated DoS attack for time intervals 10, and 30 seconds, for demonstration and modeling purposes. Fig. 8 shows the overhead produced by DoS attacker with requesting rate of time interval 10 seconds against attacker ratio. For small attacker ratio, an attacker with ability to send

2013 IEEE Jordan Conference on Applied Electrical Engineering and Computing Technologies (AEECT)

DReq every 10 seconds can raise the number of exchanged messages to 3.75 times of the number messages sent in the secure solution. That ratio increases to 9.50 times and 13.60 times for higher attacker ratios, 30% and 50% respectively.

overhead. The aforementioned SIP service adaptation is integrated with authentication and integrity security mechanisms. It aims to protect the provided service from different attacks. For future improvement, further study to prove the advantages of cluster-based solution over centralized and fully distributed solutions should taking place. Additionally, clusters maintenance shall be studied to support high dynamic networks. Moreover, study can be performed to evaluate the proposed system against network mobility. REFERENCES [1]

[2] Fig. 8 Call Signaling Overhead under DoS Attack (time interval 10s)

Fig. 9 illustrates the same metrics for a DoS attacker that sends DReq every 30 seconds. Increasing sending time interval will reduce requesting rate and consequently decrease the resulted overhead.

[3]

[4] [5]

[6]

[7] [8]

[9]

[10] Fig. 9 Call Signaling Overhead under DoS Attack (time interval 30s)

An attacker that sends SIP discovery requests every 30 seconds raises the number of exchanged messages in the SIP network, in high attacker ratio, to 5.25 times the number of messages sent in secure solution. That ratio is less for lower attacker ratio; it can reach 3.8 and 1.9 times for attacker ratios 30% and 10%; respectively. As can be noticed from the above results, the overall number of messages exchanged in the network indicates the extra overhead that is put on SIP servers in the SIP network. This in turn can be translated into computation time, computation space, energy, communication channel occupation, etc, which affect SIP servers’ lifetime and consequently the whole network’s lifetime. VI.

CONCLUSIONS AND FUTURE WORK

This paper came up with a solution to provide secure SIP service over self-configured wireless network. It adapts SIP service on Ad hoc networks neither centralized nor fully distributed by building a virtual backbone for SIP network on the top of networks participants. The solution distributes overhead on several entities and reduces extra service messages

[11]

[12]

[13]

[14]

[15]

[16] [17]

S. Basagni, M. Conti, S. Giordano, and I. Stojmenovic, “Mobile Ad Hoc Networking”, IEEE Press and A John Wiley & Sons, Inc., Publication, 2004. M. Garber, “Securing Session Initiation Protocol Over Ad Hoc Network”, Master Thesis, Institute for Pervasive Computing, Zurich, 2005. P. Stuedi, M. Bihr, A. Remund, and G. Alonso, “SIPHoc Efficient SIP Middleware for Ad Hoc Networks”, IFIP International Federation for Information Processing, pp. 60–79, 2007. W. Stallings, Network Security Essentials: Applications And Standards, 3rd ed., Pearson Prenticed Hall, 2007. A. Kumar, “An Overview of Voice over Internet Protocol (VOIP)”, Rivier College Online Academic Journal, vol 2, no.1, pp.1-13, SPRING, 2006. J. Rosenberg, H. Schulzrinne, G. Camarillo, A. Johnston, J. Peterson, R. Sparks, M. Handley, E. Schooler, SIP: Session Initiation Protocol. RFC 3261, IETF, 2002. R. Sparks, “SIP Basics and Beyond, Estacado Systems”, ACM Queue, Vol. 5 No. 2, pp.22-33, March 2007. Y. Chen , L. Liestman, and J. Liu, “Clustering Algorithms For Ad Hoc Wireless Networks”, Ad Hoc and Sensor Networks. Nova Science Publishers, 2004. J. Arkko, V. Torvinen, G. Camarillo, A. Niemi, and T. Haukka, Security Mechanism Agreement for the Session Initiation Protocol (SIP), RFC 3329, IETF, 2003. Y. Bai, S. Aminullah, Q. Han, D. Wang, T. Zhang, and D. Qian, “A Novel Distributed Wireless VoIP Server Based on SIP”, IEEE International Conference on Multimedia and Ubiquitous Engineering (MUE'07), pp. 958 – 962, May 2007. N. Banerjee, A. Acharya, and S. Das, “Enabling SIP-based sessions in Ad hoc networks”, Wireless Networks, Springer Science, vol.13, pp.461–479, 2007. A. Aburumman, “Securing Session Initiation Protocol Over Ad Hoc Network”, Master Thesis, University of Jordan, Amman, Jordan, 2010, Unpublished. F. Wang, and Y. Zhang, “A new provably secure authentication and key agreement mechanism for SIP using certificate-less public-key cryptography”, Elsvier, vol.31, pp. 2142-2149, June 2008. V. Gurbani , D. Willis, and F. Audet, “Cryptographically Transparent Session Initiation Protocol (SIP) Proxies”, Communications, 2007. ICC '07. IEEE International Conference, vol. 07, pp.1185-1190, June 2007. S. Leggio, H. Miranda, K. Raatikainen, and L. Rodrigues, “SIPCache: A Distributed SIP Location Service for Mobile Ad-Hoc Networks”, Mobile and Ubiquitous Systems: Networking & Services, 2006 Third Annual International Conference, pp.1-8, July 2006. J. Peterson, Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP), draft-ietf-sip-identity-01, IETF, 2003. I. Mourtaji, M. Bouhorma, M. Benahmed, And A. Bouhdir, Performance Enhancement of VNSIP approach, using MCAC algorithm, International Journal of Computer Networks and Communications Security, VOL. 1, NO. 3, 68–74, AUGUST 2013.