A method for forensic artifact collection, analysis and incident response in environments running Session Initiation Protocol (SIP) and Session Description protocol

In this paper, we perform an analysis of SIP, a popular voice over IP (VoIP) protocol and propose a framework for capturing and analysing volatile VoIP data in order to determine forensic readiness requirements for effectively identifying an attacker. The analysis was performed on real attack data and the findings were encouraging. It seems that if appropriate forensic readiness processes and controls are in place, a wealth of evidence can be obtained. The type of the end user equipment of the internal users, the private IP, the software that is used can help build a reliable baseline information database. On the other hand the private IP addresses of the potential attacker even during the presence of NAT services, as well as and the attack tools employed by the malicious parties are logged for further analysis

Privacy Sensitive Resource Access Monitoring For Android Systems

Mobile devices, with an extensive array of capabilities and flexibility, are sometimes said to be an extension of the human body. Enhancing device capabilities and incorporating them into everyday life have always been a huge focus of the mobile industry. In the area of mobile data collection, existing works collect various types of user behavior data via mobile device usage, and use the data to aid in further understanding of human behavior. Typical data collection utilizes application or background service installed on the mobile device with user permission to collect data such as accelerometer, call logs, location, wifi transmission, etc. In this process, sensitive user information is tracked through a data tainting process. Contrary to the existing works, this research aims at collecting application behavior instead of user behavior. The goal is to provide a means to analyze how background services access mobile resources, and potentially identify suspicious applications that access sensitive user information. This investigation proposes an approach to track the access of mobile resources in a real time and sequential way. Specifically, the approach integrates the concept of taint tracking. Each identified user privacy sensitive resource is tagged and marked for tracking. The approach is composed of three different components: collection mechanism, collection client, and collection server. The collection mechanism resides in the Android OS to detect any incoming activity to privacy sensitive mobile resources. Whenever detection occurs, the collection client processes the formatted information. The collection client then communicates with an external server to store the gathered data. From these data, responsible applications, affected resources, and transmitted data were identified along with sequences of activity resulting from specific user actions. The result is a dynamic, real-time resource for monitoring the process flow of applications. Statistical analysis of sample data collected will be presented to demonstrate some interesting application behaviors and the potential usage of the application behavior data collection process

Implementation and maintenance of telephony network through Avaya s8720: practice application in Fabrics Division at Barcelona

La empresa W.L. GORE and Asociados es una empresa multinacional con sede en Barcelona dedicada a la fabricación y venta de membranas de PTFE (Politetrafluoroetileno), un material transpirable e impermeable con múltiples aplicaciones en el mercado. Una de dichas aplicaciones consiste en insertar dicha membrana en prendas de ciclismo y running, lo que confiere cualidades extras al tejido y mejora el rendimiento del deportista. Aprovechando esta línea de negocio, se ha creado un departamento internacional de atención al cliente compuesto por seis personas, mediante el cual se pretende dar servicio tanto a tiendas como al cliente final para la solicitud de pedidos y cambios. Una vez aprobado el proyecto en Barcelona, se encarga al Departamento de Telecomunicaciones de la empresa su puesta en marcha. Para ello, se parte de los medios de los que dispone la empresa, fundamentalmente un servidor de telefonía Avaya S8700 y un customer service de productos médicos en activo. En este contexto, se ha utilizado una tecnología IP para las conexiones lógicas de los teléfonos y la centralita de tecnología PSTN. De este modo, utilizaremos telefonía IP en el recorrido entre los teléfonos y la centralita, y pasaremos a modo analógico una vez se haya determinado la gestión de las llamadas, tanto internas como externas. La parte más importante del proyecto, una vez asegurada la conexión entre los dispositivos, es la programación de los grupos de llamada. En nuestro proyecto, aplicaremos unas determinadas secuencias de encaminamiento para derivar la llamada a la persona más indicada en cada caso. En este escenario, se considerará la procedencia de la llamada (entorno europeo) y la persona que ha de atenderla, que deberá tener un determinado nivel de conocimiento de la lengua de origen de la llamada. Para dotar al sistema de robustez, deberemos determinar un encaminamiento especial o backup para aquellos casos en que no haya personas disponibles para atender la llamada, la llamada se realice fuera de horario de oficina, haya que enviar mensajes de voz especiales, etc. Una vez completada la parte de instalación e implementación, y una vez terminada la programación del sistema, deberán efectuarse las pruebas correspondientes para depurar errores, así como los cambios propios del mantenimiento de las líneas. Igualmente, se han llevado a cabo otras operaciones secundarias como la configuración del sistema en cintas redundantes, la implementación de buzones de voz, la posibilidad de desviar las líneas locales a internacionales, COS y COR y otras opciones adicionales en vectores y skills

Modelling and Simulation of SIP and IAX Sessions

Import 03/11/2016My thesis is focused on simulating a functioning model of SIP and IAX and compare these two VoIP protocols. This is done by implementing an Asterisk server onto two virtual machines with Ubuntu operating system where I build a trunking system for each protocol, tested it by calling the peers in both directions, captured the traffic passing through and analysed it with Wireshark. The acquired data is then implemented and presented on a chart form for a better view and comparison of the two parallel protocols.Moje práce je zaměřena na simulaci funkčnosti modelu SIP a IAX a porovnání těchto dvou VoIP protokolů. To je provedeno zavedením Asteriskem serveru na dva virtuální počítaček s operačním systémem Ubuntu, kde je vybudován trunking systém pro každý protokol a to tak, že spojuje volající v obou směrech, zachycuje průchod, a analyzuje pomocí Wireshark. Získaná data jsou pak použita a prezentována ve formě grafů pro lepší přehlednost a srovnání obou paralelních protokolů.440 - Katedra telekomunikační technikydobř

TABLE OF CONTENTS

Once you are aware of the benefits and applications of Voice over IP, it is too good to resist. Perhaps that is why vendors are flooding the market with VOIP products and services. The following paper analyzes the various issues in the evolving VOIP technology and the challenges in the development of VOIP products. It then presents the features of few VOIP Products offered by the leaders in this field, how well they handle the issues and som

Advanced concept of voice communication server on embedded platform

The paper deals with a design of an embedded Voice communication server which was developed within the scope of the BESIP project (Bright Embedded Solution for IP Telephony). The project brings a modular architecture with additional functionality such as a speech quality monitoring and a protection against security threats.The speech quality assessment is carried out in a simplified computational E-model and we implemented our proposal into the BESIP as an optional component. In the security module. We applied a standard approach to the intrusion detection and protection and in addition to the mentioned modules we come up with an idea of unified configuration based on the NETCONF protocol. We implemented ntegrated the complex support of NETCONF configuration protoco into OpenWRT and our modifications were accepted by OpenWRT community. The paper describes the inidvidual modules, their features and entire BESIP concept.Scopus892b23322

An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol

Skype is a peer-to-peer VoIP client developed by KaZaa in 2003. Skype claims that it can work almost seamlessly across NATs and firewalls and has better voice quality than the MSN and Yahoo IM applications. It encrypts calls end-to-end, and stores user information in a decentralized fashion. Skype also supports instant messaging and conferencing. This report analyzes key Skype functions such as login, NAT and firewall traversal, call establishment, media transfer, codecs, and conferencing under three different network setups. Analysis is performed by careful study of Skype network traffic