簡易檢索 / 詳目顯示

回結果列表
研究生: 張耿豪
Chang, Keng-Hao
論文名稱: 基於無線網路的語音通話攻擊與防護研究
VoWiFi Attack and Protection
指導教授: 李忠憲
Li, Jung-Shian
學位類別: 碩士
Master
系所名稱: 電機資訊學院 - 電腦與通信工程研究所
Institute of Computer & Communication Engineering
論文出版年: 2019
畢業學年度: 107
語文別: 中文
論文頁數: 53
中文關鍵詞: 基於無線網路的語音通訊長期演進語音承載中間人攻擊位址解析協定欺騙偵測演算法
外文關鍵詞: VoWiFi, VoLTE, MITM, ARP Spoofing, Detection Algorithm
相關次數: 點閱:54下載:0
分享至:
查詢本校圖書館目錄 查詢臺灣博碩士論文知識加值系統 勘誤回報

    • 近年來語音通訊的技術越來越成熟,隨著訊息傳播越來越頻繁,資訊安全已成為非常重要的議題。在現代化的社會中,手機已經成為了人人都有的通訊裝置,不管是在通訊、購物、休閒娛樂,都離不開手機的使用,所以手機通訊時的安全與否將是人們值得關注的議題。本研究將會以Voice over Wi-Fi通訊技術為背景(以下簡稱VoWiFi),研究VoWiFi在通訊中的協定以及驗證潛在的風險,並設定四種不同的環境,針對是否連接電信網路、使用VoWiFi通訊技術的一方為發話方或受話方,丟棄通訊時的語音方包和重要的SIP訊息封包,詳細的說明各個封包遺失時對發話方、受話方所造成的影響,並提出演算法供未來開發APP或設備來偵測通話環境是否安全、建議電信商加入偵測機制來保障使用者權益。

    In recent years, the technology of voice service has become more and more mature. With the increasing frequency of information dissemination, information security becomes a very important issue. In modern society, mobile phones have become communication devices for everyone. No matter for communication, shopping, or entertainment, mobile phones are inseparable. Therefore, the safety of mobile communication is a topic worthy of attention. This study discusses the security issue about Voice over Wi-Fi communication technology (hereinafter referred to as VoWiFi) to examine the protocol of VoWiFi in communication identifying the potential risks. This study sets four different scenarios for whether the Caller or the Callee connects to the telecommunications network or VoWiFi. We discard voice content packets or critical SIP message packets when the user uses VoWiFi communication. Then, we observe the outcome and find the variations of message sequence in detail affecting on the Caller and Callee at each lost packet. We design an algorithm for the future development of APP or device to detect whether the calling environment is secure or under attack. With our experience, we recommended that the telecommunication service provider should employ the similar detection mechanism for security.

    摘要 I EXTENDED ABSTRACT II 誌謝 XVII 目錄 XVIII 表目錄 XX 圖目錄 XXI 一、 緒論 1 1.1研究背景 1 1.2 研究動機 3 1.3 研究貢獻 3 1.4 全文架構 4 二、 相關研究 5 2.1 VOX文獻探討 5 2.1.1 VoIP 5 2.1.2 VoLTE 7 2.1.3 VoWiFi 16 2.2行動通訊歷史、未來技術介紹 22 2.2.1 2G/3G 22 2.2.2 5G 22 2.3位址解析協定欺騙(ARP SPOOFING) 25 三、 系統架構 26 3.1 使用者被攻擊之環境架構 26 3.1.1實驗環境建置及方法 28 3.1.2 解密VoWiFi通訊關鍵封包 30 3.1.3製作過濾器 32 3.2 偵測攻擊之演算法 34 四、 實驗結果 38 4.1攻擊所造成的影響 38 4.2 攻擊實驗重複30次 47 五、 結論與未來展望 50 5.1 結論 50 5.2 未來工作 50 參考資料 51

    [1] S. Hussain, O. Chowdhury, S. Mehnaz and E. Bertino, "LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE," Network and Distributed Systems Security (NDSS) Symposium 2018, 18 February 2018.
    [2] "Cisco Visual Networking Index: Global Mobile Data Traffic Forecast Update, 2015–2020," 03 February 2016. [Online]. Available: http://www.cs.tut.fi/kurssit/ELT-43406/SupplementaryL7/2016%20-%20CISCO%20-%20global%20mobile%20data%20traffic%20forecast%20update,%202015-2020%20-%20white%20paper.pdf. [Accessed 03 May 2019].
    [3] "Session Initiation Protocol," [Online]. Available: https://en.wikipedia.org/wiki/Session_Initiation_Protocol. [Accessed 04 May 2019].
    [4] J. Rosenberg and H. Schulzrinne, "SIP: Session Initiation Protocol,IETF RFC 3261," June 2002. [Online]. Available: https://tools.ietf.org/html/rfc3261. [Accessed 4 May 2019].
    [5] "SIP: The Protocol and the Application," [Online]. Available: http://www.cs.nccu.edu.tw/~lien/Writing/NGN/sip.htm. [Accessed 04 May 2019].
    [6] L. Z. Pedrini, "Part-3: What happens when a user performs a voice call from an LTE/4G network? - VoLTE," 28 November 2016. [Online]. Available: https://www.netmanias.com/en/post/blog/10907/lte-volte/part-3-what-happens-when-a-user-performs-a-voice-call-from-an-lte-4g-network-volte. [Accessed 05 May 2019].
    [7] S. Technologies, "IMS is a Success – What’s next?," 25 June 2018. [Online]. Available: https://www.squire-technologies.co.uk/blog/ims-is-a-success-whats-next. [Accessed 05 05 2019].
    [8] L. Z. Pedrini, "Part-1: What happens when a user performs a voice call from an LTE/4G network? - Overview," 23 November 2016. [Online]. Available: https://www.netmanias.com/en/post/blog/10905/lte-volte/part-1-what-happens-when-a-user-performs-a-voice-call-from-an-lte-4g-network-overview. [Accessed 05 May 2019].
    [9] L. Z. Pedrini, "Part-2: What happens when a user performs a voice call from an LTE/4G network? - VoLGA & CSFB," 25 November 2016. [Online]. Available: https://www.netmanias.com/en/post/blog/10906/lte-volte/part-2-what-happens-when-a-user-performs-a-voice-call-from-an-lte-4g-network-volga-csfb. [Accessed 05 May 2019].
    [10] L. Z. Pedrini, "Part-4: What happens when a user performs a voice call from an LTE/4G network? - SRVCC," 02 December 2016. [Online]. Available: https://www.netmanias.com/en/post/blog/10908/lte-volte/part-4-what-happens-when-a-user-performs-a-voice-call-from-an-lte-4g-network-srvcc. [Accessed 05 May 2019].
    [11] M. Garcia-Martin, "Input 3rd-Generation Partnership Project (3GPP) Release 5 Requirements on the Session Initiation Protocol (SIP)," May 2005. [Online]. Available: https://tools.ietf.org/html/rfc4083. [Accessed 07 May 2019].
    [12] R.Jesske, D.Telekom, K.Drage and C.Holmberg, "Private Header (P-Header) Extensions to the Session Initiation Protocol (SIP) for the 3GPP," July 2017. [Online]. Available: https://tools.ietf.org/html/rfc7315. [Accessed 07 May 2019].
    [13] "www.3gpp.org - /ftp/Specs/archive/23_series/23.203/," 03 March 2019. [Online]. Available: https://www.3gpp.org/ftp/Specs/archive/23_series/23.203/. [Accessed 07 May 2019].
    [14] "www.3gpp.org - /ftp/Information/WORK_PLAN/Description_Releases/," 07 February 2014. [Online]. Available: https://www.3gpp.org/ftp/Information/WORK_PLAN/Description_Releases/. [Accessed 08 May 2019].
    [15] "www.3gpp.org - /ftp/specs/archive/23_series/23.402/," 27 March 2018. [Online]. Available: https://www.3gpp.org/ftp/specs/archive/23_series/23.402/. [Accessed 08 May 2019].
    [16] Z. Ghadialy, "Voice over WiFi (VoWiFi) technical details," 21 January 2015. [Online]. Available: https://blog.3g4g.co.uk/2015/01/voice-over-wifi-vowifi-technical-details.html. [Accessed 08 May 2019].
    [17] "www.3gpp.org - /ftp/Specs/archive/33_series/33.401/," 28 March 2019. [Online]. Available: https://www.3gpp.org/ftp/Specs/archive/33_series/33.401/. [Accessed 08 May 2019].
    [18] T. Xie, G.-H. Tu, C.-Y. Li, C. Peng, J. Li and M. Zhang, "The Dark Side of Operational Wi-Fi Calling Services," in 2018 IEEE Conference on Communications and Network Security (CNS), Beijing, China, 2018.
    [19] "www.3gpp.org - /ftp/Specs/archive/38_series/38.300/," 09 April 2019. [Online]. Available: https://www.3gpp.org/ftp/Specs/archive/38_series/38.300/. [Accessed 24 May 2019].
    [20] "Vo5G Technical White Paper," July 2018. [Online]. Available: https://www-file.huawei.com/-/media/CORPORATE/PDF/white%20paper/vo5g-technical-white-paper-en.pdf. [Accessed 24 May 2019].
    [21] "Wi-Fi Calling Overview Opportunities and challenges towards 5G," 2016. [Online]. Available: https://telecomwebinar.com/wp-content/uploads/2016/11/WBA-Wi-Fi-Calling-Webinar-Telesemana-BCT-v1.0.pdf. [Accessed 24 May 2019].
    [22] "ARP spoofing," [Online]. Available: https://en.wikipedia.org/wiki/ARP_spoofing. [Accessed 06 June 2019].
    [23] "Download VirtualBox (Old Builds): VirtualBox 5.2," 09 November 2018. [Online]. Available: https://www.virtualbox.org/wiki/Download_Old_Builds_5_2. [Accessed 10 May 2019].
    [24] "Kali Linux Downloads," [Online]. Available: https://www.kali.org/downloads/. [Accessed 10 May 2019].
    [25] "SDK Platform Tools release notes," Google, September 2018. [Online]. Available: https://developer.android.com/studio/releases/platform-tools.html. [Accessed 10 May 2019].
    [26] "Android tcpdump Downloads," 03 September 2017. [Online]. Available: https://www.androidtcpdump.com/android-tcpdump/downloads. [Accessed 10 May 2019].

    下載圖示 校內:2024-08-05公開
    校外:2024-08-05公開
    QR CODE