Projects
Current
- iptego Voice Security Inspector is a network intrusion detection system (IDS) with focus on SIP. It sniffs the traffic crossing a network, reassembles fragmented IP packets, follows TCP streams and parses SIP messages. VSI uses this information to create alerts when something seems wrong and to provide live statistics about the VoIP service. Being a completely passive system, the attacker can not know that it is monitored and can not use it to turn it against the service. VSI can monitor the traffic volume and the response times of the SIP servers, alerting about DoS attacks before they escalate. Third party modules can be created for monitoring new parameters and detecting new attacks.
VSI was installed to monitor iptel.org, a community supported SIP site and web portal. The monitoring Web frontend of VSI showing some live statistics from iptel.org can be found here.
- SPIDER (SPAM over Internet Telephony Detection Service) is a research project that aims SPIT prevention. Iptego’s partners in this project are FOKUS, Telio, University of Aegean, VozTelecom and Eleven.
As part of SPIDER, I will develop a white/black list module for the open-source SIP Express Router and will add SPIT reporting capabilities to the Ekiga SIP client.
- iptego SIP Dispatcher (SD) is a software SIP load balancer. SD offers Layer 7 session persistence based on the Call-ID header and uses direct routing for dispatching the packets to workers, providing a simple setup for VoIP applications, which are often affected by NAT problems. It can build the session table from the outgoing packets, too, so the workers can create calls. Several load balancing algorithms (e.g. round-robin, least loaded) are provided. In addition, a monitoring application can sense when a worker becomes unavailable and tell SD to not send it any new calls, providing 1-n redundancy. SD itself can use VRRP for 1-1 redundancy. SD can be a convenient and flexible alternative to HW load balancers.
Past
- Application Layer Handover (Handoff) of VoIP Sessions in IMS Environments is my diploma thesis, accomplished as part of a research project at FhG FOKUS, in Berlin. We have developed extensions for the SIP Express Router and for the Ekiga SIP client, providing seamless in-call transfer from one network operator to another. The thesis contains a comparison of the available SIP stacks and an overview of the Opal library architecture.
- OLSR daemon for Quagga is an open-source implementation of a routing protocol targeted on mobile ad-hoc networks and standardized in RFC 3626. This project is no longer maintained.