On Securing RTP-Based Streaming Content with Firewalls

Citation data:

Cryptology and Network Security, ISSN: 0302-9743, Vol: 3810 LNCS, Page: 304-319

Publication Year:
Usage 11
Abstract Views 11
Captures 4
Readers 4
Citations 1
Citation Indexes 1
Repository URL:
https://works.bepress.com/wsusilo/67; https://ro.uow.edu.au/infopapers/1300
Lu, Liang; Safavi-Naini, Reihaneh; Horton, Jeffrey P.; Susilo, Willy
Springer Nature
Computer Science; Biochemistry, Genetics and Molecular Biology; Mathematics; Securing; RTP; Based; Streaming; Content; Firewalls; Physical Sciences and Mathematics
book chapter description
Delivery of real-time streaming content is an increasingly important Internet application. Applications involved in processing streaming content may have exploitable vulnerabilities, as many other applications have been discovered to have, and using a firewall to filter out malicious traffic may provide some benefit. However, as these applications largely rely on traffic carried by RTP/UDP, firewalls that are unaware of the behaviour of RTF data streams have difficulties in filtering out malicious traffic injected into a stream by an attacker. In this paper, we observe a vulnerability in the current RTP protocol which allows an attacker to inject malicious traffic into a data stream, and present a scheme that allows a stateful firewall that keeps state from RTF packets to detect such malicious traffic. Our technique uses non-static fields such as RTF sequence numbers to improve the inspection scheme by modelling streaming traffic and detecting malicious streams based on deviation for this model. We show effectiveness of our approach by giving the results of our experiments. © Springer-Verlag Berlin Heidelberg 2005.