End to End VoIP Security

End to End VoIP Security Introduction User communications applications are in high demand in the Internet user community. Two classes of such applications are of great importance and attract interest by many Internet users: collaboration systems and VoIP communication systems. In the first category reside systems like ICQ , MSN Messenger and Yahoo! Messenger while in the latter, systems like Skype and VoipBuster are dominating among the public VoIP clients. In the architecture plane, collaboration systems form a distributed network where the participants communicate with each other and exchange information. The data are either routed from the source through a central server to the recipient or the two clients communicate directly. The participants in such networks are both content providers and content requestors . On the other hand, the data communication path in the VoIP systems is direct between the peers, without any involvement of the service network in the data exchange path with some exceptions like Skypes â€Å" supernode† communications. Data are carried over public Internet infrastructures like Ethernets, WiFi hotspots or wireless ad hoc networks. Security in these networks is a critical issue addressed in several different perspectives in the past. In this assignment I focus on cryptographic security implementation in VoIP. Security is implemented dynamically in cooperation by the two (or more) peers with no prior arrangements and requirements, like out of band exchanged keys, shared secrets etc. Ease of use (simplicity), user friendliness (no special knowledge from the user side) and effectiveness (ensuring confidentiality and integrity of the applications) combined with minimal requirements on end user devices are the goals achieved by our approach. We leverage security of user communications, meeting all the above requirements, by enhancing the applications architecture with VoIPSec security elements. Over the past few years, Voice over IP (VoIP) has become an attractive alternative to more traditional forms of telephony. Naturally, with its in-creasing popularity in daily communications, re-searchers are continually exploring ways to improve both the efficiency and security of this new communication technology. Unfortunately, while it is well understood that VoIP packets must be encrypted to ensure confidentiality, it has been shown that simply encrypting packets may not be sufficient from a privacy standpoint. For instance, we recently showed that when VoIP packets are first compressed with variable bit rate (VBR) encoding schemes to save bandwidth, and then encrypted with a length preserving stream cipher to ensure confidentiality, it is possible to determine the language spoken in the encrypted conversation. As surprising as these findings may be, one might argue that learning the language of the speaker (e.g., Arabic) only affects privacy in a marginal way. If both endpoints of a VoIP call are known (for example, Mexico City and Madrid), then one might correctly conclude that the language of the conversation is Spanish, without performing any analysis of the traffic. In this work we show that the information leaked from the combination of using VBR and length preserving encryption is indeed far worse than previously thought. VOIP This assignment is about security, more specifically, about protecting one of your most precious assets, your privacy. We guard nothing more closely than our words. One of the most important decisions we make every day is what we will say and what we wont. But even then its not only what we say, but also what someone else hears, and who that person is. Voice over IP- the transmission of voice over traditional packet-switched IP networks—is one of the hottest trends in telecommunications. Although most computers can provide VoIP and many offer VoIP applications, the term â€Å"voice over IP† is typically associated with equipment that lets users dial telephone numbers and communicate with parties on the other end who have a VoIP system or a traditional analog telephone. (The sidebar, â€Å"Current voice-over-IP products,† de-scribes some of the products on the market today.) As with any new technology, VoIP introduces both opportunities and problems. It offers lower cost and greater flexibility for an enterprise but presents significant security challenges. Security administrators might assume that because digitized voice travels in packets, they can simply plug VoIP components into their already se-cured networks and get a stable and secure voice net-work. Unfortunately, many of the tools used to safeguard todays computer networks—firewalls, network address translation (NAT), and encryption—dont work â€Å"as is† in a VoIP network. Although most VoIP components have counterparts in data networks, VoIPs performance demands mean you must supplement ordinary network software and hardware with special VoIP components. Integrating a VoIP system into an already congested or overburdened network can be disastrous for a companys technology infra-structure. Anyone at- tempting to construct a VoIP network should therefore first study the procedure in great detail. To this end, weve outlined some of the challenges of introducing appropriate security measures for VoIP in an enterprise. End-to-End Security IN this assignment I am going to describe the end-to-end security and its â€Å"design principle† that one should not place mechanisms in the network if they can be placed in end nodes; thus, networks should provide general services rather than services that are designed to support specific applications. The design and implementation of the Internet followed this design principle well. The Internet was designed to be an application-agnostic datagram de-livery service. The Internet of today isnt as pure an implementation of the end-to-end design principle as it once was, but its enough of one that the collateral effects of the network not knowing whats running over it are becoming major problems, at least in the minds of some observers. Before I get to those perceived problems, Id like to talk about what the end-to-end design principle has meant to the Internet, technical evolution, and society. The Internet doesnt care what you do—its job is just to â€Å"deliver the b its, stupid† (in the words of David Isenberg in his 1997 paper, â€Å"Rise of the Stupid Network†2). The â€Å"bits† could be part of an email message, a data file, a photograph, or a video, or they could be part of a denial-of-service attack, a malicious worm, a break-in attempt, or an illegally shared song. The Net doesnt care, and that is both its power and its threat. The Internet (and by this, I mean the Arpanet, the NSFNet, and the networks of their successor commercial ISPs) wasnt designed to run the World Wide Web. The Internet wasnt designed to run Google Earth. It was designed to support them even though they did not exist at the time the foundations of the Net were designed. It was designed to support them by being designed to transport data without caring what it was that data represented. At the very first, the design of TCP/IP wasnt so flexible. The initial design had TCP and IP within a single protocol, one that would only deliver data reliably to a destination. But it was realized that not all applications were best served by a protocol that could only deliver reliable data streams. In particular, timely delivery of information is more important than reliable delivery when trying to support interactive voice over a network if adding reliability would, as it does, increase delay. TCP was split from IP so that the application running in an end node could determine for itself the level of reliability it needed. This split created the flexibility that is currently being used to deliver Skypes interactive voice service over the same network that CNN uses to deliver up-to-the-minute news headlines and the US Patent and Trademark office uses to deliver copies of US patents. Thus the Internet design, based as it was on the end-to-end principle, became a generative facility. Unlike the traditional phone system, in which most new applications must be installed in the phone switches deep in the phone net-work, anyone could create new applications and run them over the Internet without getting permission from the organizations that run the parts of the Net. This ability was exploited with â€Å"irrational exuberance†4 during the late 1990s Internet boom. But, in spite of the hundreds of billions of dollars lost by investors when the boom busted, the number of Internet users and Web sites, the amount of Internet traffic, and the value of Internet commerce have continued to rise, and the rate of new ideas for Internet-based services hasnt no- ticeably diminished. Security and privacy in an end-to-end world The end to end arguments paper used â€Å"se-cure transmission of data† as one reason that an end-to-end design was required. The paper points out that network-level or per-link encryption doesnt actually provide assurance that a file that arrives at a destination is the same as the file that was sent or that the data went unobserved along the path from the source to the destination. The only way to ensure end-to-end data integrity and confidentiality is to use end-to-end encryption. Thus, security and privacy are the responsibilities of the end nodes. If you want to ensure that a file will be transferred without any corruption, your data-transfer application had better include an integrity check, and if you didnt want to allow anyone along the way to see the data itself, your application had better encrypt it before transmitting it. There are more aspects to security on a network than just data encryption. For example, to ensure that communication over the net-work is reliable, the network itself needs to be secure against attempts—purposeful or accidental—to disrupt its operation or redirect traffic away from its intended path. But the original Internet design didnt include protections against such attacks. Even if the network is working perfectly, you need to actually be talking to the server or person you think you are. But the Internet doesnt pro-vide a way, at the network level, to assure the identities of its users or nodes. You also need to be sure that the message your computer re receives isnt designed to exploit weaknesses in its software (such as worms or viruses) or in the ways that you use the Net. Protection against such things is the end systems responsibility. Note that there is little that can be done â€Å"in the Net† or in your end system to protect your privacy from threats such as the government demanding the records of your use of Net-based services such as Google, which collect information about your network usage. Many of todays observers assume that the lack of built-in protections against attacks and the lack of a se-cure way to identify users or nodes was a result of an environment of trust that prevailed when the original Internet design and protocols were developed. If you trusted the people on the Net, there was no need for special defensive functions. But a few people who were â€Å"at the scene† have told me that such protections were actively discouraged by the primary sponsor of the early Internet—that is to say, the US military wasnt all that interested in having good nonmilitary security, maybe because it might make its job harder in the future. Whatever the reason, the Internet wasnt designed to provide a secure environment that included protection against the malicious actions of those who would disrupt it or attack nodes or services provided over it. End-to-end security is not dead yet, but it is seriously threatened, at least at the network layer. NATs and firewalls interfere with some types of end-to-end encryption technology. ISPs could soon be required by regulations to, by default, filter the Web sites and perhaps the protocols that their customers can access. Other ISPs want to be able to limit the protocols that their customers can access so that the ISP can give service providers an â€Å"incentive† to pay for the customers use of their lines—they dont see a way to pay for the net-work without this ability. The FBI has asked that it be able to review all new Internet services for tapability before theyre deployed, and the FCC has hinted that it will support the request If this were to happen, applications such as Skype that use end-to-end encryption could be outlawed as inconsistent with law enforcement needs. Today, its still easy to use end-to-end encryption as long as its HTTPS, but that might be short-lived. It could soon reach the point that the use of end-to-end encryption, without which end-to-end security cant exist, will be seen as â€Å"an antisocial act† (as a US justice department official once told me). If that comes to be the case, end-toend security will be truly dead, and we will all have to trust functions in the network that we have no way of knowing are on our side. What is VoIP end to end security? Achieving end-to-end security in a voice-over-IP (VoIP) session is a challenging task. VoIP session establishment involves a jumble of different protocols, all of which must inter-operate correctly and securely. Our objective in this paper is to present a structured analysis of protocol inter-operation in the VoIP stack, and to demonstrate how even a subtle mismatch between the assumptions made by a protocol at one layer about the protocol at another layer can lead to catastrophic security breaches, including complete removal of transport-layer encryption. The VoIP protocol stack is shown in figure 1. For the purposes of our analysis, we will divide it into four layers: signaling, session description, key exchange and secure media (data) transport. This division is quite natural, since each layer is typically implemented by a separate protocol. Signaling is an application-layer (from the viewpoint of the underlying communication network) control mechanism used for creating, modifying and terminating VoIP sessions with one or more participants. Signaling protocols include Session Initiation Protocol (SIP) [27], H.323 and MGCP. Session description protocols such as SDP [20] are used for initiating multimedia and other sessions, and often include key exchange as a sub-protocol. Key exchange protocols are intended to provide a cryptographically secure way of establishing secret session keys between two or more participants in an untrusted environment. This is the fundamental building block in se-cure session establishment. Security of the media transport layer—the layer in which the actual voice datagrams are transmitted—depends on the secrecy of session keys and authentication of session participants. Since the established key is typically used in a symmetric encryption scheme, key secrecy requires that nobody other than the legitimate session participants be able to distinguish it from a random bit-string. Authentication requires that, after the key exchange protocol successfully completes, the participants respective views of sent and received messages must match (e.g., see the notion of â€Å"matching conversations† in [8]). Key ex-change protocols for VoIP sessions include SDPs Security DEscriptions for Media Streams (SDES) , Multim edia Internet KEYing (MIKEY) and ZRTP [31]. We will analyze all three in this paper. Secure media transport aims to provide confidentiality, message authentication and integrity, and replay protection to the media (data) stream. In the case of VoIP, this stream typically carries voice datagrams. Confidentiality means that the data under encryption is indistinguishable from random for anyone who does not have the key. Message authentication implies that if Alice receives a datagram apparently sent by Bob, then it was indeed sent by Bob. Data integrity implies that any modification of the data in transit We show how to cause the transport-layer SRTP protocol to repeat the keystream used for datagram encryption. This enables the attacker to obtain the xor of plaintext datagrams or even to completely decrypt them. The SRTP keystream is generated by using AES in a stream cipher-like mode. The AES key is generated by applying a pseudo-random function (PRF) to the session key. SRTP, however, does not add any session-specific randomness to the PRF seed. Instead, SRTP assumes that the key exchange protocol, executed as part of RTP session establishment, will en-sure that session keys never repeat. Unfortunately, S/MIME-protected SDES, which is one of the key ex-change protocols that may be executed prior to SRTP, does not provide any replay protection. As we show, a network-based attacker can replay an old SDES key establishment message, which will cause SRTP to re-peat the keystream that it used before, with devastating consequences. This attack is confirmed by our analysis of the libsrtp implementation. †¢ We show an attack on the ZRTP key exchange protocol that allows the attacker to convince ZRTP session participants that they have lost their shared secret. ZID values, which are used by ZRTP participants to retrieve previously established shared secrets, are not authenticated as part of ZRTP. Therefore, an attacker can initiate a session with some party A under the guise of another party B, with whom A previously established a shared secret. As part of session establishment, A is supposed to verify that B knows their shared secret. If the attacker deliberately chooses values that cause verification to fail, A will decide—following ZRTP specification—that B has â€Å"forgotten† the shared secret. The ZRTP specification explicitly says that the protocol may proceed even if the set of shared secrets is empty, in which case the attacker ends up sharing a key with A who thinks she shares this key with B. Even if the participants stop the protocol after losing their shared secrets, but are using VoIP devices without displays, they cannot confirm the computed key by voice and must stop communicating. In this case, the attack becomes a simple and effective denial of service. Our analysis of ZRTP is supported by the AVISPA formal analysis tool . †¢ We show several minor weaknesses and potential vulnerabilities to denial of service in other protocols. We also observe that the key derived as the result of MIKEY key exchange cannot be used in a standard cryptographic proof of key exchange security (e.g., ). Key secrecy requires that the key be in-distinguishable from a random bitstring. In MIKEY, however, the joint Diffie-Hellman value derived as the result of the protocol is used directly as the key. Membership in many Diffie-Hellman groups is easily checkable, thus this value can be distinguished from a random bitstring. Moreover, even hashing the Diffie-Hellman value does not allow the formal proof of security to go through in this case, since the hash function does not take any random inputs apart from the Diffie-Hellman value and cannot be viewed as a randomness extractor in the proof. (This observation does not immediately lead to any attacks.) While we demonstrate several real, exploitable vulnerabilities in VoIP security protocols, our main contribution is to highlight the importance of analyzing protocols in con-text rather than in isolation. Specifications of VoIP protocols tend to be a mixture of informal prose and pseudocode, with some assumptions—especially those about the protocols operating at the other layers of the VoIP stack—are left implicit and vague. Therefore, our study has important lessons for the design and analysis of security protocols in general. The rest of the paper is organized as follows. In section 2, we describe the protocols, focusing on SIP (signaling), SDES, ZRTP and MIKEY (key exchange), and SRTP (transport). In section 3, we describe the attacks and vulnerabilities that we discovered. Related work is in section 4, conclusions are in section 5. VoIP security different from normal data network security To understand why security for VoIP differs from data network security, we need to look at the unique constraints of transmitting voice over a packet network, as well as the characteristics shared by VoIP and data networks. Packet networks depend on many configurable parameters: IP and MAC (physical) addresses of voice terminals and addresses of routers and firewalls. VoIP networks add specialized software, such as call managers, to place and route calls. Many network parameters are established dynamically each time a network component is restarted or when a VoIP telephone is restarted or added to the net-work. Because so many nodes in a VoIP network have dynamically configurable parameters, intruders have as wide an array of potentially vulnerable points to attack as they have with data networks. But VoIP systems have much stricter performance constraints than data networks, with significant implications for security. Threats for VoIP VoIP security threats contain Eavesdropping, Denial of Service, Session Hijacking, VoIP Spam, etc. For preventing these threats, there are several VoIP standard protocols. And we discuss this in Section 3. Eavesdropping VoIP service using internet technology is faced with an eavesdropping threat, in which is gathering call setting information and audio/voice communication contents illegally. Eavesdropping can be categorized largely by eavesdropping in a LAN(Local Area Network) environment, one in a WAN( Wide Area Network) environment, one through a PC(Personal Computer) hacking, etc. Denial of Service Denial of Service is an attack, which makes it difficult for legitimate users to take telecommunication service regularly. Also it is one of threats, which are not easy to solve the most. Since VoIP service is based on internet technology, it also is exposed to Denial of Service. Denial of Service in VoIP service can be largely divided into system resource exhaustion, circuit This work was supported by the IT RD program of MIC/IITA resourceexhaustion,VoIP communication interruption/blocking, etc. Session Hijacking Session Hijacking is an attack, which is gathering the communication session control between users through spoofing legitimate users, and is interfering in their communication, as a kind of man-in-the-middle attack. Session Hijacking in VoIP communication can be categorized largely by INVITE session hijacking, SIP Registration hijacking, etc. VoIP Spam VoIP Spam is an attack, which is interrupting, and violating user privacy through sending voice advertisement messages, and also makes VMS(Voice Mailing System) powerless. It can be categorized by Call Spam, IM(Instant Messaging) Spam, Presence Spam, etc. Security trade-offs Trade-offs between convenience and security are routine in software, and VoIP is no exception. Most, if not all, VoIP components use integrated Web servers for configuration. Web interfaces can be attractive, easy to use, and inexpensive to produce because of the wide availability of good development tools. Unfortunately, most Web development tools focus on features and ease of use, with less attention paid to the security of the applications they help produce. Some VoIP device Web applications have weak or no access control, script vulnerabilities, and inadequate parameter validation, resulting in privacy and DoS vulnerabilities. Some VoIP phone Web servers use only HTTP basic authentication, meaning servers send authentication information without encryption, letting anyone with network access obtain valid user IDs and passwords. As VoIP gains popularity, well inevitably see more administrative Web applications with exploitable errors. The encryption process can be unfavorable to QoS Unfortunately, several factors, including packet size expansion, ciphering latency, and a lack of QoS urgency in the cryptographic engine can cause an excessive amount of latency in VoIP packet delivery, leading to degraded voice quality. The encryption process can be detrimental to QoS, making cryptodevices severe bottlenecks in a VoIP net-work. Encryption latency is introduced at two points. First, encryption and decryption take a nontrivial amount of time. VoIPs multitude of small packets exacerbates the encryption slowdown because most of the time consumed comes as overhead for each packet. One way to avoid this slowdown is to apply algorithms to the computationally simple encryption voice data before packetization. Although this improves throughput, the proprietary encryption algorithms used (fast Fourier-based encryption, chaos-bit encryption, and so on) arent considered as secure as the Advanced Encryption Standard,16 which is included in many IPsec implementations. AESs combination of speed and security should handle the demanding needs of VoIP at both ends. following general guidelines, recognizing that practical considerations might require adjusting them: †¢ Put voice and data on logically separate networks. You should use different subnets with separate RFC 1918 address blocks for voice and data traffic and separate DHCP servers to ease the incorporation of intrusion-detection and VoIP firewall protection. †¢ At the voice gateway, which interfaces with the PSTN, disallow H.323, SIP, or Media Gateway Control Protocol (MGCP) connections from the data network. As with any other critical network management component, use strong authentication and access control on the voice gateway system. †¢ Choose a mechanism to allow VoIP traffic through firewalls. Various protocol dependent and independent solutions exist, including ALGs for VoIP protocols and session border controllers. Stateful packet filters can track a connections state, denying packets that arent part of a properly originated call. Use IPsec or Secure Socket Shell (SSH) for all remote management and auditing access. If practical, avoid using remote management at all and do IP PBX access from a physically secure system. Use IPsec tunneling when available instead of IPsec transport because tunneling masks the source and destination IP addresses, securing communications against rudimentary traffic analysis (that is, determining whos making the calls). If performance is a problem, use encryption at the router or other gateway to allow IPsec tunneling. Be-cause some VoIP end points arent computationally powerful enough to perform encryption, placing this Recent studies indicate that the greatest contributor to the encryption bottleneck occurs at the cryptoengine scheduler, which often delays VoIP packets as it processes larger data packets.17 This problem stems from the fact that cryptoschedulers are usually first-in first-out (FIFO) queues, inadequate for supporting QoS requirements. If VoIP packets arrive at the encryption point when the queue already contains data packets, theres no way they can usurp the less time-urgent traffic. Some hardware manufacturers have proposed (and at least one has implemented) solutions for this, including QoS reordering of traffic just before it reaches the cryptoengine.18 But this solution assumes that the cryptoengines output is fast enough to avoid saturating the queue. Ideally, youd want the cryptoengine to dynamically sort incoming traffic and force data traffic to wait for it to finish processing the VoIP packets, even if these packets arrive later. However, this solution adds considerable over head to a process most implementers like to keep as light as possible. Another option is to use hardware-implemented AES encryption, which can improve throughput significantly. Past the cryptoengine stage, the system can perform further QoS scheduling on the encrypted packets, provided they were encrypted using ToS preservation, which copies the original ToS bits into the new IPsec header. Virtual private network (VPN) tunneling of VoIP has also become popular recently, but the congestion and bottlenecks associated with encryption suggest that it might not always be scalable. Although researchers are making great strides in this area, the hardware and soft-ware necessary to ensure call quality for encrypted voice traffic might not be economically or architecturally vi-able for all enterprises considering the move to VoIP. Thus far, weve painted a fairly bleak picture of VoIP security. We have no easy â€Å"one size fits all† solution to the issues weve discussed in this article. Decisions to use VPNs instead of ALG-like solutions or SIP instead of H.323 must depend on the specific nature of both the current network and the VoIP network to be. The technical problems are solvable, however, and establishing a secure VoIP implementation is well worth the difficulty. To implement VoIP securely today, start with the following general guidelines, recognizing that practical considerations might require adjusting them: †¢ Put voice and data on logically separate networks. You should use different subnets with separate RFC 1918 address blocks for voice and data traffic and separate DHCP servers to ease the incorporation of intrusion-detection and VoIP firewall protection. †¢ At the voice gateway, which interfaces with the PSTN, disallow H.323, SIP, or Media Gateway Control Protocol (MGCP) connections from the data network. As with any other critical network management component, use strong authentication and access control on the voice gateway system. †¢ Choose a mechanism to allow VoIP traffic through firewalls. Various protocol dependent and independent solutions exist, including ALGs for VoIP protocols and session border controllers. Stateful packet filters can track a connections state, denying packets that arent part of a properly originated call. Use IPsec or Secure Socket Shell (SSH) for all remote management and auditing access. If practical, avoid using remote management at all and do IP PBX access from a physically secure system. Use IPsec tunneling when available instead of IPsec transport because tunneling masks the source and destination IP addresses, securing communications against rudimentary traffic analysis (that is, determining whos making the calls). If performance is a problem, use encryption at the router or other gateway to allow IPsec tunneling. Be-cause some VoIP end points arent computationally powerful enough to perform burden at a central point ensures the encryption of all VoIP traffic emanating from the enterprise network. Newer IP phones provide AES encryption at reason-able cost. Look for IP phones that can load digitally (cryptographically) signed images to guarantee the integrity of the software loaded onto the IP phone. Avoid softphone systems (see the sidebar) when security or privacy is a concern. In addition to violating the separation of voice and data, PC-based VoIP applications are vulnerable to the worms and viruses that are all too common on PCs. Consider methods to harden VoIP platforms based on common operating systems such as Windows or Linux. Try, for example, disabling unnecessary services or using host-based intrusion detection methods. Be especially diligent about maintaining patches and current versions of VoIP software. Evaluate costs for additional power backup systems that might be required to ensure continued operation during power outages. Give special consideration to E-91 1 emergency services communications, because E-911 automatic location service is not always available with VoIP. VoIP can be done securely, but the path isnt smooth. It will likely be several years before standards issues are settled End to End VoIP Security End to End VoIP Security Introduction User communications applications are in high demand in the Internet user community. Two classes of such applications are of great importance and attract interest by many Internet users: collaboration systems and VoIP communication systems. In the first category reside systems like ICQ , MSN Messenger and Yahoo! Messenger while in the latter, systems like Skype and VoipBuster are dominating among the public VoIP clients. In the architecture plane, collaboration systems form a distributed network where the participants communicate with each other and exchange information. The data are either routed from the source through a central server to the recipient or the two clients communicate directly. The participants in such networks are both content providers and content requestors . On the other hand, the data communication path in the VoIP systems is direct between the peers, without any involvement of the service network in the data exchange path with some exceptions like Skypes â€Å" supernode† communications. Data are carried over public Internet infrastructures like Ethernets, WiFi hotspots or wireless ad hoc networks. Security in these networks is a critical issue addressed in several different perspectives in the past. In this assignment I focus on cryptographic security implementation in VoIP. Security is implemented dynamically in cooperation by the two (or more) peers with no prior arrangements and requirements, like out of band exchanged keys, shared secrets etc. Ease of use (simplicity), user friendliness (no special knowledge from the user side) and effectiveness (ensuring confidentiality and integrity of the applications) combined with minimal requirements on end user devices are the goals achieved by our approach. We leverage security of user communications, meeting all the above requirements, by enhancing the applications architecture with VoIPSec security elements. Over the past few years, Voice over IP (VoIP) has become an attractive alternative to more traditional forms of telephony. Naturally, with its in-creasing popularity in daily communications, re-searchers are continually exploring ways to improve both the efficiency and security of this new communication technology. Unfortunately, while it is well understood that VoIP packets must be encrypted to ensure confidentiality, it has been shown that simply encrypting packets may not be sufficient from a privacy standpoint. For instance, we recently showed that when VoIP packets are first compressed with variable bit rate (VBR) encoding schemes to save bandwidth, and then encrypted with a length preserving stream cipher to ensure confidentiality, it is possible to determine the language spoken in the encrypted conversation. As surprising as these findings may be, one might argue that learning the language of the speaker (e.g., Arabic) only affects privacy in a marginal way. If both endpoints of a VoIP call are known (for example, Mexico City and Madrid), then one might correctly conclude that the language of the conversation is Spanish, without performing any analysis of the traffic. In this work we show that the information leaked from the combination of using VBR and length preserving encryption is indeed far worse than previously thought. VOIP This assignment is about security, more specifically, about protecting one of your most precious assets, your privacy. We guard nothing more closely than our words. One of the most important decisions we make every day is what we will say and what we wont. But even then its not only what we say, but also what someone else hears, and who that person is. Voice over IP- the transmission of voice over traditional packet-switched IP networks—is one of the hottest trends in telecommunications. Although most computers can provide VoIP and many offer VoIP applications, the term â€Å"voice over IP† is typically associated with equipment that lets users dial telephone numbers and communicate with parties on the other end who have a VoIP system or a traditional analog telephone. (The sidebar, â€Å"Current voice-over-IP products,† de-scribes some of the products on the market today.) As with any new technology, VoIP introduces both opportunities and problems. It offers lower cost and greater flexibility for an enterprise but presents significant security challenges. Security administrators might assume that because digitized voice travels in packets, they can simply plug VoIP components into their already se-cured networks and get a stable and secure voice net-work. Unfortunately, many of the tools used to safeguard todays computer networks—firewalls, network address translation (NAT), and encryption—dont work â€Å"as is† in a VoIP network. Although most VoIP components have counterparts in data networks, VoIPs performance demands mean you must supplement ordinary network software and hardware with special VoIP components. Integrating a VoIP system into an already congested or overburdened network can be disastrous for a companys technology infra-structure. Anyone at- tempting to construct a VoIP network should therefore first study the procedure in great detail. To this end, weve outlined some of the challenges of introducing appropriate security measures for VoIP in an enterprise. End-to-End Security IN this assignment I am going to describe the end-to-end security and its â€Å"design principle† that one should not place mechanisms in the network if they can be placed in end nodes; thus, networks should provide general services rather than services that are designed to support specific applications. The design and implementation of the Internet followed this design principle well. The Internet was designed to be an application-agnostic datagram de-livery service. The Internet of today isnt as pure an implementation of the end-to-end design principle as it once was, but its enough of one that the collateral effects of the network not knowing whats running over it are becoming major problems, at least in the minds of some observers. Before I get to those perceived problems, Id like to talk about what the end-to-end design principle has meant to the Internet, technical evolution, and society. The Internet doesnt care what you do—its job is just to â€Å"deliver the b its, stupid† (in the words of David Isenberg in his 1997 paper, â€Å"Rise of the Stupid Network†2). The â€Å"bits† could be part of an email message, a data file, a photograph, or a video, or they could be part of a denial-of-service attack, a malicious worm, a break-in attempt, or an illegally shared song. The Net doesnt care, and that is both its power and its threat. The Internet (and by this, I mean the Arpanet, the NSFNet, and the networks of their successor commercial ISPs) wasnt designed to run the World Wide Web. The Internet wasnt designed to run Google Earth. It was designed to support them even though they did not exist at the time the foundations of the Net were designed. It was designed to support them by being designed to transport data without caring what it was that data represented. At the very first, the design of TCP/IP wasnt so flexible. The initial design had TCP and IP within a single protocol, one that would only deliver data reliably to a destination. But it was realized that not all applications were best served by a protocol that could only deliver reliable data streams. In particular, timely delivery of information is more important than reliable delivery when trying to support interactive voice over a network if adding reliability would, as it does, increase delay. TCP was split from IP so that the application running in an end node could determine for itself the level of reliability it needed. This split created the flexibility that is currently being used to deliver Skypes interactive voice service over the same network that CNN uses to deliver up-to-the-minute news headlines and the US Patent and Trademark office uses to deliver copies of US patents. Thus the Internet design, based as it was on the end-to-end principle, became a generative facility. Unlike the traditional phone system, in which most new applications must be installed in the phone switches deep in the phone net-work, anyone could create new applications and run them over the Internet without getting permission from the organizations that run the parts of the Net. This ability was exploited with â€Å"irrational exuberance†4 during the late 1990s Internet boom. But, in spite of the hundreds of billions of dollars lost by investors when the boom busted, the number of Internet users and Web sites, the amount of Internet traffic, and the value of Internet commerce have continued to rise, and the rate of new ideas for Internet-based services hasnt no- ticeably diminished. Security and privacy in an end-to-end world The end to end arguments paper used â€Å"se-cure transmission of data† as one reason that an end-to-end design was required. The paper points out that network-level or per-link encryption doesnt actually provide assurance that a file that arrives at a destination is the same as the file that was sent or that the data went unobserved along the path from the source to the destination. The only way to ensure end-to-end data integrity and confidentiality is to use end-to-end encryption. Thus, security and privacy are the responsibilities of the end nodes. If you want to ensure that a file will be transferred without any corruption, your data-transfer application had better include an integrity check, and if you didnt want to allow anyone along the way to see the data itself, your application had better encrypt it before transmitting it. There are more aspects to security on a network than just data encryption. For example, to ensure that communication over the net-work is reliable, the network itself needs to be secure against attempts—purposeful or accidental—to disrupt its operation or redirect traffic away from its intended path. But the original Internet design didnt include protections against such attacks. Even if the network is working perfectly, you need to actually be talking to the server or person you think you are. But the Internet doesnt pro-vide a way, at the network level, to assure the identities of its users or nodes. You also need to be sure that the message your computer re receives isnt designed to exploit weaknesses in its software (such as worms or viruses) or in the ways that you use the Net. Protection against such things is the end systems responsibility. Note that there is little that can be done â€Å"in the Net† or in your end system to protect your privacy from threats such as the government demanding the records of your use of Net-based services such as Google, which collect information about your network usage. Many of todays observers assume that the lack of built-in protections against attacks and the lack of a se-cure way to identify users or nodes was a result of an environment of trust that prevailed when the original Internet design and protocols were developed. If you trusted the people on the Net, there was no need for special defensive functions. But a few people who were â€Å"at the scene† have told me that such protections were actively discouraged by the primary sponsor of the early Internet—that is to say, the US military wasnt all that interested in having good nonmilitary security, maybe because it might make its job harder in the future. Whatever the reason, the Internet wasnt designed to provide a secure environment that included protection against the malicious actions of those who would disrupt it or attack nodes or services provided over it. End-to-end security is not dead yet, but it is seriously threatened, at least at the network layer. NATs and firewalls interfere with some types of end-to-end encryption technology. ISPs could soon be required by regulations to, by default, filter the Web sites and perhaps the protocols that their customers can access. Other ISPs want to be able to limit the protocols that their customers can access so that the ISP can give service providers an â€Å"incentive† to pay for the customers use of their lines—they dont see a way to pay for the net-work without this ability. The FBI has asked that it be able to review all new Internet services for tapability before theyre deployed, and the FCC has hinted that it will support the request If this were to happen, applications such as Skype that use end-to-end encryption could be outlawed as inconsistent with law enforcement needs. Today, its still easy to use end-to-end encryption as long as its HTTPS, but that might be short-lived. It could soon reach the point that the use of end-to-end encryption, without which end-to-end security cant exist, will be seen as â€Å"an antisocial act† (as a US justice department official once told me). If that comes to be the case, end-toend security will be truly dead, and we will all have to trust functions in the network that we have no way of knowing are on our side. What is VoIP end to end security? Achieving end-to-end security in a voice-over-IP (VoIP) session is a challenging task. VoIP session establishment involves a jumble of different protocols, all of which must inter-operate correctly and securely. Our objective in this paper is to present a structured analysis of protocol inter-operation in the VoIP stack, and to demonstrate how even a subtle mismatch between the assumptions made by a protocol at one layer about the protocol at another layer can lead to catastrophic security breaches, including complete removal of transport-layer encryption. The VoIP protocol stack is shown in figure 1. For the purposes of our analysis, we will divide it into four layers: signaling, session description, key exchange and secure media (data) transport. This division is quite natural, since each layer is typically implemented by a separate protocol. Signaling is an application-layer (from the viewpoint of the underlying communication network) control mechanism used for creating, modifying and terminating VoIP sessions with one or more participants. Signaling protocols include Session Initiation Protocol (SIP) [27], H.323 and MGCP. Session description protocols such as SDP [20] are used for initiating multimedia and other sessions, and often include key exchange as a sub-protocol. Key exchange protocols are intended to provide a cryptographically secure way of establishing secret session keys between two or more participants in an untrusted environment. This is the fundamental building block in se-cure session establishment. Security of the media transport layer—the layer in which the actual voice datagrams are transmitted—depends on the secrecy of session keys and authentication of session participants. Since the established key is typically used in a symmetric encryption scheme, key secrecy requires that nobody other than the legitimate session participants be able to distinguish it from a random bit-string. Authentication requires that, after the key exchange protocol successfully completes, the participants respective views of sent and received messages must match (e.g., see the notion of â€Å"matching conversations† in [8]). Key ex-change protocols for VoIP sessions include SDPs Security DEscriptions for Media Streams (SDES) , Multim edia Internet KEYing (MIKEY) and ZRTP [31]. We will analyze all three in this paper. Secure media transport aims to provide confidentiality, message authentication and integrity, and replay protection to the media (data) stream. In the case of VoIP, this stream typically carries voice datagrams. Confidentiality means that the data under encryption is indistinguishable from random for anyone who does not have the key. Message authentication implies that if Alice receives a datagram apparently sent by Bob, then it was indeed sent by Bob. Data integrity implies that any modification of the data in transit We show how to cause the transport-layer SRTP protocol to repeat the keystream used for datagram encryption. This enables the attacker to obtain the xor of plaintext datagrams or even to completely decrypt them. The SRTP keystream is generated by using AES in a stream cipher-like mode. The AES key is generated by applying a pseudo-random function (PRF) to the session key. SRTP, however, does not add any session-specific randomness to the PRF seed. Instead, SRTP assumes that the key exchange protocol, executed as part of RTP session establishment, will en-sure that session keys never repeat. Unfortunately, S/MIME-protected SDES, which is one of the key ex-change protocols that may be executed prior to SRTP, does not provide any replay protection. As we show, a network-based attacker can replay an old SDES key establishment message, which will cause SRTP to re-peat the keystream that it used before, with devastating consequences. This attack is confirmed by our analysis of the libsrtp implementation. †¢ We show an attack on the ZRTP key exchange protocol that allows the attacker to convince ZRTP session participants that they have lost their shared secret. ZID values, which are used by ZRTP participants to retrieve previously established shared secrets, are not authenticated as part of ZRTP. Therefore, an attacker can initiate a session with some party A under the guise of another party B, with whom A previously established a shared secret. As part of session establishment, A is supposed to verify that B knows their shared secret. If the attacker deliberately chooses values that cause verification to fail, A will decide—following ZRTP specification—that B has â€Å"forgotten† the shared secret. The ZRTP specification explicitly says that the protocol may proceed even if the set of shared secrets is empty, in which case the attacker ends up sharing a key with A who thinks she shares this key with B. Even if the participants stop the protocol after losing their shared secrets, but are using VoIP devices without displays, they cannot confirm the computed key by voice and must stop communicating. In this case, the attack becomes a simple and effective denial of service. Our analysis of ZRTP is supported by the AVISPA formal analysis tool . †¢ We show several minor weaknesses and potential vulnerabilities to denial of service in other protocols. We also observe that the key derived as the result of MIKEY key exchange cannot be used in a standard cryptographic proof of key exchange security (e.g., ). Key secrecy requires that the key be in-distinguishable from a random bitstring. In MIKEY, however, the joint Diffie-Hellman value derived as the result of the protocol is used directly as the key. Membership in many Diffie-Hellman groups is easily checkable, thus this value can be distinguished from a random bitstring. Moreover, even hashing the Diffie-Hellman value does not allow the formal proof of security to go through in this case, since the hash function does not take any random inputs apart from the Diffie-Hellman value and cannot be viewed as a randomness extractor in the proof. (This observation does not immediately lead to any attacks.) While we demonstrate several real, exploitable vulnerabilities in VoIP security protocols, our main contribution is to highlight the importance of analyzing protocols in con-text rather than in isolation. Specifications of VoIP protocols tend to be a mixture of informal prose and pseudocode, with some assumptions—especially those about the protocols operating at the other layers of the VoIP stack—are left implicit and vague. Therefore, our study has important lessons for the design and analysis of security protocols in general. The rest of the paper is organized as follows. In section 2, we describe the protocols, focusing on SIP (signaling), SDES, ZRTP and MIKEY (key exchange), and SRTP (transport). In section 3, we describe the attacks and vulnerabilities that we discovered. Related work is in section 4, conclusions are in section 5. VoIP security different from normal data network security To understand why security for VoIP differs from data network security, we need to look at the unique constraints of transmitting voice over a packet network, as well as the characteristics shared by VoIP and data networks. Packet networks depend on many configurable parameters: IP and MAC (physical) addresses of voice terminals and addresses of routers and firewalls. VoIP networks add specialized software, such as call managers, to place and route calls. Many network parameters are established dynamically each time a network component is restarted or when a VoIP telephone is restarted or added to the net-work. Because so many nodes in a VoIP network have dynamically configurable parameters, intruders have as wide an array of potentially vulnerable points to attack as they have with data networks. But VoIP systems have much stricter performance constraints than data networks, with significant implications for security. Threats for VoIP VoIP security threats contain Eavesdropping, Denial of Service, Session Hijacking, VoIP Spam, etc. For preventing these threats, there are several VoIP standard protocols. And we discuss this in Section 3. Eavesdropping VoIP service using internet technology is faced with an eavesdropping threat, in which is gathering call setting information and audio/voice communication contents illegally. Eavesdropping can be categorized largely by eavesdropping in a LAN(Local Area Network) environment, one in a WAN( Wide Area Network) environment, one through a PC(Personal Computer) hacking, etc. Denial of Service Denial of Service is an attack, which makes it difficult for legitimate users to take telecommunication service regularly. Also it is one of threats, which are not easy to solve the most. Since VoIP service is based on internet technology, it also is exposed to Denial of Service. Denial of Service in VoIP service can be largely divided into system resource exhaustion, circuit This work was supported by the IT RD program of MIC/IITA resourceexhaustion,VoIP communication interruption/blocking, etc. Session Hijacking Session Hijacking is an attack, which is gathering the communication session control between users through spoofing legitimate users, and is interfering in their communication, as a kind of man-in-the-middle attack. Session Hijacking in VoIP communication can be categorized largely by INVITE session hijacking, SIP Registration hijacking, etc. VoIP Spam VoIP Spam is an attack, which is interrupting, and violating user privacy through sending voice advertisement messages, and also makes VMS(Voice Mailing System) powerless. It can be categorized by Call Spam, IM(Instant Messaging) Spam, Presence Spam, etc. Security trade-offs Trade-offs between convenience and security are routine in software, and VoIP is no exception. Most, if not all, VoIP components use integrated Web servers for configuration. Web interfaces can be attractive, easy to use, and inexpensive to produce because of the wide availability of good development tools. Unfortunately, most Web development tools focus on features and ease of use, with less attention paid to the security of the applications they help produce. Some VoIP device Web applications have weak or no access control, script vulnerabilities, and inadequate parameter validation, resulting in privacy and DoS vulnerabilities. Some VoIP phone Web servers use only HTTP basic authentication, meaning servers send authentication information without encryption, letting anyone with network access obtain valid user IDs and passwords. As VoIP gains popularity, well inevitably see more administrative Web applications with exploitable errors. The encryption process can be unfavorable to QoS Unfortunately, several factors, including packet size expansion, ciphering latency, and a lack of QoS urgency in the cryptographic engine can cause an excessive amount of latency in VoIP packet delivery, leading to degraded voice quality. The encryption process can be detrimental to QoS, making cryptodevices severe bottlenecks in a VoIP net-work. Encryption latency is introduced at two points. First, encryption and decryption take a nontrivial amount of time. VoIPs multitude of small packets exacerbates the encryption slowdown because most of the time consumed comes as overhead for each packet. One way to avoid this slowdown is to apply algorithms to the computationally simple encryption voice data before packetization. Although this improves throughput, the proprietary encryption algorithms used (fast Fourier-based encryption, chaos-bit encryption, and so on) arent considered as secure as the Advanced Encryption Standard,16 which is included in many IPsec implementations. AESs combination of speed and security should handle the demanding needs of VoIP at both ends. following general guidelines, recognizing that practical considerations might require adjusting them: †¢ Put voice and data on logically separate networks. You should use different subnets with separate RFC 1918 address blocks for voice and data traffic and separate DHCP servers to ease the incorporation of intrusion-detection and VoIP firewall protection. †¢ At the voice gateway, which interfaces with the PSTN, disallow H.323, SIP, or Media Gateway Control Protocol (MGCP) connections from the data network. As with any other critical network management component, use strong authentication and access control on the voice gateway system. †¢ Choose a mechanism to allow VoIP traffic through firewalls. Various protocol dependent and independent solutions exist, including ALGs for VoIP protocols and session border controllers. Stateful packet filters can track a connections state, denying packets that arent part of a properly originated call. Use IPsec or Secure Socket Shell (SSH) for all remote management and auditing access. If practical, avoid using remote management at all and do IP PBX access from a physically secure system. Use IPsec tunneling when available instead of IPsec transport because tunneling masks the source and destination IP addresses, securing communications against rudimentary traffic analysis (that is, determining whos making the calls). If performance is a problem, use encryption at the router or other gateway to allow IPsec tunneling. Be-cause some VoIP end points arent computationally powerful enough to perform encryption, placing this Recent studies indicate that the greatest contributor to the encryption bottleneck occurs at the cryptoengine scheduler, which often delays VoIP packets as it processes larger data packets.17 This problem stems from the fact that cryptoschedulers are usually first-in first-out (FIFO) queues, inadequate for supporting QoS requirements. If VoIP packets arrive at the encryption point when the queue already contains data packets, theres no way they can usurp the less time-urgent traffic. Some hardware manufacturers have proposed (and at least one has implemented) solutions for this, including QoS reordering of traffic just before it reaches the cryptoengine.18 But this solution assumes that the cryptoengines output is fast enough to avoid saturating the queue. Ideally, youd want the cryptoengine to dynamically sort incoming traffic and force data traffic to wait for it to finish processing the VoIP packets, even if these packets arrive later. However, this solution adds considerable over head to a process most implementers like to keep as light as possible. Another option is to use hardware-implemented AES encryption, which can improve throughput significantly. Past the cryptoengine stage, the system can perform further QoS scheduling on the encrypted packets, provided they were encrypted using ToS preservation, which copies the original ToS bits into the new IPsec header. Virtual private network (VPN) tunneling of VoIP has also become popular recently, but the congestion and bottlenecks associated with encryption suggest that it might not always be scalable. Although researchers are making great strides in this area, the hardware and soft-ware necessary to ensure call quality for encrypted voice traffic might not be economically or architecturally vi-able for all enterprises considering the move to VoIP. Thus far, weve painted a fairly bleak picture of VoIP security. We have no easy â€Å"one size fits all† solution to the issues weve discussed in this article. Decisions to use VPNs instead of ALG-like solutions or SIP instead of H.323 must depend on the specific nature of both the current network and the VoIP network to be. The technical problems are solvable, however, and establishing a secure VoIP implementation is well worth the difficulty. To implement VoIP securely today, start with the following general guidelines, recognizing that practical considerations might require adjusting them: †¢ Put voice and data on logically separate networks. You should use different subnets with separate RFC 1918 address blocks for voice and data traffic and separate DHCP servers to ease the incorporation of intrusion-detection and VoIP firewall protection. †¢ At the voice gateway, which interfaces with the PSTN, disallow H.323, SIP, or Media Gateway Control Protocol (MGCP) connections from the data network. As with any other critical network management component, use strong authentication and access control on the voice gateway system. †¢ Choose a mechanism to allow VoIP traffic through firewalls. Various protocol dependent and independent solutions exist, including ALGs for VoIP protocols and session border controllers. Stateful packet filters can track a connections state, denying packets that arent part of a properly originated call. Use IPsec or Secure Socket Shell (SSH) for all remote management and auditing access. If practical, avoid using remote management at all and do IP PBX access from a physically secure system. Use IPsec tunneling when available instead of IPsec transport because tunneling masks the source and destination IP addresses, securing communications against rudimentary traffic analysis (that is, determining whos making the calls). If performance is a problem, use encryption at the router or other gateway to allow IPsec tunneling. Be-cause some VoIP end points arent computationally powerful enough to perform burden at a central point ensures the encryption of all VoIP traffic emanating from the enterprise network. Newer IP phones provide AES encryption at reason-able cost. Look for IP phones that can load digitally (cryptographically) signed images to guarantee the integrity of the software loaded onto the IP phone. Avoid softphone systems (see the sidebar) when security or privacy is a concern. In addition to violating the separation of voice and data, PC-based VoIP applications are vulnerable to the worms and viruses that are all too common on PCs. Consider methods to harden VoIP platforms based on common operating systems such as Windows or Linux. Try, for example, disabling unnecessary services or using host-based intrusion detection methods. Be especially diligent about maintaining patches and current versions of VoIP software. Evaluate costs for additional power backup systems that might be required to ensure continued operation during power outages. Give special consideration to E-91 1 emergency services communications, because E-911 automatic location service is not always available with VoIP. VoIP can be done securely, but the path isnt smooth. It will likely be several years before standards issues are settled

B.f. Skinner Essay examples -- essays research papers

B.F. Skinner Psychologist, born in Susquhanna, Pa. He studied at Harvard, teaching there (1931-6, 1947-74). A leading behaviorist, he is a proponent of operant conditioning, and the inventor of the Skinner box for facilitating experimental observations. B. F. Skinner’s entire system is based on operant conditioning. The organism is in the process of â€Å"operating† on the environment, which in ordinary terms means it is bouncing around the world, doing what it does. During this â€Å"operating,† the organism encounters a special kind of stimulus, called a reinforcing stimulus, or simply a reinforcer. This special stimulus has the effect of increasing the operant - which is the behavior occurring just before the reinforcer. This is operant conditioning: â€Å"the behavior is followed by a consequence, and the nature of the consequence modifies the organisms tendency to repeat the behavior in the future.† Say you have a dog and he’s just playing around with his toys and such and then when you throw a toy at him and he catches it then you give him a treat. Then all of the sudden the dog is starting to catch toys and such as you throw it in the air or at his mouth. The operant is the behavior just prior to the reinforcer, which is the treat. Then what if you decide to stop giving the dog treats, well he’ll stop his little trick which your, the owner were enjoying. This is called extinction of the operant behavior. Now, if you were to start showing the dog treats, then most likely he/she’ll want to start doing the tricks again and a little more quickly than the dog learned at first. This is because the return of the reinforcer takes place in the context of a reinforcement history that goes all the way back to the very first time the dog was reinforced for performing the tricks. Continuous reinforcement is the original scenario: Every time that the dog does the behavior (such as performing a trick), he gets a treat. The fixed ratio schedule was the first one Skinner discovered: If the dog did the trick three times, say, he gets a goodie. Or five times. Or twenty times. Or â€Å"x† times. There is a fixed ratio between behaviors and reinforcers: 3 to 1, 5 to 1, 20 to 1, etc. This is a little like â€Å"piece rate† in the clothing manufacturing industry: You get paid so much for so many shirts. Skinner also looked at variable schedules. Variable ratio means you change the â€Å"x† each ... ...e aversive stimulus of hunger? Skinner (contrary to some stereotypes that have arisen about behaviorists) doesn’t â€Å"approve† of the use of aversive stimuli -- not because of ethics, but because they don’t work well! Notice that I said earlier that Johnny will maybe stop throwing his toys, and that I perhaps will take out the garbage? That’s because whatever was reinforcing the bad behaviors hasn’t been removed, as it would’ve been in the case of extinction. This hidden reinforcer has just been â€Å"covered up† with a conflicting aversive stimulus. So, sure, sometimes the child (or me) will behave -- but it still feels good to throw those toys. All Johnny needs to do is wait till you’re out of the room, or find a way to blame it on his brother, or in some way escape the consequences, and he’s back to his old ways.   Ã‚  Ã‚  Ã‚  Ã‚  B. F. Skinner made numerous contributions to the science of behavior. He strongly influenced the area of learning that he named operant conditioning. His Skinner box is now a standard apparatus for the experimental study of animal behavior. Much of his work involved the study of how reinforcement schedules influence learning and behavior.

Is interactive clubbing the future of nightlife? Essay

Abstract The purpose of this study is primarily to provide a denotative definition of an Interactive Clubbing which was clearly manifested in t. The author first provided essential definitions suggested by credible sources as to the definition of the terms involved in the paper such as clubbing, interactive and then the most important concept of interactive clubbing and then provided a brief history on the origin of clubbing as to the technology being used in traditional clubbing. The methodology in this research included two sets of surveys intended managers (First set) and club goers (second set). The questions in the surveys aimed to have as a result an analysis on what are the technology involved in traditional clubs and whether such innovative installations create a positive impact to club goers and eventually to assess whether an introduction of a new concept such as that of an interactive clubbing would be appealing to frequent club goers. The respondent managers fro the first set of survey questions, came from different traditional and contemporary clubs and existent interactive club. The total number of respondents is 50 managers for the United Kingdom clubs. Most of the respondents are managers of clubs that had operated and remained successful for at least six to ten years. They were also managers in such clubs for three to four years. On the other hand, the respondent club goers for the second set of survey questions, consisted of total number of respondents is 50 club goers fro the United Kingdom. Most of the respondents are frequent club goers ranging from ages eighteen to thirty-eight years of age. In the course of this research, the author proposed an interactive club which comprised of a perfect combination of the theories in technological installation in a futuristic club which can be made possible through the proper application of such theories. Finally, the conclusion provides for an assumption regarding the concept of interactive clubbing as the future of clubbing experience. Introduction Definition of Terms Clubbing, like other ambiguous words pertains to different connotations and denotations. In order to have a concrete and working definition for the purpose of this particular research proposal, it is important to associate the word clubbing to the a certain concept identified in this research. The working definition to be used for this paper shall be associated to â€Å"Night Clubbing† which pertains the common term â€Å"Night Life† which is commonly practiced by the young citizens ranging from teen-agers until the young professionals, sometimes even the professionals under 40 years of age. Activities included with â€Å"Night Clubbing† are social dances, drinking, relaxation and other social activities. Necessary equipments present in every club is a dance floor and a bar side. Such equipments improve and enhance as the history of clubbing grows along with the innovations brought about by the evolution of technology. Moreover, nightclub is often denoted as a venue for entertainment which utilizes music, dancing and drinking as form of relaxation. Interactive is a concept that pertains to the innovational enhancement of a communication environment where in more than a party is equipped and is able to participate in a particular given activity. This definition is provided by the â€Å"Alliance of Telecommunications Industry Solutions (ATIS)†, an organization that specializes in rapidly developing and promoting technical and operations standards for the communication and related information technologies industry worldwide using a pragmatic, flexible and open approach. Combining the two concepts mentioned above would introduce a new era of clubbing apart from the traditional method of the activity as mentioned earlier. The product of the two concepts would give birth to a new concept called, the Interactive Clubbing. According to Sam Radvilla, a Video Jockey (VJ) in one of the clubs in UK, interactive clubbing is the visuals (graphics and video footage) triggered and manipulated by the motion of a dance crowd (sensors) or simply sound waves (microphone or other sound input). It is also the use of real time camera feeds with a visual set to start an optical dialogue between dance floor or audience, screen(s) and stage. Video feedback used by Video Jockeys (VJ) as a symbolic bridge between the digital and the analog world. Playing images with the same techniques and means as electronic musicians use (sampling, pitching, scratching, midi). According to Merriam-Webster Dictionary, Interactive can be define as the involving the actions or input of a user; especially : of, relating to, or being a two-way electronic communication system (as a telephone, cable television, or a computer) that involves a user’s orders (as for information or merchandise) or responses (as to a poll). A Disc Jockey (DJ) is the person in charge and in control of the musical scoring in a club or any social gathering entailing the need of music. The DJ has often the responsibility in keeping the music alive which also means that he has the obligation of keeping the night lively and keep the party going on till it will end. A Video Jockey (VIDOE JOCKEY (VJ)) has almost the same role as that of a Disc Jockey. The only difference is that the Disc Jockey has utilizes only audio Jockey, where as the Video Jockey comments on a video taped program or the Video Jockey does not only make use of an audio but also a video advantage that he can be seen and can interact with people in a visual manner. The innovative offer of live communication provided the possibility of a Video Jockey in Clubs. Most often than not, Video Jockey preferred in social gatherings and clubs. History The history of clubbing started from the cabarets of Europe during the early years of the 19th century and then it evolved into the bight clubs of the United State not far from the 1950’s. According to Lewis (Lewis, 1981) clubbing became popular as daring past time among urban whites, who would even travel uptown to Harlem after hours of music, food and excitement. Regine Zylberberg in her book Moi, mes histoires, 2006, gave a brief overview of the history of clubbing in the United Kingdom. The first member-only discotheque nightclub was opened at Berkeley Square London, in 1962 through the initiative of Mark Birley. This was then followed by the return of rock and roll during the 1970’s which was remixed into disco music from the French discotheque. The early clubbing according to Regine (as she is popularly called) used jukebox or mostly live bands as a source of musical entertainment. She also mentioned clubs having a dance-floor, suspended colored lights and the juke box were eventually enhanced with two turntables which are operated in order to avoid dead breaks between the music, setting into place the standard elements of the discotheque. As clubbing enters the dawn of technological innovations, additional equipments have been added to make clubbing experience become more exciting. DJ’s of the traditional early clubbing are replaced by VJ’s. The lights are enhanced to move along with the beat of the music. The sounds of music are enhanced through larger and stronger volumes of speakers that replaced jukebox. The musical scoring can be manipulated through an audio mixer that has different controls which makes the job of Jockeys easier. When computers were introduced to play a role in audio mixing, automated and readily mixed music and computer generated effects are now being used in modern night clubs all over Europe and the rest of the clubbing industry all over the globe. Issue Since the introduction of a new form of clubbing, technological issues of its probability and the nature of its existence are haunting the interactive media. The issue that this research attempts to resolve is that, whether interactive clubbing will succeed in providing full satisfaction to modern and contemporary club goers, that would make Interactive technology the future. This research would also attempt to provide a denoted definition of interactive clubbing. Relevance of the Study As an interactive media major, this research would serve as an application of all the theories and practices that I have gathered from my learning experiences. Conceptualizing a new form of clubbing through interactive installation would compel me to combine all the different media in order to come up with a multimedia operated clubbing. This research would eventually serve as the action of the theory that has been instilled in me from my years of studying interactive media. This study would benefit the alternative club goers which are looking for more exciting experiences that other interactive clubbing cannot provide. The right combination technological installations would eventually produce a seemingly perfect environment for club goers to become fully satisfied and fully equipped with an interactive clubbing. Moreover, this research would also provide opportunities for the proper utilization of technological equipments and maximizing the fruitful efforts of scientific research in media and in entertainment. Interactive clubbing would further bring clubbing experience to a higher level of satisfaction which was definitely unable to be provided by the old method of traditional clubbing.

Kossans Return And Market Return Essay Example Pdf - Free Essay Example

Sample details Pages: 9 Words: 2737 Downloads: 8 Date added: 2017/06/26 Category Finance Essay Type Argumentative essay Did you like this example? Chart 1 represents the return of Kossan Rubber Industries and KLCI index. In year 2004, the Kossans stock return is higher than the market return which is 1.1174% and 1.0131%. This implies that Kossan have a high performance in year 2004. Don’t waste time! Our writers will create an original "Kossans Return And Market Return Essay Example Pdf" essay for you Create order The following year, both of Kossan and KLCI index have a negative return which is -1.9569% and -0.0381% respectively. However, the situation has been improved in year 2006. The Kossans return has increase to 8.3246% which is highest return during the five years while the market returns is 1.6952%. Nevertheless, the return of Kossan dropped to -1.1743% in year 2007 adversely market return increase to 2.4065% which is higher than Kossan stock return. In year 2008, both returns are dropped to negative return which is -2.1616% and -3.9557% respectively. It is because the inflationary pressures attributed to 5 fold increases of oil prices. Although the Kossan stock return are negative but it also is higher than the market return. In consequence, overall the five years, the Kossan Rubber Industry have a good performance and well prospective for the future. Industry Analysis Malaysian glove industry started in late 80s and it has been the largest rubber glove exporter in the world for the past 20 years. Malaysia currently controls about 65 percent of the worlds consumption and still remains highly competitive in the world market even for the next 5 to 10 years. The global demand for rubber gloves has increased and expected to grow by 10% annually driven by greater health awareness, more stringent health standards and an aging population. At present though rubber gloves have not been affected much from the global crisis, but the rubber gloves industries are facing stiff competition and higher production costs including latex, crude oil and labor input. Only handful efficient and sizeable glove manufacturers are able to survive and secure the growing demand in gloves. Sime Darby and KLK which were unsuccessful in growing their rubber glove operations would have dominated the industry. Instead, Kossan have successful in its rubber glove operations. It is because Kossans operational efficiency and cost management has managed to minimize the impact of rising costs on operating margins. Kossan is also ambitious and nimble players, who have invested tremendous time and effort to improve quality, achieve efficiency and grow export markets. It is for this reason that the Kossan will continue to dominate the industry as it will become increasingly difficult for new entrants to entry in this industry and achieve economies of scale. Looking forward, Kossans management continues to emphasize on higher value added products, focusing on the premium powder-free medical gloves, both in the natural rubber (NR) and nitrile segments. Its management also appears poised to meet any variance in the consumption trend between natural rubber and nitrile gloves, with the company setting in-place highly versatile production lines. Financials KOSSAN TOP GLOVE SUPERMAX Bursa S.Code 7153 7113 7106 Mkt cap (RMmillion) 372. 5 1083.8 254.7 Mkt price (RM) 2.33 3.60 0.96 YTD price chg (%) (40.3) (44.6) (56.0) Cons. TP (RM) 3.43 4.49 1.55 TP upside (%) 47.2 24.7 61.5 EPS (RM) 0.38 0.37 0.22 P/E (x) 6.1 9.7 4.4 BV/share (RM) 1.97 2.27 1.54 P/BV (x) 1.2 1.6 0.6 Div/share (RM) 0.09 0.11 0.03 Div yield (%) 4.0 3.1 3.4 (Figure 2: YEAR 08 GLOVE PEER COMPARISON) Figure 2 represent the rubber glove peer comparison between Kossan, Top Glove and Supermax on year 2008. Over the all, Kossan Rubber Industries Bhd has a good performance compare to other rubber industries. The EPS of Kossan is 38 sen which is higher than 37 sen (Top Glove) and 22 sen (Supermax). This implies that Kossan have a high earning for each share outstanding compare to other rubber gloves industries. At the same time, Kossan have a RM2.33 market price which is higher than Supermax RM0.96 but lower price than Top glove is RM3.60. This also implies that Kossan Rubber have a high value compare to Supermax. Dividend per share of Kossan is also more than Supermax which is RM0.09 and RM0.03 respectively. Based on Kossans EPS and P/E ratio, we set the fair value of RM3.43, which is 47% above its current market price. For Top Glove, the fair value is RM4.49 which is 25% above its current market price, and fair value for Supermax is RM1.55 which is 61% above its market price. Du e to the intrinsic value is higher than the current market price, so that we duly maintain our buy call. Kossans results have matched our expectations despite facing cost pressures and slower global economic. We like Kossan for its production efficiency, high production capacity utilization rate and its focus on the higher-margin nitrile / NR powder-free glove segment growth. Company Analysis Kossan Rubber Industries Bhd was established in 1979. The companys manufacturing plants are centered within Klang Valley, Malaysia for ease of management and logistic control which translates into better synergistic effects. Its principal activity is manufacturing latex examination gloves, manufacturing and trading rubber products, fabricating and installing machineries as well as investment holding. The companys subsidiaries include Kossan Latex Industries (M) Sdn. Bhd., Perusahaan Getah Asas Sdn. Bhd., Hibon Corporation Sdn. Bhd., Doshin Rubber Products (M) Sdn. Bhd., Ideal Quality Sdn. Bhd., Kossan Engineering (M) Sdn. Bhd., and Top Calibre Sdn. Bhd. During the time, Kossan offered a range of cutless bearings that were often used in the marine industry. With a growing market demand for Kossans products, Kossan Rubber Industries Bhd continued to progress rapidly and was one of the first companies in Malaysia to venture into glove manufacturing. It then introduced the first glo ve production line in August 1988. Today, Kossan has a full capacity of 49 state-of-the-art production lines that are able to produce a stunning 3.9 billion pieces of gloves annually. Kossan joined the Main Board of Bursa Malaysia in 1996 and has been classified as one of the fastest growing companies in Malaysia. Kossans stellar performances and strong reputation of good product quality, timely delivery and excellent customer service, numbers of multinational companies in developed countries have resulted in a business network that extends to more than 160 countries around the world and commanding significant world market share in both rubber products and medical gloves. Kossan products are mainly distributed in countries such as United State of America, China, Japan, Korea, Europe, Canada, Europe, Middle East and Australia. Kossan continued to grow and extend its line of quality products. With wide acceptability of its rubber rollers and cutless bearing, it took a step further to introduce PU products 1988 and Ethylene Vinyl Acetate (EVA) products in 1994. In year 2000, Kossan progressed further by developing high-end rubber products such as bridge bearing pads and bridge expansion joint. These products are created to meet current and possibly, future industrial requirements. In 2001, Kossan chalked a new milestone by becoming the OEM manufacturer of marine dock fenders. The following year, Kossan reengineered the facilities to introduce technical rubber and rubber-to mental bonded automotive parts for OEM and replacement markets. With a progressive management and dynamic outlook, Kossan will continuously strive towards better quality, reliability, and services. Kossan are always thinking ahead and their customers satisfaction will always be the main focus in everything they do and produce. In the year 2008 was a year full of challenges from the inflationary pressures attributed to 5 fold increases of oil prices from under $30 to $147 per barr el in the first half of the year which lead bulk latex prices to spiral and hit a high of RM7.20 per kg in the month of July. High commodity prices and unprecedented increases in energy costs announced by the Government severely impaired the well being of not only the glove manufacturers but also manufacturers and exporters across many industries. The year under review saw Kossan operating in a challenging market environment characterised by great fluctuations in RM/USD exchange rate, record high production cost as a result of stiff increments in natural gas and electricity tariff, and volatile raw material costs including both natural and synthetic latex. Nevertheless, Kossan was able to ride over the challenge and delivered a strong set of financial and operational performance through strong business partnerships with world renowned multinational companies from the developed nations, aggressive capacity growth and focused on manufacturing capability building initiatives. To maintain their market leader position in premium medical gloves and TRPs, the Group will continue to focus on RD. Greater emphasis will be placed on RD activities that are able to bring down overall production cost through more consistent and stable production flows, minimum idle production times, and reduced production rejects and wastages. With more competitive pricing, Kossan Group is well positioned to compete more effectively in the world market. With their concerted RD efforts, they achieved another milestone with the invention of a new generation of nitrile glove which is accelerator free and able to minimize risk of chemical allergy. This nitrile glove offers many advantages to its users compared with the conventional nitrile gloves available in the markets. Supported by encouraging feedbacks from their buyers, they are putting more resources and capacity to produce this new product. Relative valuation techniques Growth rate (g) = ROE ÃÆ'Æ’- b Year Growth rate (g) 2004 0.162 ÃÆ'Æ’- 0.783 = 12.68% 2005 0.18 ÃÆ'Æ’- 0.834 = 15.01% 2006 0.224 ÃÆ'Æ’- 0.814 = 18.23% 2007 0.219 ÃÆ'Æ’-0.831 = 18.20% 2008 0.1974 ÃÆ'Æ’- 0.812 = 16.03% Average growth rates 12.68% + 15.01% + 18.23% + 18.20% + 16.03% 5 = 16.03% 2008 Expected Price/earnings ratio Market value per share Earnings per share = RM 2.88 0.3668 = 7.8517 Expected EPS = EPS ÃÆ'Æ’- (1+g) = 0.3668 ÃÆ'Æ’- 1.1603 =0.4256 Expected market price = 0.4256 ÃÆ'Æ’- 7.8517 = 3.3417 Intrinsic value = Expected market price 1+ Required rate of return = 3.3417 1.021 =RM 3.27 Price/cash flow ratio Market value per share Operating cash flow per share = RM 2.88 57549081/159866976 = 8.00 Expected Cash flow per share = Cash flow per share ÃÆ'Æ’- (1+g) =0.36 ÃÆ'Æ’- 1.1603 =0.4177 Exp ected market price =0.4177 ÃÆ'Æ’- 8 =3.3416 Intrinsic value: = Expected market price 1+ Required rate of return =3.3416 1.021 = RM 3.27 Price/book value ratio Market value per share Book value per share = 2.88 299858657/159866976 = 1.535 Expected book value per share = book value per shareÃÆ'Æ’- (1+g) =1.8757 ÃÆ'Æ’- 1.1603 =2.1763 Expected market price =2.1763 ÃÆ'Æ’- 1.535 =RM 3.34 Intrinsic value: = Expected market price 1+ Required rate of return = 3.34 1.021 = RM 3.27 Price/sales ratio Market value per share Net sales revenues per share = 2.88 897194335/159866976 = 0.5132 Expected net sales revenues per share = net sales revenues per share ÃÆ'Æ’- (1+g) =5.61 ÃÆ'Æ’- 1.1603 =6.51 Expected market price = 6.51 ÃÆ'Æ’- 0.5132 =3.34 Intrinsic value: = Expected market price 1+ Required rate of return =3.34 1.021 =RM 3.27 According to the above valuation, the intrinsic value of the stock price is RM3.27 per share. Below is the Kossan yearly stock price performance during year 2004 to year 2008 . Calculation Of Holding Period Return ( HPR) HPR = Ending Price Beginning Price + Dividen Beginning Price Year HPR 2004 3.15 2.03 + 0.072 2.03 = 0.5872 2005 1.83 3.46 + 0.03 3.46 = -0.4624 2006 4.57 2.02 + 0.046 2.02 = 1.2851 2007 3.88 4.68 + 0.058 4.68 = -0.1585 2008 2.88 3.77 + 0.07 3.77 = -0.2175 Measuring Investment Returns over Multiple Periods Arithmetic Average = Total HPR (%) No. of the period = 58.72% + -46.24% + 128.51% + -15.85% + -21.75% 5 = 103.39% 5 = 20.678% So the annual return is 20.678%. Since this value ignores compounding, it does not represent an equivalent, single quarterly rate for the year. Geometric Average = [(1+HPR2004) ÃÆ'Æ’-(1+HPR2005) ÃÆ'Æ’- (1+HPR2006) ÃÆ'Æ’- (1+HPR2007) ÃÆ'Æ’- (1+HPR2008)]1/5 _ 1 = [(1+0.5872) ÃÆ'Æ’-(1-0.4624) ÃÆ'Æ’-(1+1.2851) ÃÆ'Æ’-(1-0.1585) ÃÆ'Æ’-(1 -0.2175)] 1/5 _ 1 = [1.2839] 1/5 _ 1 = 5.13% A geometric average return is the constant return applied to each period in a range that would result in the compounded return over that range which is 5.13%. Financial Ratio Analysis Financial Ratios 2004 2005 2006 2007 2008       Liquidity Ratio      1) Current Ratio 1.32 times 1.22 times 1.11 times 1.04 times 1.00 times 2) Quick Ratio 0.89 times 0.83 times 0.76 times 0.68 times 0.62 times       Leverage      3) Interest Burden 91% 91% 87% 85% 87% 4) Leverage 1.79 times 1.96 times 2.26 times 2.13 times 2.18 times       Asset Management Ratio      5) Average Collection Period 90 days 80 day 72 day 70 day 61 day 6) Total Asset Turnover 1.23 times 1.35 times 1.53 times 1.45 times 1.51 times       Profitability Ratio      7) Return On Asset (ROA) 14.31% 14.13% 14.84% 14.16% 14.02% 8) Return On Equity (ROE) 16.82% 19.39% 22.47% 24.87% 21.46% 9) Earning Per Share (EPS) 33.22 sen 18.11 sen 24.79 sen 34.46 sen 36.68 sen       Market Ratio      10) Price/Earning Ratio (PE) 9.48 times 10.10 times 18.43 times 11.26 times 7.85 times 11) Market/Book Ratio (MB) 1.51 times 1.82 times 3.82 times 2.46 times 1.54 times Liquidity Ratio The current ratio is an excellent diagnostic tool as it measures whether or not the business has enough resources to pay its bills over the next 12 months. Then, the quick ratio is measurement of the liquidity position of the business. The primary difference between the current ratio and the quick ratio is the quick ratio does not include inventory and prepaid expenses in the calculation. Consequently, a businesss quick ratio will be lower than its current ratio. A current ratio of over 1 is good news, generally. On year 2004, the company Kossan has 1.32 times current ratio, after that, the current ratio has a continually drop to 1.00 times on year 2008. Same at the current ratio, the quick ratio of company Kossan has a continually drop from 0.89 times year 2004 to 0.62 times year 2008. However, the liquidity ratio Kossan has decrease year by year, it still have a good liquidity. Leverage The graph indicates that leverage ratio has increasing steadily from 1.79 times in year 2004 to 2.18 times in year 2008. Leverage ratio is measure of debt to total capitalization of the firm. Too high leverage ratio indicate company will face the risk such as, cant to solve their indebtedness at the time, but too lower leverage ratio indicate company do not efficiency invest their money because too many assets keep on hand. The company Kossan has quite optimum leverage ratio during year 2004 to year 2008 because they maintain between 1.79 times to 2.26 times. Asset Management Ratio Average collection period indicates how rapidly a firm is collecting its credit, as measured by the average number of days it takes to collect its accounts receivable. On year 2004, the company Kossan has 90 days average collection period, that mean the company average can collect all accounts receivable on year 2004 during the 90 days. The company has improves its collection period during the year 2004 until year 2008. It is speed up the collection period. On year 2004 to year 2008, the company has short down 29 days to 61 days on year 2008. The rapidly company to collecting its credit is good for company because the company can use the cash to invest the other place. The total asset turnover indicates the efficiency of the firms use of assets in the sense that it measures the annual sales generated by each RM of assets. We see the result of 1.23 times for year 2004 this means that turnover is 1.23 times bigger than total assets. Another way of saying that is the company Kossan was able to generate sales of RM1.23 for every RM1 of assets it owned. For the year 2006, it was even higher at 1.53 times. For the year 2007, it was drop a lot of times to 1.45 times, but after year 2007 the total asset turnover was rise a lot of times to 1.51 times. Profitability Ratio The return on asset (ROA) is measure the company ability to utilize its assets to create profits. The graph indicates that (ROA) has maintaining around 14.02% to 14.84% during the year 2004 to year 2008, that mean the company Kossan can create around 14% profit for each assets. However, the return on equity (ROE) has increasing steadily from 16.82% in year 2004 to 24.87% in year 2007. The net result that (ROE) increase from 16.82% to 21.46%. It is fall a little from year 2007 to year 2008. ROE is measure the income earned on the shareholders investment in the business. Overall ROE for company Kossan has increase during year 2004 to year 2008. This is good for each shareholders because they can gain more return compare to the previous. Market Ratio The price-to-earnings ratio (P/E) is a measure of the price paid for a share relative to the annual net income or profit earned by the firm per share. The graph show the company Kossan has a highest P/E ratio on year 2006 compare the other year. A higher P/E ratio indicate bad news for company because investors are paying more for each unit of net income, so the stock is more expensive compared to one with lower P/E ratio. However, market-to-book ratio (MB) is measure how much a company worth at present, in comparison with the amount of capital invested by current and past shareholders into it. At the same with P/E ratio, MB ratio has highest on year 2006 compare the other year. A higher MB ratio implies that investors expect management to create more value from a given set of assets. Conclusion From the above information, we can conclude that the stock price of Kossan Rubber Industries is undervalued. While Kossans beta (correlation factor) to the KLCI is 0.179 and based on our forecast the intrinsic value for that stock is about RM 3.27 per share which is 13.54% above its current market prise RM 2.88 per share. So we recommended to the investor to Buy this stock. Besides that we also can see the company performance is better than group Peer Company such as Supermax Company. Earnings is also expected to be more stronger because of additional capacity and a stronger output of higher value added nitrile glove as the management has also made plan to convert some existing latex glove lines to produce nitrile gloves. We like Kossan for its production efficiency, high production capacity utilization rate and its focus on the glove segment growth. Besides that analysis from Standard Poors also suggest Buy recommendation on Kossan with a lower 12-month target price of MYR3 .10. (See Appendix)