Analisis Implementasi Media Komunikasi Berbasis IP Menggunakan Arterisk Freepbx

Voice over Internet Protocol (VoIP) merupakan teknologi yang memanfaatkan Internet Protocol untuk menyediakan komunikasi voice secara elektronis dan real-time. Unsur pembentuk VoIP adalah User agent, Proxy, Protocol dan Coder-Decoder (CODEC). Asterisk merupakan softswicth untuk mengoperasikan proxy, yang berbasis session initiation protocol (SIP). Tujuan dari penelitian ini adalah membangun server VoIP berbasis Asterisk, agar dapat dikembangkan pada penelitian selanjutnya sesuai dengan kebutuhan. Penelitian ini dilakukan pada instalasi yang sudah dibangun jaringan internet sebelumnya. Sehingga VoIP disini difungsikan sebagai pemaksimalan jaringan internet yang sudah ada tersebut untuk menekan biaya pengeluaran kebutuhan komunikasi. Layanan yang disediakan pada penelitian ini berbentuk voice dan video dengan layanan call client to server, call client to client, video call conference, video conference.

Reverse Auction-Based Services Optimization in Cloud Computing Environments

Cloud-based services have been increasingly used to provide on-demand access to a large amount of computing requests, such as data, computing, resources, and so on, in which it is vitally important to correctly select and assign the right resources to a workload or application. This paper presents a novel online reverse auction scheme based on online algorithm for allocating the cloud computing services, which can help the cloud users and providers to build workflow applications in a cloud computing environment. The online reverse auction scheme consists of three parts: online algorithm design, competitive ratio calculation, and performance valuation. The online reverse auction-based algorithm is proposed for the cloud user agent to choose the final winners based on Vickrey–Clarke–Groves (VCG) mechanism and online algorithm (OA). The competitive analysis is applied to calculate the competitive ratio of the proposed algorithm compared with the offline algorithm. This analysis method is significant to measure the performance of proposed algorithm, without the assumption of the distribution of cloud providers’ bids. The results prove that the proposed online reverse auction-based algorithm is the appropriate mechanism because it allows the cloud user agent to make purchase decisions without knowing the future bids. The difference of auction rounds and transaction cost can impressively influence and improve the performance of the proposed reverse auction algorithm.

Ensuring Quality of Web Portals Through Accessibility Analysis

With the increase in number of electronic services being delivered through web portals, a lot of emphasis is being given to ensure the quality of web portals in terms of contents and associated design aspects. This has led to studies investigating various requirements of web users and to guidelines for quality enhancement in order to make web portals accessible to all irrespective of one's age, physical challenges, ethnicity, and level of literacy. In this chapter, the authors address the accessibility issues of web portals based on ongoing research. They analyze the accessibility in three levels (i.e., at the levels of authoring tool, web component, and user-agent). The contents of this chapter can throw light on the design aspects of web portals, web browsers, and media players to make them more suitable for users in general.

On the Security of Practical Mail User Agents against Cache Side-Channel Attacks

Mail user agent (MUA) programs provide an integrated interface for email services. Many MUAs support email encryption functionality to ensure the confidentiality of emails. In practice, they encrypt the content of an email using email encryption standards such as OpenPGP or S/MIME, mostly implemented using GnuPG. Despite their widespread deployment, there has been insufficient research on their software structure and the security dependencies among the software components of MUA programs. In order to understand the security implications of the structures and analyze any possible vulnerabilities of MUA programs, we investigated a number of MUAs that support email encryption. As a result, we found severe vulnerabilities in a number of MUAs that allow cache side-channel attacks in virtualized desktop environments. Our analysis reveals that the root cause originates from the lack of verification and control over the third-party cryptographic libraries that they adopt. In order to demonstrate this, we implemented a cache side-channel attack on RSA in GnuPG and then conducted an evaluation of the vulnerability of 13 MUAs that support email encryption in Ubuntu 14.04, 16.04 and 18.04. Based on our experiment, we found that 10 of these MUA programs (representing approximately 77% of existing MUA programs) allow the installation of a vulnerable version of GnuPG, even when the latest version of GnuPG, which is secure against most cache side-channel attacks, is in use. In order to substantiate the importance of the vulnerability we discovered, we conducted a FLUSH+RELOAD attack on these MUA programs and demonstrated that the attack restored 92% of the bits of the 2048-bit RSA private key when the recipients read a single encrypted email.

Typosquatting for Fun and Profit: Cross-Country Analysis of Pop-Up Scam

Today, many different types of scams can be found on the internet. Online criminals are always finding new creative ways to trick internet users, be it in the form of lottery scams, downloading scam apps for smartphones or fake gambling websites. This paper presents a large-scale study on one particular delivery method of online scam: pop-up scam on typosquatting domains. Typosquatting describes the concept of registering domains which are very similar to existing ones while deliberately containing common typing errors; these domains are then used to trick online users while under the belief of browsing the intended website. Pop-up scam uses JavaScript alert boxes to present a message which attracts the user’s attention very effectively, as they are a blocking user interface element. Our study among typosquatting domains derived from the Majestic Million list utilising an Austrian IP address revealed on 1219 distinct typosquatting URLs a total of 2577 pop-up messages, out of which 1538 were malicious. Approximately a third of those distinct URLs (403) were targeted and displayed pop-up messages to one specific HTTP user agent only. Based on our scans, we present an in-depth analysis as well as a detailed classification of different targeting parameters (user agent and language) which triggered varying kinds of pop-up scams. Furthermore, we expound the differences of current pop-up scam characteristics in comparison with a previous scan performed in late 2018 and examine the use of IDN homograph attacks as well as the application of message localisation using additional scans with IP addresses from the United States and Japan.