1,149 research outputs found

    Synesthesia: Detecting Screen Content via Remote Acoustic Side Channels

    Full text link
    We show that subtle acoustic noises emanating from within computer screens can be used to detect the content displayed on the screens. This sound can be picked up by ordinary microphones built into webcams or screens, and is inadvertently transmitted to other parties, e.g., during a videoconference call or archived recordings. It can also be recorded by a smartphone or "smart speaker" placed on a desk next to the screen, or from as far as 10 meters away using a parabolic microphone. Empirically demonstrating various attack scenarios, we show how this channel can be used for real-time detection of on-screen text, or users' input into on-screen virtual keyboards. We also demonstrate how an attacker can analyze the audio received during video call (e.g., on Google Hangout) to infer whether the other side is browsing the web in lieu of watching the video call, and which web site is displayed on their screen

    Voice over IP: Forensic Computing Implications

    Get PDF
    The issues faced by law enforcement authorities concerning VoIP are very different from that of traditional telephony. VoIP provides strong encryption and a decentralised databased network. Wiretapping is not applicable to VoIP calls and packet capturing is negated by encryption. New methods are required to collect evidence from systems running VoIP software. This paper presents work in progress and, based on a literature review of the field, explores a methodology that may be used to advance this research area

    A method for forensic artifact collection, analysis and incident response in environments running Session Initiation Protocol (SIP) and Session Description protocol

    Get PDF
    In this paper, we perform an analysis of SIP, a popular voice over IP (VoIP) protocol and propose a framework for capturing and analysing volatile VoIP data in order to determine forensic readiness requirements for effectively identifying an attacker. The analysis was performed on real attack data and the findings were encouraging. It seems that if appropriate forensic readiness processes and controls are in place, a wealth of evidence can be obtained. The type of the end user equipment of the internal users, the private IP, the software that is used can help build a reliable baseline information database. On the other hand the private IP addresses of the potential attacker even during the presence of NAT services, as well as and the attack tools employed by the malicious parties are logged for further analysis

    "Net Neutrality," Non-Discrimination and Digital Distribution of Content Through the Internet

    Get PDF
    The vast majority of US residential consumers face a monopoly or duopoly in broadband Internet access. Up to now, the Internet was characterized by a regime of "net neutrality" where there was no discrimination in the price of a transmitted information packet based on the identities of either the transmitter or the receiver or based on the application or type of content that it contained. The providers of DSL or cable modem access in the United States, taking advantage of a recent regulatory change that effectively abolished net neutrality and non-discrimination protections, and possessing significant market power, have recently discussed implementing a variety of discriminatory pricing schemes. This paper discusses and evaluates the implication of a number of these schemes on prices, profits of the network access providers and those of the complementary applications and content providers, as well as the impact on consumers. We also discuss an assortment of anti-competitive effects of such price discrimination, and evaluate the possibility of imposition of net neutrality by law.Technology and Industry

    Developing New Approaches for Intrusion Detection in Converged Networks

    Get PDF

    Extraction of Electronic Evidence from VoIP: Identification & Analysis of Digital Speech

    Get PDF
    The Voice over Internet Protocol (VoIP) is increasing in popularity as a cost effective and efficient means of making telephone calls via the Internet. However, VoIP may also be an attractive method of communication to criminals as their true identity may be hidden and voice and video communications are encrypted as they are deployed across the Internet. This produces a new set of challenges for forensic analysts compared with traditional wire-tapping of the Public Switched Telephone Network (PSTN) infrastructure, which is not applicable to VoIP. Therefore, other methods of recovering electronic evidence from VoIP are required. This research investigates the analysis and recovery of digitised human voice, which persists in computer memory after a VoIP call. This paper outlines the ongoing development of a software tool, the purpose of which, determines how remnants of digitised human speech from a VoIP call may be identified within a forensic memory capture based on how the human voice is detected via a microphone and encoded to a digital format using the sound card of a personal computer. This digital format is unencrypted whist stored in Random Access Memory (RAM) before it is passed to the VoIP application for encryption and transmission over the Internet. Similarly, an incoming encrypted VoIP call is decrypted by the VoIP application and passes through RAM unencrypted in order to be played via the speaker output. A series of controlled tests were undertaken whereby RAM captures were analysed for remnants of digital audio after a VoIP audio call with known conversation. The identification and analysis of digital audio from RAM attempts to construct an automatic process for the identification and subsequent reconstruction of the audio content of a VoIP call. This research focuses on the analysis of RAM captures acquired using XWays Forensics software. This research topic, guided by a Law Enforcement Agency, uses X-Ways Forensics to simulate a RAM capture which is achieved covertly on a target machine without the user\u27s knowledge, via the Internet, during or after a VoIP call has taken place. The authors assume no knowledge of the technique implemented to recover the covert RAM capture and are asked to base their analysis on a memory capture supplied in the format of a file with a ‘.txt’ extension. The methods of analysis described herein are independent of the acquisition method applied to RAM capture. The goal of this research is to develop automated software that may be applied to a RAM capture to identify fragments of audio persisting in RAM after a VoIP call has been terminated, using time domain and signal processing technique, frequency domain analysis. Once individual segments of audio have been identified, the feasibility of reproducing audio from a VoIP call may be determined

    A comprehensive IVR (Interactive Voice Response) analysis model using online analytical processing (OLAP) on a multidimensional data cube

    Get PDF
    Private Branch eXchange (PBX) is a tool indispensable in the business world. The telephone exchanges allow employees to perform internal connections between telephones, or make calls to the external network also known as Public Switched Telephone Network (PSTN). With increasing Internet usage, there is interest in understanding what services are offered. Enterprise Courier is a commercial Internet Protocol Private Branch eXchange (IP PBX) based on open source Asterisk web-based PBX software for Linux, which supports multiple protocols and services, like Interactive Voice Response (IVR). Cisco Unified Communications Manager (CUCM) or CallManager, is a software based call-processing system (IP PBX) developed by Cisco Systems. CUCM tracks all active Voice over IP (VoIP) network components; including phones, gateways, conference bridges, among others. IVR is part of the Academic Services costumer contact and ticketing of University of Beira Interior (UBI). IVR monitoring and analysis are essential for effective operation and resource management, in particular, multidimensional analysis for long-term data is necessary for comprehensive understanding of the trend, the quality of customer service and costumer experience. In this paper, we propose a new IVR analysis model for large volumes of IVR data accumulated over a long period of time. The IVRCube proposed is an analysis model using online analytical processing (OLAP) on a multidimensional data cube that provides an easy and fast way to construct a multidimensional IVR analysis system for comprehensive and detailed evaluation of long-term data. The feasibility and applicability are validated, as the proposed IVRCube analysis model is implemented and applied to Academic Services costumer contact and ticketing IVR data.A Private Branch eXchange (PBX) é uma ferramenta indispensável no mundo dos negócios. As centrais telefónicas permitem que os funcionários realizem chamadas internas entre telefones, ou façam chamadas para a rede externa, também conhecida como Public Switched Telephone Network (PSTN). Com o aumento sistemático da utilização da Internet, há um interesse acrescido em entender quais os serviços que são oferecidos nas redes baseadas em Internet Protocol (IP). Um destes serviços é o Voice over IP (VoIP). O Enterprise Courier é um software IP PBX comercial para VoIP baseado na aplicação de código aberto Asterisk, que opera sobre Linux. O IP PBX Enterprise Courier suporta vários protocolos e serviços, por exemplo o Interactive Voice Response (IVR). O Cisco Unified Communications Manager (CUCM) também chamado de CallManager, é um sistema de processamento de chamadas IP, ou IP PBX, desenvolvido pela Cisco Systems. O CUCM permite fazer a gestão e operação de todos os componentes ativos de voz, incluindo telefones, gateways, equipamentos de conferência entre outros. Estes sistemas coexistem na rede de gestão de comunicações de voz da Universidade da Beira Interior (UBI), sendo que o sistema automatizado utilizado para o encaminhamento de chamadas dos Serviços Académicos na UBI utiliza a tecnologia IVR. Este serviço da UBI é uma das formas que os clientes da Universidade (alunos e não alunos) têm para obter informações e resolver questões de forma rápida e simples usando o telefone. Por ser um importante ponto de interface entre a universidade e a comunidade, a monitorização e análise de desempenho do IVR são essenciais para o funcionamento eficaz e gestão de recursos humanos atribuídos a este serviço, o que torna a tarefa de extrair os dados do sistema de VoIP e apresentá-los de forma a poder extrair deles informação útil à gestão, o centro deste trabalho de investigação. Para a análise dos dados, foi usada uma técnica de análise multidimensional de dados a longo prazo, necessária para uma compreensão abrangente da evolução e qualidade de serviço prestada ao cliente tendo como objetivo a melhor experiência possível por parte do cliente. Neste trabalho, propomos um novo modelo de análise de IVR para grandes volumes de dados acumulados ao longo de um extenso período de tempo. O IVRCube é um modelo de análise utilizando online analytical processing (OLAP) num cubo de dados multidimensional que fornece uma forma fácil e rápida de construir um sistema de análise multidimensional para avaliação exaustiva e pormenorizada dos dados ao longo do tempo. A viabilidade e aplicabilidade deste modelo são validadas, uma vez que o modelo de análise IVRCube proposto é implementado e aplicado ao serviço de contacto telefónico (IVR) dos Serviços Académicos da UBI
    corecore