Browse > Article
http://dx.doi.org/10.17662/ksdim.2018.14.4.117

A study on the risk of taking out specific information by VoIP sniffing technique  

Lee, Donggeon (광운대학교 소프트웨어학과)
Choi, Woongchul (광운대학교 소프트웨어학과)
Publication Information
Journal of Korea Society of Digital Industry and Information Management / v.14, no.4, 2018 , pp. 117-125 More about this Journal
Abstract
Recently, VoIP technology is widely used in our daily life. Even VoIP has become a technology that can be easily accessed from services such as home phone as well as KakaoTalk.[1] Most of these Internet telephones use the RTP protocol. However, there is a vulnerability that the audio data of users can be intercepted through packet sniffing in the RTP protocol. So we want to create a tool to check the security level of a VoIP network using the RTP protocol. To do so, we capture data packet from and to these VoIP networks. For this purpose, we first configure a virtual VoIP network using Raspberry Pi and show the security vulnerability by applying our developed sniffing tool to the VoIP network. We will then analyze the captured packets and extract meaningful information from the analyzed data using the Google Speech API. Finally, we will address the causes of these vulnerabilities and possible solutions to address them.
Keywords
VoIP; RTP; SIP; Security; Sniffing;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 KakaoTalk, https://www.kakaocorp.com/service/KakaoTalk
2 Malcolmd, "Channel Driver Modules," https://wiki.asterisk.org/wiki/display/AST/Channel+Driver+Modules
3 H. Schulzrinne, S. Casner, R. Frederick, V. Jacobson, "RTP: A Transport Protocol for Real-Time Applications.," RFC3550, The Internet Society, 2003.
4 H. Schulzrinne, S. Casner, "RTP Profile for Audio and Video Conferences with Minimal Control.," RFC3551, The Internet Society, 2003
5 Malcolm Davenport , "RTP Packetization," https://wiki.asterisk.org/wiki/display/AST/RTP+Packetization
6 Patrick Park, Voice over IP Security, Cisco Press, 2009
7 Himanshu Dwivedi, Hacking VoIP, No Starch Press, 2009
8 Laura Chappell, 와이어샤크 네트워크 완전 분석 (이재광, 전태일 역), 에이콘, 2012
9 김창식, 김태경, "텍스트마이닝을 이용한 정보보호 연구동향 분석," (사)디지털산업정보학회논문지, 제14권, No.2 , 2018, pp. 19-25.
10 최희식, 조양현, "모바일 앱 서비스 이용 증가로 인한 보안 위협 분석," (사)디지털산업정보학회논문지, 제14권, No.1 , 2018, pp. 45-55.