| IP Multimedia Subsystem (IMS) is an important concept brought up by 3GPP in March 2002. As one main part of core network in 3G system, it makes an end-to-end conversation based on Session Initial Protocol (SIP), and gets the QoS it requires. As a platform to provide multimedia data service, IMS is an important step to make Communications Network become an IP network. In common Communications Network, security problems are not so much because the network is not completely opened. But IMS will bring threats to today's Communications Network. As one of the main threats in Internet, Denial of Service attack will be a significant threat in IMS network.State Key Laboratory of Networking and Switching Technology of Beijing University of Posts & Telecommunications (BUPT) is responsible for the State 863 Project "Safety Evaluation Technology and Tools In Next Generation Telecommunication Network". As main part of this project, this paper focuses on (D) DoS'feature extraction, threat analysis model establishment and realization of a (D) DoS testing system in IMS which can help to find the security loophole and work out a Security & Defense Strategy early.Threat Analysis Model is the basic of disclosing their complete picture. After making an in-depth research on IMS and Denial of Service, the Threat Model (AMS Threat Analysis Model) is introduced. Base on the AMS Threat Analysis Model, this paper deduces the possible (D) DoS threat in IMS. As a test and verify of the AMS Thread Analysis Model, we have realized a (D) DoS Testing System in IMS which can be used to simulate the (D) DoS threat and find the potential threats of the IMS Network. This paper introduces the design of this system, and gives the architecture, code and simulation of flooding threat in IMS Core. This system can help to establish a Security & Defense Strategy for the IMS Network at the earliest possible time. Meanwhile, it gives a rationality and availability proof to the AMS Threat Analysis Model. |
PDF Full Text Request