Skip to main content
Article
On securing RTP-based streaming content with firewalls
Faculty of Informatics - Papers (Archive)
  • Liang Lu, University of Wollongong
  • Reihaneh Safavi-Naini, University of Wollongong
  • Jeffrey P. Horton, University of Wollongong
  • Willy Susilo, University of Wollongong
RIS ID
12863
Publication Date
1-1-2005
Publication Details

Safavi-Naini, R., Horton, J. P., Susilo, W. & Lu, L. (2005). On securing RTP-based streaming content with firewalls. In Y. Desmedt, H. Wang, Y. Mu & Y. Li (Eds.), International Conference on Cryptology and Network Security (pp. 304-319). Germany: Springer.

Abstract
Delivery of real-time streaming content is an increasingly important Internet application. Applications involved in processing streaming content may have exploitable vulnerabilities, as many other applications have been discovered to have, and using a firewall to filter out malicious traffic may provide some benefit. However, as these applications largely rely on traffic carried by RTP/UDP, firewalls that are unaware of the behaviour of RTP data streams have difficulties in filtering out malicious traffic injected into a stream by an attacker. In this paper, we observe a vulnerability in the current RTP protocol which allows an attacker to inject malicious traffic into a data stream, and present a scheme that allows a stateful firewall that keeps state from RTP packets to detect such malicious traffic. Our technique uses non-static fields such as RTP sequence numbers to improve the inspection scheme by modelling streaming traffic and detecting malicious streams based on deviation for this model. We show effectiveness of our approach by giving the results of our experiments.
Citation Information
Liang Lu, Reihaneh Safavi-Naini, Jeffrey P. Horton and Willy Susilo. "On securing RTP-based streaming content with firewalls" (2005) p. 304 - 319
Available at: http://works.bepress.com/wsusilo/67/