Side-Channel VoIP Profiling Attack against Customer Service Automated Phone System

In many VoIP systems, Voice Activity Detection (VAD) is often used on VoIP traffic to suppress packets of silence in order to reduce the bandwidth consumption of phone calls. Unfortunately, although VoIP traffic is fully encrypted and secured, traffic analysis of this suppression can reveal identifying information about calls made to customer service automated phone systems. Because different customer service phone systems have distinct, but fixed (pre-recorded) automated voice messages sent to customers, VAD silence suppression used in VoIP will enable an eavesdropper to profile and identify these automated voice messages. In this paper, we will use a popular enterprise VoIP system (Cisco CallManager), running the default Session Initiation Protocol (SIP) protocol, to demonstrate that an attacker can reliably use the silence suppression to profile calls to such VoIP systems. Our real-world experiments demonstrate that this side-channel profiling attack can be used to accurately identify not only what customer service phone number a customer calls, but also what following options are subsequently chosen by the caller in the phone conversation.Comment: 6 pages, 12 figures. Published in IEEE Global Communications Conference (GLOBECOM), 202

Hiding Traffic Patterns in VoIP Communication

Voice over IP(VoIP) is widely used in today\u27s communication, VoIP is a methodology that able to converts analog voice signals into digital data packets and support real-time, two-way transmission of conversations using Internet Protocol. Despite of the fact that VoIP technology have greatly developed since the earliest design, it still suffer from the common problem that affect Internet security: hacker. Currently Timing-based attack is the most famous attack method on VoIP. Timing-based traffic analysis attacks mainly based on packet inter-arrival time. Attackers are able to analyze the packet sending time intervals and export user\u27s talking pattern. Finally, attacker can identify the user by comparing the exported talking pattern with the talking pattern in their databases. Therefore, to protect user\u27s identity, we propose a new application to hide user\u27s talking pattern. In this thesis, we address issues related to traffic analysis attacks and the corresponding countermeasures in VoIP traffic. We focus on a particular class of traffic analysis attack, timing-based correlation attacks, by which an adversary attempt to analyze packet inter-arrival time of a user and correlate the output traffic with the traffic in their database. Correlation method that is used in this type of attack, namely Dynamic Time Warping(DTW) based Correlation. Based on our threat model and known strategies in existing VoIP communication, we develop methods that can effectively counter the timing-based correlation attacks. The empirical results shows the effectiveness of the proposed scheme in term of countering timing-based correlation attacks. Our experimental result showed that our application is able to hide user\u27s identity in VoIP communication, with a few modifications in the sending process

The Bits of Silence : Redundant Traffic in VoIP

Human conversation is characterized by brief pauses and so-called turn-taking behavior between the speakers. In the context of VoIP, this means that there are frequent periods where the microphone captures only background noise – or even silence whenever the microphone is muted. The bits transmitted from such silence periods introduce overhead in terms of data usage, energy consumption, and network infrastructure costs. In this paper, we contribute by shedding light on these costs for VoIP applications. We systematically measure the performance of six popular mobile VoIP applications with controlled human conversation and acoustic setup. Our analysis demonstrates that significant savings can indeed be achievable - with the best performing silence suppression technique being effective on 75% of silent pauses in the conversation in a quiet place. This results in 2-5 times data savings, and 50-90% lower energy consumption compared to the next better alternative. Even then, the effectiveness of silence suppression can be sensitive to the amount of background noise, underlying speech codec, and the device being used. The codec characteristics and performance do not depend on the network type. However, silence suppression makes VoIP traffic network friendly as much as VoLTE traffic. Our results provide new insights into VoIP performance and offer a motivation for further enhancements, such as performance-aware codec selection, that can significantly benefit a wide variety of voice assisted applications, as such intelligent home assistants and other speech codec enabled IoT devices.Peer reviewe