Steganography is an ancient art that encompasses various techniques of information hiding, the aim of which is to embed secret information into a carrier message. Steganographic methods are usually ...aimed at hiding the very existence of the communication. Due to the rise in popularity of IP telephony, together with the large volume of data and variety of protocols involved, it is currently attracting the attention of the research community as a perfect carrier for steganographic purposes. This article is a first survey of the existing Voice over IP (VoIP) steganography methods and their countermeasures.
Information hiding is increasingly used to implement covert channels, to exfiltrate data or to perform attacks in a stealthy manner. Another important usage deals with privacy, for instance, to ...bypass limitations imposed by a regime, to prevent censorship or to share information in sensitive scenarios such as those dealing with cyber defense. In this perspective, the paper investigates how VoIP communications can be used as a methodology to enhance privacy. Specifically, we propose to hide traffic into VoIP conversations in order to prevent the disclosure, exposure and revelation to an attacker or blocking the ongoing exchange of information. To this aim, we exploit the voice activity detection feature available in many client interfaces to produce fake silence packets, which can be used as the carrier where to hide data. Results indicate that the proposed approach can be suitable to enforce the privacy in real use cases, especially for file transfers. As interactive services (e.g., web browsing) may experience too many delays due to the limited bandwidth, some form of optimization or content scaling may be advisable for such scenarios.
•A PET-capable framework leveraging VoIP traffic to provide a virtual network interface for tunneling protocols of the TCP/IP suite.•The extension of a VAD-based injection technique to support full-duplex paths often used for Machine-to-Machine communications and collaborative defense frameworks.•A thorough performance evaluation of the behavior of the different protocol/functional layers using the covert channel.•An advancement in the understanding of security requirements of collaborative cyber defense efforts, which still lack of successful models.
Improvement of transport network design efficiency problems at the expense of the system approach to the estimation of network quality and assigned communications services quality are considered. ...Methods and technical facilities that provide constancy and control complexness of network quality on different stages of its life cycle are offered.
Information hiding is increasingly used by malware for creating covert channels to exfiltrate data, orchestrate attacks, as well as to download additional code for extending its functionalities at ...runtime. Since the popularity of the carrier used for embedding secrets is fundamental to guarantee a suitable degree of stealthiness, this paper investigates how to create a covert channel within ubiquitous Voice over IP (VoIP) conversations. Specifically, we propose to hide information in fake RTP packets generated during silence intervals obtained by transforming a VoIP stream with Voice Activity Detection (VAD) into a non-VAD one. Experimental results collected in different scenarios indicate that embedding a covert channel in the VAD-activated VoIP stream offers a good trade-off between stealthiness and steganographic bandwidth. Guidelines to detect and mitigate information-hiding-capable threats targeting IP telephony applications are also provided.
IP telephony have played an essential role during the COVID 19 pandemic lockdown. One of the issues that lower the service level of the IP telephony solutions is the inefficient bandwidth ...exploitation. This paper proposes a Smallerize/Zeroize (SmlZr) method to enhance bandwidth exploitation. The SmlZr method is explicitly designed for the P2P IP telephony calls over IPv6 networks. The essence concept of the proposed method is to use the unnecessary fields in the header to keep the voice media of the packet. Doing so leads to smallerize or zeroize the packet payload and, thus, enhance the bandwidth exploitation. The SmlZr method has outperformed the RTP method for all the comparison parameters. For instance, the SmlZr method shrinks the bandwidth by 25% compared to the RTP protocol. Bandwidth saving is helpful for P2P IP telephony calls because it alleviates the traffic load. Thus, improve the call capacity boosts the call clarity.
The Internet has burgeoned into a worldwide information superhighway during the past few years, giving rise to a host of new applications and services. Among them, Voice over IP (VoIP) is the most ...prominent one. Beginning more as a frolic among computer enthusiasts, VoIP has set off a feeding frenzy in both the industrial and scientific communities and has the potential to radically change telephone communications. In this article, we survey all these aspects that have the greatest impact on the quality of voice communications over IP networks. The survey begins with the merits and demerits of VoIP, followed by the Quality of Service (QoS) requirements that voice imposes and a description of test methods for the assessment of speech quality. We then proceed with a delineation of the issues related to the conversion of analog voice to packets, namely we spell out the details of the most well-known voice codecs, while light is also thrown on voice activity detection and voice packetization. Header compression schemes receive intense scrutiny as well. We also provide an overview of the signaling protocols that are tailored to the needs of VoIP, and we continue with the comparison of the call admission schemes that are geared towards the QoS constraints of VoIP. The pivotal issue of security is then discussed, pointing out potential threats as well as approaches for tackling them. Finally, the survey concludes with a discussion on the feasibility of providing VoIP over challenging satellite links.
This paper introduces a dynamic speech encryption algorithm based on Lorenz chaotic map over internet protocol to enhance the services of the real-time applications such as increases the security ...level and reduces latency. The proposed algorithm was divided into two processes: dynamic key generation process using 128-bit hash value to dynamically alter the initial secret keys, and encryption and decryption process using Lorenz system. In the proposed algorithm, the performance evaluation is carried out through efficient simulations and implementations and statistical analysis. In addition, the average time delay in the proposed algorithm and some of the existing algorithms such as AES is compared. The obtained results concluded that, the proposed dynamic speech encryption algorithm is effectually secured against various cryptanalysis attacks and has useful cryptographic properties such as confusion and diffusion for better voice communication in the voice applications field in the Internet.
The research problem described in this article is related to the security of an IP network that is set up between two cities using hosting. The network is used for transmitting telephone traffic ...between servers located in Germany and the Netherlands. The concern is that with the increasing adoption of IP telephony worldwide, the network might be vulnerable to hacking and unauthorized access, posing a threat to the privacy and security of the transmitted information. This article proposes a solution to address the security concerns of the IP network. After conducting an experiment and establishing a connection between the two servers using the WireShark sniffer, a dump of real traffic between the servers was obtained. Upon analysis, a vulnerability in the network was identified, which could potentially be exploited by malicious actors. To enhance the security of the network, this article suggests the implementation of the Transport Layer Security (TLS) protocol. TLS is a cryptographic protocol that provides secure communication over a computer network, ensuring data confidentiality and integrity during transmission. Integrating TLS into the network infrastructure, will protect the telephone traffic and prevent unauthorized access and eavesdropping.
PDF
