5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For...

16
International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME 32 MODELLING OF SECURED VIDEO STREAMING APPLICATION USING RFC 3711 IN P2P NETWORK Ramesh Shahbadkar 1 , Dr. Ramachandra V. Pujeri 2 , Dr. R. Prabhakar 3 1 Research Scholar, Anna University, Chennai, India 2 KGiSL Institute of Technology Coimbatore, India 3 Coimbatore Institute of Technology, Coimbatore, India ABSTRACT The most important aspect of delivering multimedia services or applications over Internet protocol is not only meeting its optimized QoS objectives, rather see that how exactly the intellectual property is preserved. In this paper, encapsulation of IPTV system along with security protocol have been presented in order to ensure that Intellectual property management protocol is integrated to have a secure live streaming and IPTV service is portrayed. A complete architecture is modeled in order to show-case a stable P2P IPTV structure to connect user terminals. A balance is maintained between the joining and leaving peer by means of tuning uplink capability, synchronization of delay, parent and child peers. The system is adoptive as per the streaming bandwidth of media server to be resilience to the dynamic network conditions. An integrated approach of real-time data encoding, authentication using RFC 3711 has been proposed to sustain different attacks for compromising intellectual property. On implementation it has been found that protocol design successfully performs its objectives and provides desired QoS in a secured manner. Keywords: Component; Digitalright Management; Encryption; Secure Multimedia; Multimedia in P2P. I. INTRODUCTION Streaming visual data to different users is becoming ever more popular in recent times, and protecting the transmitted data from every possible security threat has become one of the main concerns both for the end users and data providers. This paper describes a method for protecting streamed data from possible security attacks and suggests a design of secured system architecture for multimedia video streaming to one receiver at a time considering the state of the art for the video INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET) ISSN 0976 – 6367(Print) ISSN 0976 – 6375(Online) Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME: www.iaeme.com/IJCET.asp Journal Impact Factor (2014): 8.5328 (Calculated by GISI) www.jifactor.com IJCET © I A E M E

Transcript of 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For...

Page 1: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

32

MODELLING OF SECURED VIDEO STREAMING APPLICATION USING

RFC 3711 IN P2P NETWORK

Ramesh Shahbadkar1, Dr. Ramachandra V. Pujeri

2, Dr. R. Prabhakar

3

1Research Scholar, Anna University, Chennai, India 2KGiSL Institute of Technology Coimbatore, India

3Coimbatore Institute of Technology, Coimbatore, India

ABSTRACT

The most important aspect of delivering multimedia services or applications over Internet

protocol is not only meeting its optimized QoS objectives, rather see that how exactly the intellectual property is preserved. In this paper, encapsulation of IPTV system along with security protocol have been presented in order to ensure that Intellectual property management protocol is integrated to have a secure live streaming and IPTV service is portrayed. A complete architecture is modeled in order to show-case a stable P2P IPTV structure to connect user terminals. A balance is maintained between the joining and leaving peer by means of tuning uplink capability, synchronization of delay, parent and child peers. The system is adoptive as per the streaming bandwidth of media server to be resilience to the dynamic network conditions. An integrated approach of real-time data encoding, authentication using RFC 3711 has been proposed to sustain different attacks for compromising intellectual property. On implementation it has been found that protocol design successfully performs its objectives and provides desired QoS in a secured manner. Keywords: Component; Digitalright Management; Encryption; Secure Multimedia; Multimedia in P2P. I. INTRODUCTION

Streaming visual data to different users is becoming ever more popular in recent times, and

protecting the transmitted data from every possible security threat has become one of the main concerns both for the end users and data providers. This paper describes a method for protecting streamed data from possible security attacks and suggests a design of secured system architecture for multimedia video streaming to one receiver at a time considering the state of the art for the video

INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING &

TECHNOLOGY (IJCET)

ISSN 0976 – 6367(Print)

ISSN 0976 – 6375(Online)

Volume 5, Issue 8, August (2014), pp. 32-47

© IAEME: www.iaeme.com/IJCET.asp

Journal Impact Factor (2014): 8.5328 (Calculated by GISI)

www.jifactor.com

IJCET

© I A E M E

Page 2: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

33

streaming existing today. The main feature of the suggested design is its ability to provide a secure communication environment for real-time data. For many years, distributed computer systems have been dominated by the client-server paradigm. In recent years, however, a new paradigm appeared for distributed systems: Peer-to-Peer (P2P) computing. In networks based on this new paradigm, all entities are considered equal and provide equivalent services to other entities. At the same time, all entities can use services from all other participants of the network. P2P computing offers a new interesting field for security researchers. Lacking centralised, trusted entities for bootstrapping security mechanisms, these systems demand novel approaches for decentralised security solutions. Lately, a new class of P2P-applications has arisen: P2P-based voice and video streaming systems. Examples for such systems are P2P-Voice-over-IP applications like Skype [1] or P2PSIP [2] as well as P2P-video-streaming applications like PPlive [3] or Zattoo [4]. We subsume these applications as Real-Time Communication Applications (RTC-applications for short). RTC-applications have some important differences to other P2P-applications, e.g., file-sharing. These differences result in specific security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel within milliseconds. In P2P-networks infiltrated by attackers (which can drop or misroute messages), it is challenging to meet these real-time requirements. In contrary, for file sharing it is perfectly acceptable for the user if it takes in the order of tens of seconds to start a download. Thus, the real-time nature of RTC-applications puts constraints on the maximum time a P2P-lookup and P2P data transmission may take. This enables attacks on the availability of P2P real-time communication applications by simply delaying messages. Hence, there is a need for security mechanisms which can not only guarantee P2P routing and lookups in the presence of attacker nodes but also within reasonable time. Another key difference with respect to security is the kind of data stored in the P2P network. In P2P-VoIP applications, the binding of a user's identity and the current location of the user (e.g., his IP-address) is stored as a data item in the P2P network. Attackers can redirect telephony calls to themselves simply by forging this binding, e.g., by updating the data item for a particular target identity. Thus, impersonation attacks are a very serious threat for P2P VoIP applications. It is therefore necessary to develop decentralized solutions for cryptographic content protection for these applications. In contrary, for file sharing applications user impersonation attacks are not a threat. Other application-specific challenges are for example the risk of content pollution in P2P video streaming systems [5] or the regulatory requirement for lawful interception in large-scale communication systems. Thus, P2P-based voice and video streaming applications impose some novel security research challenges. While there exist quite a few works on securing P2P-networks in general, only very few papers consider the unique security challenges for running real-time communication applications over a P2P-substrate [6]. The goals of this paper are the following: highlighting the unique security requirements for P2P VoIP and P2P Video streaming applications and show why existing, generic solutions for P2P security do not address these problems or are not applicable, presenting the resulting research challenges, taking into account existing work in this area, sketching approaches towards potential solutions, focusing on the specific characteristics of P2P-RTC-applications which can be used to develop decentralised security mechanisms.

II. RELATED WORK

A considerable amount of research has been done regarding P2P security in general.

Specifically for structured, DHT-based overlays, several mechanisms for secure node-ID assignment and for securing DHT routing in the presence of attackers have been proposed in the literature (e.g., [7] [8]). While all this work is applicable to P2P-networks for real-time communications, it does not consider the specific challenges for RTC-applications in particular.

In [9], the specific security challenges for P2PSIP as a DHT-application are analyzed. Potential solutions sketched on a high level are non-scalable security add-ons (i.e., centralized

Page 3: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

34

solutions), distributed trust and reputation systems, and approaches which use self-certifying data items ([8]. In addition, secure routing techniques [8] are suggested to increase lookup availability in the presence of free-riders and active attackers in the P2P network. Furthermore, a (MIX-like) pseudonymity service is envisioned to protect the privacy of callers. Similarly, Chopra et al. provide a survey on security aspects for P2P-based VoIP applications and briefly discuss potential solutions on a general level [10]. Besides the approaches already mentioned in [11], they regard a PGP-like web-of-trust among users and SIP end-to-end encryption as promising approaches but do not present detailed algorithms. Also, the IETF P2PSIP working group [12] is considering security and has some initial, but immature proposals for end-to-end encryption and secure node-ID assignment.

As a concrete solution specifically targeted at P2P-based VoIP systems, self-certifying SIP-URIs have been proposed to protect the integrity of data items (i.e., SIP-URI/location-bindings) stored in P2PSIP networks [11]. Self-certifying identities are identities where the ownership of an identity can be verified without relying on a trusted third party (such as a certification authority). Technically, self-certifying identities are created (at least in part) as the hash of a public key. The owner of the identity can use the corresponding private key for signing messages or in general for proving the ownership of the identity. For P2PSIP, self-certifying SIP-URIs have the advantage that users can cryptographically. protect their location bindings which are stored in the DHT while relying on a completely decentralised solution for verification of such signatures [11]. A related approach for secure identity assertions in P2PSIP networks called P2PNS has been presented by Baumgart [13]. P2PNS proposes a two-stage name resolution which uses a static cryptographic node-ID per user. The mappings of SIP-URI to node-ID and from node-ID to current location are stored in the DHT (since the first mapping is static, it can be cached). Similar to self-certifying SIP-URIs [11], this approach associates a public/private key pair statically with a SIP-URI. The first study of an actual implementation of secure routing algorithms in a P2PSIP prototype has been presented in [14]. The results of this study show that even a small amount of attackers can significantly delay call setup times for users in a P2PSIP network. In addition, the conducted experiments demonstrate the principle effectiveness of the proposed security algorithms. Overall, this work points out the need for further research regarding secure DHT routing algorithms suitable to fulfill real-time communication requirements.

In [15], security issues for such systems are highlighted and briey discussed. Dhungel et al. investigate content pollution attacks in a concrete P2P live streaming system [16]. Their results show that such attacks can significantly degrade the availability in P2P live streaming systems. As potential countermeasures, the authors investigate blacklisting of polluters, encryption of the stream, hash verification, and signing of chunks by the source. In conclusion, chunk signing seems to be the most effective countermeasure against content pollution attacks. In summary, only a few proposals exist for securing P2P-based VoIP systems. Other sets of prior work explored for the purpose of the survey are as follows:

M. A. Mottalib [17] have performed a comparative study among three pollution defense mechanisms in peer-to-peer live streaming systems. The paper also proposes a combined mechanism which is showing a better result to restrict the pollution.

Andrea Detti et al.[18] have presented present a P2P application for the live streaming of video contents encoded at multiple bit-rates. The application enables a limited set of neighboring cellular devices to increase the quality of video playback, by cooperatively using their cellular (e.g. 3G) and proximity (e.g. Wi-Fi Direct) wireless connections. The application exploits key functionalities of ICN: routing by name, in network caching and multicast delivery. They developed a prototype of the application and assessed its performance in a test-bed based on Linux devices with 3G connections, the CCNx tool, the VLC player and the MPEG DASH streaming format.

José-Vicente Aguirre et al. [19] have proposed an original method to geoposition an audio/video stream with multiple emitters that are at the same time receivers of the mixed signal.

Page 4: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

35

The obtained method is suitable when a list of positions within a known area is encoded with precision tailored to the visualization capabilities of the target device.

Aniket Mitra et al.[20] have tried to investigate and analyze the problems associated with application of Multicasting in video broadcast, Peer to Peer system, Support for Group & Network Management etc. Finally, they propose solutions and requirements for successful deployment of Multicast Services.

Imsook Ha et al. [21] have developed develop simple mathematical representations of the cost characteristics of two internet video distribution systems: Content Delivery Networks (CDNs) and Peer-to-Peer (P2P) networks and identify conditions under which each or a blend of the two proves most cost-effective. Their analysis shows that in many cases a hybrid system is likely to have lower costs than either a pure CDN or a pure P2P network. They identify the personal computers that form the backbones of P2P networks as a largely untapped network resource and suggest that potentially very large economic gains might be realized if policy makers can develop policies that effectively address some of the security and transaction cost problems that discourage PC owners from contributing capacity to P2P networks.

Lorenzo Favalli et al. [22] have deployed a new algorithm for tree-based topology management of the overlay network. In fact, tree-based overlay networks better perform in terms of end-to-end delay and ordered delivery of video flow packets with respect to mesh-based ones. They also show with a case study that the proposed system works better than similar systems using only either multicast or multiple trees.

Istemi EkinAkkus et al.[23] have proposed a P2P MP video conferencing system based on layered video. The assumption is that each peer in the system is able to send and receive one full quality video stream at a time. That is, our P2P MP video conferencing approach would be able to work with peer and network resources needed for a point- to-point video conference. A major feature of our system is the use of layered video (i.e., base + enhancement layers). By using layered video encoding, a peer can initiate a video stream and forward a video stream both in half quality. The motivation behind the use of layered video is to overcome the problem of denying video requests by peers and assure that each participant peer can view any other participant at any configuration. Although some users may have to view base layer quality video, they show that this is only a small percentage of the participant count and tends to decrease as the participant count increases; thus, making the system scalable.

Miroslav Ponec et al.[24] have considered multi-rate peer-to-peer multi-party video conferencing applications, where different receivers in the same group can receive videos at different rates using, for example, scalable layered coding. The quality of video received by each receiver can be modeled as a concave utility function of the video bitrate. They study and address the unique challenges introduced by maximizing utility in the multi-rate setting as compared to the single-rate case. They first determine an optimal set of tree structures for routing multi-rate content using scalable layered coding. They then develop Primal and Primal-dual based distributed algorithms to maximize aggregate utility of all receivers in all groups by multi-tree routing and show their convergence.

P. Contreras et al.[25] have used this technology mainly in the image data case. However, distributed digital library scenarios or multimedia content could be applied with minimal effort. It is necessary to consider that JXTA is relatively new. Thus, in some cases and given the actual implemented libraries, JXTA is not yet mature enough to resolve the entire range of problems that exist. E.g. the JXTA Java binding search mechanisms are still in development and therefore they could be improved.

Shiguo Lian et al.[26] have proposed a thorough review to multimedia information system security. It introduces a general architecture of multimedia information system and investigates some security issues in multimedia information systems. It reviews the latest security solutions such as

Page 5: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

36

Digital Rights Management (DRM), confidentiality protection, ownership protection, traitor tracing, secure multimedia distribution based on watermarking, forgery detection, copy detection, privacy-preserving data mining, secure user interface, intrusion detection and prevention.

Nitin Kumari [27] has demonstrated VOIP works by converting analog voice signal into digitized data packets. The packets are sent out across the internet the same way as any other IP packets, using the internet’s TCP/IP protocol. The Internet is a notoriously insecure network. Anything sent across internet can be easily snooped upon. This is of particular concern when highly confidential information, such as corporate data and credit card numbers, is transmitted across the Internet.

Prithula Dhungel et al. [28] have show that the pollution attack can be devastating. Second, they evaluate the applicability of four possible defenses to the pollution attack: blacklisting, traffic encryption, hash verification, and chunk signing. Among these, they conclude that the chunk signing solutions are most suitable.

Further, existing work in this area is lacking concrete experiments and measurements which show the applicability and scalability to real P2P environments. More importantly, existing work does not address some of the crucial issues described in the previous section: To the best of our knowledge, there are no concrete research proposals for Lawful Interception, emergency calls, SPIT prevention, and privacy concerns specifically targeted at P2P-based VoIP systems. Even less work exists in the area of securing P2P live video streaming systems. This is worrying given the fact that these systems are highly popular and user communities for P2P video streaming are increasing at fast pace. There is only very few research on malicious behavior in P2P live streaming systems. Presumably, this is due to the fact that these systems are fairly new and have only been started to be analyzed in the literature.

III. P2P IPTV AND LIVE VIDEO STREAMING

Streaming is the process of playing the audio and video file still it downloading. Video

streaming [29] refers to the real-time transmission of stored video or live video. There are two types for transmission of stored video across the Internet available. One is download mode and another one is streaming mode. In the download mode, a user downloads the entire video file and then plays back the video file. In the steaming mode, the video file need not be downloaded in full, but is being played out while parts of the video file being received. In real time nature, video streaming has bandwidth, delay and loss of packet requirements. In video streaming, raw video and audio data are compressed by video compression and audio compression algorithms and saved in storage devices. If the client gives the request, a streaming server retrieves compressed audio and video data from storage devices to that particular client. When start to send audio and video streams across the network, the transport protocol packetizes the compressed bit streams and send audio video packets to the Internet. For packets that are successfully delivered to the receiver, they first pass through the transport layers and then are processed by the application layer being decoded at the audio- video decoder. To improve the streaming quality while transmission of audio and video data, continuous media distribution services and media synchronization are developed on the Internet.

In contrast to P2P VoIP applications, P2P IPTV and live video streaming applications are characterised by the fact that the actual media stream is transmitted over the P2P-overlay. This is the main reason these systems are usually based on unstructured P2P networks: The requirements of video streaming for low delay and high, constant bandwidth render the overhead of structured P2P networks infeasible. Instead, participating nodes form a so-called swarm in an unstructured network, and exchange only a few, single-hop signalling messages. The video stream is split into so-called chunks which are exchanged among peers. Depending on the system, peers can either push chunks to their neighboring peers (i.e., the ones to which they have a direct link in the P2P topology) or pull

Page 6: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

37

chunks from their neighboring peers. Researchers are currently investigating the effect of different such chunk scheduling strategies on overlay topology and overall system performance [8].

Figure 1: P2P Live Video Streaming

Figure 1 shows a schematic view of a generic P2P-based video streaming system. A source

node splits the video stream into chunks and distributes these chunks to initial peers in the overlay. Then chunks are exchanged among peers according to a chunk scheduling strategy (push/pull). Depending on the concrete strategy, peers may query their neighbors for certain chunks (in the case of a pulling system) or offer their neighbors currently buffered chunks (in the case of a push system).Examples for popular systems are PPLive [3], SOPCast [31], TVants [32], Zattoo [4], or TVUPlayer [33]. In addition, high-definition (HD) P2P streaming (i.e., up to 10 Mbit/s) is expected to be a reality in the near future. Already, several commercial P2P video streaming applications have launched tests for HD P2P-TV, e.g., Babelgum [34] or Zattoo [4]. Due to the dynamic nature of P2P systems (e.g., nodes can join and leave the network frequently) and the lack of central entities on routing paths, many existing security solutions are not (or at least not directly) applicable to P2P networks. In principle, nodes in a P2P network must be regarded as not trustworthy and attacker nodes may drop, modify or misroute messages. The security of P2P systems has been studied by researchers, mostly considering file-sharing as the prototypical P2P application. Real-time communication applications, however, impose additional challenges which have not received a lot of attention in the literature. These specific challenges are due to the real-time requirements, the type of data stored in the network, privacy considerations, and the risk of unsolicited communication.

IV. RFC 3711

RFC 3711 [35] provides a framework for encryption and message authentication of RTP and

RTCP streams. SRTP defines a set of default cryptographic transforms, and it allows new transforms to be introduced in the future. With appropriate key management, SRTP is secure for unicast and multicast RTP applications.

Page 7: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

38

Figure 2: SRTP Packet format

SRTP can achieve high throughput and low packet expansion. SRTP proves to be a suitable

protection for heterogeneous environments (mix of wired and wireless networks). To get such features, default transforms are described, based on an additive stream cipher for encryption, a keyed-hash based function for message authentication, and an "implicit" index for sequencing/synchronization based on the RTP sequence number for SRTP and an index number for Secure RTCP (SRTCP). The Secure Real-time Protocol [36] is a profile of the Real-time Transport Protocol (RTP) offering not only confidentiality, but also message authentication, and replay protection for the RTP traffic as well as RTCP (Real-time Transport Control Protocol). SRTP offers a structure for encryption and message authentication of RTP and RTCP streams. SRTP can achieve high throughput and low packet expansion. SRTP is independent of a specific RTP stack implementation and of a specific key management standard, but Multimedia Internet Keying (MIKEY) has been designed to work with SRTP. In comparison to the security options for RTP, there are some advantages to using SRTP. The advantages over the RTP standard security and also over the H.264 security for media stream data are listed below SRTP provides increased security, achieved by

• Confidentiality for RTP as well as for RTCP by encryption of the respective payloads.

• Integrity for the entire RTP and RTCP packets, together with replay protection.

• The possibility to refresh the session keys periodically, which limits the amount of cipher text

produced by a fixed key, variable for an adversary to cryptanalysis.

• An extensible framework that permits upgrading with new cryptographic algorithms.

• A secure session key derivation with a pseudo-random function at both ends.

• The usage of salting keys to protect against pre-computation attacks.

• Security for unicast and multicast RTP applications.

Page 8: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

39

V. PROPOSED SYSTEM

In the proposed system of performing video streaming in p2P network, the compressed

multimedia data is retrieved and packetized at the SRTP layer for the Data plane at the sending side. The proposed system is experimented considering the P2P networking system over Mobile Adhoc Network (MANET). The SRTP packetized streams provide timing and synchronization information and as well as sequence number. The SRTP packetized streams are then passed to the UDP layer and the IP layer. The resulting IP packets are transported across the P2P network channel. At the receiver side, the media streams are processed in the reversed manner before their presentation.

Figure 3: Video Streaming across the P2P Network

For the control plane, SRTCP packets and RTSP packets are multiplexed at the UDP layer

and are moved to the IP layer for transmission across the P2P network. Figure 3 shows the Video Streaming across the P2P network. In our system we will capture the video from camera or stored audio/ video files and have to encode the video by using H.264 then that video will be separate packet by packet then it will be sent as streams through RTP protocol and that will be received in another side of RTP media player. The big breakthrough that enables the streaming revolution is the adoption of P2P protocol called the User Datagram Protocol (UDP) and new encoding techniques that compressed audio files into extremely small packets of data. UDP made streaming media possible by transmitting data more powerfully than previous protocols (HTTP and TCP) from the host server over the Internet to the client player or end listener. More recent protocols such as the Real-Time Streaming Protocol (RTSP) are making the transmission of data even more efficient.

Page 9: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

40

Figure 4: Video streaming from server

Figure 4 shows the RTSP client requests the audio and video files from the RTSP server.

First we have to implement the RTSP client operation such as RTSP Option, RTSP Describe, RTSP Setup, RTSP Play, RTSP Teardown and RTSP Ok for the remote control usage for end-user. Table 1 shows the methods in RTP.

Table I: RTSP methods

Methods Description

Options Get available methods

Announce Get description of media object

Play Start playback, reposition

Redirect Redirect client to new server

Pause Halt delivery, but keep state

Set-Parameter Device or encoding control

Teardown Remove state

In the RTSP and RTP implementation we are using the Wireshark tools [37] for simulation

purpose in the client – server connection in which how the packets are received from server to clients. Fig. 5 describe the RTSP Client and Server operation.

Page 10: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

41

Figure 5: RTSP client/Server connection

The audio and video is compressed and sent to the transport layer RTP/UDP then it will go to the IP layer and then transmitted to the Internet. While transmit the audio-video packet to the transport layer the SRTP protocol is used for the packet transaction. A. Packet Transmission

There is a number of Internet drafts describe SRTP packetization schemes for MPEG-4 video data. Media aware packetization is a principle in SRTP, so it is likely that several SRTP scheme will be needed to suit the different kind of media, audio, video and so forth. The SRTP timestamp corresponds to the presentation time if the earliest access unit is within the packet. SRTP packets have sequence numbers in transmission order. The payloads logically or physically have synchronization layer sequence numbers, which are decoding order, for each elementary stream. The MPEG-4 time scale is the time-stamp resolution in the case of MPEG-4 systems and must be used as the SRTP time scale. Streams should be synchronized using RTP techniques which is RTCP sender report. When the MPEG-4 object clock reference is used, it is logically mapped to the network time protocol time axis used in RTCP.

B. AES Cipher

The Rijndael proposed for AES [38] defined a cipher in which the block length and key length can be independently specified to be 128,192 or 256 bits. The AES requirement uses the same three key size alternatives but limits the block length to 128 bits. Stream cipher techniques have been used in video streaming over the multimedia network. A stream cipher is a symmetric encryption algorithm in which cipher text output is produced bit-by-bit or byte-by-byte from a stream of plaintext input. A block cipher algorithm is used for providing the data security. AES Cipher Feedback (CFB) [30] algorithm is used for general-purpose stream-oriented transmission and

Page 11: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

42

provides the authentication. A stream cipher eliminates the need to pad a message to be an integral number of blocks. This is used to operate in real time. In this method a character stream is being transmitted, each character can be encrypted and transmitted immediately using a character-oriented stream cipher. In the encryption side, the input is a b-bit shift register that is initially set to some initialization vector (IV). The leftmost s bits of the output of the encryption function are XORed with the first segment of plaintext P1 to produce the first unit of cipher text C1, which is then transmitted.

Ci = Ek (Ci −1) ⊕ Pi

Pi = Ek (Ci −1) ⊕Ci

Co=IV

In addition, the contents of the shift register are shifted left by s bits and C1 is placed in the rightmost s bits of the shift register. This process continuous until all the plaintext units has been encrypted. VI. APPLICATION LAYER QOS

The purpose of application layer QoS control is to avoid congestion and maximize video

quality in the presence of packet loss. The application layer QoS control techniques include congestion control and error control. These technique are employed by the end systems and do not require any QoS support from the network. For streaming video, congestion control obtains the form of rate control. There are three kind of rate control: source-based, receiver-based and hybrid rate control. The source-based rate control is suitable for Unicast video and other two rate control for multicast video. In unicast video streaming, the model based approach is based on a throughput of a UDP connection. Specifically, the throughput of a UDP connection can be characterized by the following equation:

µ = (1.22 MTU) / (RTT √ p) (4)

where µ is a throughput of a UDP connection. MTU is the packet size used by the

connection; RTT is the round-trip time for the connection and p is the packet-loss ratio experienced by the connection. This equation is used to determine the sending rate of the video stream. Thus, the video connection could avoid congestion in a way similar to that of UDP and it can compete fairly with UDP flows. VII. RESULTS ANALYSIS

P2P over MANETs is the most popular used pattern of file sharing within MANETs And within MANETs, P2P file sharing approach is also widely adopted. A lot of proposal discusses the P2P file sharing on MANETs and we classify them into four kinds according to their varying searching principle: DHT-based method, flooding-based method, advertisement-based method and social-based methods. [39]

Simulation is performed for 200 mobile nodes using random distribution in the simulation area. The model is designed considering the arbitrary allocation of 45 keys. The proposed model is evaluated for its efficiency considering comparative analysis with the prior research work conducted in security of routing protocols in mobile ad-hoc network. The frequently used approaches are Kumar et al. [40], Moradi [41], Mazhar [42], Mitrokotsa [43].

Page 12: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

43

Kumar et al. [40] has presented a secure backup on demand routing protocol for mobile ad-hoc network to improve the routes stability and to improve the trust on participating nodes using NS2.

Zahra Moradi and Mohammad Teshnehlab [41] have designed a mechanism of intrusion detection for this Network to provide a security framework to detect an especial security attack. In a type of attack, considered in this research, an intruder node injects a large amount of junk packets into the network and causes a denial in the services of the attacked node to the network. The model is developed using 2 methods of detection – Adaptive Neuro-Fuzzy Inferences System and Artificial neural networks – in a simulated environment. It is showed that almost all of models can detect Dos attack effectively. Nauman Mazhar [42] has presented an overview and comparison of the MANET security at routing layer by using the cryptographic and Artificial Immune System (AIS) approaches. The BeeAd-hoc protocol, which is a Bio-inspired MANET routing protocol based on the foraging principles of honey bee colony, is taken as case study. We carry out an analysis of the three security frameworks that we have proposed earlier for securing BeeAd-hoc protocol; one based on asymmetric key encryption, i.e. BeeSec, and the other two using the AIS approach, i.e. BeeAIS based on self non-self discrimination from adaptive immune system and BeeAIS-DC based on Dendritic Cell (DC) behavior from innate immune system. We extensively evaluate the performance of the three protocols through network simulations in ns-2 and compare with BeeAd-hoc, the base protocol, as well as with state-of-the-art MANET routing protocols DSR and AODV. Our results clearly indicate that AIS based systems provide security at much lower cost to energy as compared with the cryptographic systems. Moreover, the use of dendritic cells and danger signals instead of the classical self non-self discrimination allows detecting the non-self antigens with greater accuracy. Based on the results of this investigation, we also propose a composite AIS model for BeeAd-hoc security by combining the concepts from both the adaptive and the innate immune systems by modelling the attributes and behavior of the B-cells and DCs. Aikaterini Mitrokotsa et al. [43] present the design and evaluation of intrusion detection models for MANETs using supervised classification algorithms. The performance of the classification algorithms is evaluated under different traffic conditions and mobility patterns for the Black Hole, Forging, Packet Dropping, and Flooding attacks. The results indicate that Support Vector Machines exhibit high accuracy for almost all simulated attacks and that Packet Dropping is the hardest attack to detect.

Figure 6: Packet Delivery Ratio

Page 13: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

44

The Fig.6 shows the performance analysis when conducted for packet delivery ratio. The bottom line is mobile nodes are arbitrarily attacked independently causing the aggravation of malicious nodes to initiate routing attack. However, the proposed system has higher detection rate with good flow of data packets as compared to prior research work shown.

Figure 7: Intrusion in Privacy in routing attack

Fig.7 shows the performance analysis for intrusion in privacy policy maintained at each node.

As the routing attack has iterative and sequential propagation model, so quantity of the infected routes are maximized in terms of cost. It can also be seen that by introducing the proposed protocol, the performance of attacker for initiating routing attack is reduced by maximizing the improbability in route susceptibility.

Figure 8: Simulation Speed comparison

Page 14: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

45

The efficiency of the proposed algorithm is tested by observing the processing speed required for identifying the routing attack in mobile ad-hoc network along with increase of number of malicious nodes at the run time of simulation as shown in Fig.8. Already consideration of dynamic topology of mobile ad-hoc network posses issues in the design and implementation of the algorithm, but the challenge portion of the performance analysis is made more sophisticated by introducing more number of user-defined multiple attack mobile nodes (Anodes) at the run time of the simulation. This experiment is done to check the efficiency of the proposed algorithm to identify many attack variables which is not even programmed. The simulation result in Fig.7. Clearly shows that proposed system takes comparatively less time. The graphical analysis also shows highest peak for neural network approach due to inclusion of learning phase of the algorithm, which consumes enough time for performing simulation. This fact should be kept in mind as propagation of the routing attack is very faster which starts infecting even in a matter of seconds depending upon the existing security loophole factor existing in the wireless network. It can be clearly seen that the proposed algorithm has better contrastive result in comparison to most frequently used algorithms used in current research for analyzing the security issues in routing protocol in mobile ad-hoc network. The implementation of the proposed system facilitates the better visualization for route susceptibility; however, an efficient route susceptibility parameter can be designed with slight alteration. VIII. CONCLUSION

In our proposed system, it will provide secure delivery of video data transmission. The time

difference between without security of video data transmission and with security of video data transmission will be few seconds. Due to encryption techniques in our system we can find the difference between secure and non- secure video streaming transmission. The secured video streaming file will take more time (seconds) than non-secure video streaming, but it will provide safer video data transmission in un-trusted client –server networks. RTP server applications transmit captured or stored media streams across the network. The main challenge in designing a video streaming application across the multimedia networks is how to deliver video streams to users with minimal replay jitters with video data security and efficient video data transmission. The media streams might be encoded in multiple media formats and sent out on several RTP sessions for conferencing with heterogeneous receivers. This paper proposed a framework for video streaming services using SRTP through the client-server network. REFERENCES

[1] http://www.skype.com/en/. [2] http://www.p2psip.org/. [3] http://join.pplive.com/. [4] http://zattoo.com/restricted [5] Sirui Yang, Hai Jin,, Bo Li,, Xiaofei Liao, Hong Yao, Xuping Tu, The Content Pollution in

Peer-to-Peer Live Streaming Systems: Analysis and Implications, International Conference on Parallel Processing, IEEE 2008.

[6] Gabriela Gheorghe, Renato Lo Cigno, Alberto Montresor, Security and privacy issues in P2P streaming systems: A survey, Springer, 2010.

[7] M. Castro. P. Druschel, A. Ganesh, A. Rowstron, D. S. Wallach: Secure routing for structured peer-to-peer overlay networks, Proc. of the 5th Symposium on Operating Systems Design and Implementation, Boston, MA, December 2002, ACM Press.

Page 15: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

46

[8] G. Danezis, C. Lesniewski-Laas, M. F. Kaashoek, R. Anderson: Sybil resistant DHT routing, 10th European Symposium on Research in Computer Security, Milan, Italy, September 12-14, 2005, LNCS, Vol. 3679, Springer.

[9] Rasib Khan and Ragib Hasan, "A Distributed Security Architecture for P2PSIP", Poster at IEEE Symposium on Security & Privacy, May, 2013.

[10] http://tools.ietf.org/html/rfc5765. [11] J. Seedorf: Using Cryptographically Generated SIP-URIs to Protect the Integrity of Content

in P2P-SIP, 3rd Annual VoIP Security Wksp., Berlin, Germany, June 2006. [12] http://tools.ietf.org/wg/p2psip/. [13] I. Baumgart: P2PNS: A Secure Distributed Name Service for P2PSIP, Proceedings of the 5th

IEEE International Workshop on Mobile Peer-to-Peer Computing (MP2P'08) in conjunction with IEEE PerCom'08, Hong Kong, China, p. 480-485, March 2008.

[14] J. Seedorf, F. Ruwolt, M. Stiemerling, S. Niccolini: Evaluating P2PSIP under Attack: An Emulative Study, IEEE Globecom 2008, November 2008.

[15] X. Hei, Y. Liu, K. Ross: IPTV over P2P streaming networks: the mesh-pull approach, IEEE JCommunications Magazine, Vol. 46, No. 2, pp. 86-92, February 2008.

[16] P. Dhungel, X. Hei, K. W. Ross, N. Saxena: The pollution attack in P2P live video streaming: measurement results and defenses, Proceedings of the 2007 Workshop on Peer-to-peer Streaming and IPTV (2007), pp. 323-328.

[17] M. A. Mottalib, Md Ali Al Mamun, Md. Ehsannuzaman, Reazul Hoque, Jonayed Kaysar, “A Combined Approach of Reputation Based Defense Mechanism in P2P Live Video Streaming”.

[18] Andrea Detti, Bruno Ricci, Nicola Blefari-Melazzi, “Peer-To-Peer Live Adaptive Video Streaming for Information Centric Cellular Networks”.

[19] José-Vicente Aguirre, Rafael Álvarez, Leandro Tortosa, and José- Francisco Vicent, “P2P Audio/Video Protocol with Global Positioning Data in Real Time for Mobile Devices”, INTERNATIONAL JOURNAL OF APPLIED MATHEMATICS AND INFORMATICS, Vol. 2, 2008.

[20] Aniket Mitra, Ankush Puri, Vishal Verma, “A Survey on Video Broadcasting & P2P Networks Using Multicasting”, International Journal of Applied Engineering Research, ISSN 0973-4562 Vol. 7 No.11, 2012.

[21] Imsook Ha,Steven S. Wildman,Johannes M. Bauer, “P2P, CDNs, and Hybrid Networks: The Economics of Internet Video Distribution”, International Telecommunications Policy Review, Vol.17 No.4 pp.1-22, 2010.

[22] Lorenzo Favalli, Marco Folli, “A P2P Platform for Real-Time Multicast Video Streaming Leveraging on Scalable Multiple Descriptions to Cope with Bandwidth Fluctuations”, International Journal of Computer Networks & Communications (IJCNC) Vol.3, No.6, 2011.

[23] Istemi EkinAkkusa, O¨ znur O¨zkasapb, , M.RehaCivanlar, “Peer-to-peer multipoint video conferencing with layered video”, Journal of Network and Computer Applications, pp. 137–150, 2011.

[24] Miroslav Ponec, Sudipta Sengupta, Minghua Chen‡, Jin Li and Philip A. Chou, “Optimizing Multi-rate Peer-to-Peer Video Conferencing Applications”, IEEE, 2010.

[25] P. Contreras, S Johnstone, F. Murtagh, K. Englmeier, “Distributed Multimedia Content with P2P JXTA Technology”, Queen's University, Nov 2007.

[26] Shiguo Lian, Dimitris Kanellopoulos, Giancarlo Ruffo,” Recent Advances in Multimedia Information System Security”, Informatica, 2009.

[27] Nitin Kumari, “Multipoint IP Voice Calling Using Android Smart Devices with Runtime Security”, International Journal of Computer Science and Management Research, Vol 2, Issue 3, 2013.

Page 16: 5 MODELLING OF SECURED VIDEO STREAMING APPLICATION … OF... · security requirements. For instance, users expect to reach a telephone callee within seconds, or to switch a TV-channel

International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print),

ISSN 0976 - 6375(Online), Volume 5, Issue 8, August (2014), pp. 32-47 © IAEME

47

[28] Prithula Dhungel, Xiaojun Hei, Keith W. Ross, and Nitesh Saxena, “The Pollution Attack in P2P Live Video Streaming: Measurement Results and Defenses”, Cite seer, 2007.

[29] John G. Apostolopoulos, Wai- tian Tan, Susie J. Wee, Video Streaming: Concepts, Algorithms, and Systems, HP Laboratories Palo Alto, 2002.

[30] L. Abeni, C. Kiraly, R. Lo Cigno: On the Optimal Scheduling of Streaming Applications in Unstructured Meshes, i_p Networking 2009, May 2009.

[31] http://www.sopcast.com/. [32] http://tvants.allp2ptv.org/s. [33] http://tvu-player.en.uptodown.com/. [34] http://www.crunchbase.com/company/babelgum. [35] http://www.ietf.org/rfc/rfc3711.txt. [36] http://en.wikipedia.org/wiki/Secure_Real-time_Transport_Protocol. [37] http://www.wireshark.org/. [38] http://en.wikipedia.org/wiki/Advanced_Encryption_Standard. [39] Li Liu, Yanfang Jing, Yue Zhang, Bingbing Xia, A Survey on P2P File Sharing Algorithms

over MANETs, Consumer Electronics Times, Vol. 2 Iss. 2, PP. 109-115, 2013. [40] D.Suresh kumar, K.Manikandan, M.A.Saleem Durai, Secure On-Demand Routing Protocol

for MANET using Genetic Algorithm, International Journal of Computer Applications (0975 – 8887) Volume 19– No.8, April 2011.

[41] Zahra Moradi, Mohammad Teshnehlab, Intrusion Detection Model in MANETs using ANNs and ANFIS, 2011 International Conference on Telecommunication Technology and Applications Proc .of CSIT vol.5 (2011) © (2011) IACSIT Press, Singapore.

[42] Nauman Mazhar, Energy Efficient Security in MANET: A comparison of Cryptographic and Artificial Immune System, Pak. J. Engg. & Appl. Sci. Vol. 7, Jul., 2010 (p. 71-94).

[43] Aikaterini Mitrokotsa, Manolis Tsagkaris and Christos Douligeris, Intrusion Detection in Mobile Ad Hoc Networks Using Classification Algorithms, Intrusion Detection in Mobile Ad Hoc Networks Using Classification Algorithms. CoRR, 2008.

[44] Kusum Nara and Aman Dureja, “A Dynamic Approach for Improving Performance of Intrusion Detection System Over MANET”, International Journal of Computer Engineering & Technology (IJCET), Volume 4, Issue 4, 2013, pp. 61 - 81, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.

[45] Parvinder and Dr. V.K. Suman, “A Review on Routing Protocol in MANET”, International Journal of Advanced Research in Engineering & Technology (IJARET), Volume 4, Issue 5, 2013, pp. 243 - 250, ISSN Print: 0976-6480, ISSN Online: 0976-6499.

[46] Yogita A. Dalvi, “A Method for Balancing Heterogeneous Request Load in DHT-Based P2P Systems”, International Journal of Computer Engineering & Technology (IJCET), Volume 4, Issue 2, 2013, pp. 309 - 314, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.

[47] Srikanth T.N. and Prabhudeva S, “Explicit Study on Security Issues in Multimedia Streaming in Peer to Peer Network”, International journal of Computer Engineering & Technology (IJCET), Volume 3, Issue 2, 2012, pp. 588 - 602, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.

[48] Mohanjeet Singh, D.S Dhaliwal and Neeraj Garg, “Searching and Streaming of Multimedia Content in P2P Overlay Network”, International journal of Computer Engineering & Technology (IJCET), Volume 3, Issue 2, 2012, pp. 433 - 438, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.