My research orientation is security of New Generation Network （the following is called NGN for short） and Internet Information Exchange.
As an open network structure， NGN allows different network and different devices to join NGN network， because of which， the network security is easily threatened. Therefore， the security problem must be settled for NGN carrier—Internet carrier， which mainly include electromagnetism security， equipment security， link security， end－point security， security of network business， security of network resources， network size and equipment capacity， confidentiality and integrality of information transferring and the authentication of user ID and charge with the emerging of the soft end－point.
I. Network Attack on Lower Layer Protocol （e.g. TCP， UDP or SCTP）， Influencing on a lot of network devices
II. Attack on Higher Layer Specific Target Protocol （e.g. SIP， H.323， MEGACO and COPSNGN protocol）
In addition， some common attacks such as refusing to serve， listening in， pretending and amending information still exist.
Thoughts of relieving the threats：
I. Network Deployment
Board Access Controller can be installed at the joint point of Internet to provide with firewall and other protection functions consisting of verifying the validity of device joined and prevent illegal users from joining； shielding the topological structure of internal network； NAT and service penetration； distribution and assurance of network resources； keeping away from attack of service refusal from the lower and higher layers.
II. Safe Transmission
In order to avoid an unentitled entity making use of control information protocol （H.248， MGCP， SIP and H.323） to set up illegal call or interfere in legal call， MD5 arithmetic is adopted to encrypt and transmit the key parameters and soft switch is used to authenticate the terminal connection via key parameters. H.248 and MGCP offer security protection for protocol transmission via IPSec protocol， but additional burden is imposed on communication device. By means of encrypting RTP package， the users is able to prevent the media information between them from being bugged. MD5 can be used to encrypt the users‘ authentication information.
Besides， to solve the problems of security administration of interactive system is far more influential to the network security than to solve that of techniques.
The advanced security techniques and equipment will break down without effective administration； in the meantime， the perfected administration would diminish the unfavorable factors brought in by the undeveloped techniques. Hence as for network security， the administration is even more significant than techniques. The administration here mentioned ought to involve the administrative system， the emergency system， regulations for running and maintaining， employees‘ training， key distribution， security system and so on.