| In recent years, with the continuous innovation and development of the Internet application technique, IP phone (VoIP) technique has been widely spread, and the application scope has been also more and more widely. Among the many recommendations for VoIP, H.323recommendation, which is made by ITU-T, developed very rapidly in the past decade as one of the next-generation network multimedia transmission protocol. H.323recommendation has many advantages, such as its good flexibility, low communication cost, good compatibility and less demand for resources, as well as the ability to; interact between different networks, ISPs, equipments, and applications, etc..So H.323recommendation is becoming the most mainstream VoIP recommendation. However, H.323products are not absolutely safe, because its operational mechanism may leading to a number of security risks which can make H.323products be vulnerable to cyber attacks. This brings many security risks to using H.323products, and greatly restricts the development of H.323recommendation. Therefore, research on security of H.323recommendation has very important significance. In this paper, security of H.323recommendation are studied, and a series of security problems that may exist are put forward, and a number of attack means which may affect the function of the products are listed. After that, based on the means of attack, a Security Evaluation Toolkit is designed and implemented in this paper, in order to attack H.323products for testing their security, and to verify the problems raised above in the paper.The main work of this paper is divided into the following sections.1. The H.323recommendation and other related techniques are introduced, and previous research done in the H.323standard security are reviewed. This paper gives a brief introduction about H.323recommendation with a few aspects, such as the protocol stack, component architecture, messaging and communications processes. The main results of the study has been performed in the country are summarized, and the lack are summarized too.2. The security problems in H.323recommendation are analyzed. This paper studies the working mechanism and the communication process of H.323products, and puts forward some possible security flaws may exist and how to use these flaws to attack.3. A Security Evaluation Toolkit are designed. For the attack means the paper listed, this paper proposes a Security Evaluation Toolkit, and puts forward its outline design and detailed design.4. The Security Evaluation Toolkit are implemented. This paper uses the Java language and related software tools for implementing the Security Evaluation Toolkit, and the ideas and methods to implement it are detailed explained.5. H.323products are tested by using the Security Evaluation Toolkit. This paper uses the Security Evaluation Toolkit to attack H.323products(GNU Gatekeeper and MyPhone3based on open source project H.323Plus) for testing, and verifies the security flaws raised above.In the end, this paper summarizes and outlook. |
PDF Full Text Request