Title :
Using Misuse Patterns for VoIP Steganalysis
Author_Institution :
Res. Lab., U.S. Army, Aberdeen Proving Ground, MD, USA
fDate :
Aug. 31 2009-Sept. 4 2009
Abstract :
The growing interest in Voice over Internet Protocol (VoIP) communications increased the fear that criminal and terrorist groups are switching to this technology to coordinate their operations. VoIP services that cannot be monitored and lawfully intercepted may be used to perform illegal activity. Converged networks are vulnerable to steganographic attacks due to their high bandwidth usage. This feature provides a way to embed hidden messages in either the VoIP signaling or media streams making steganalysis harder to accomplish. This paper discusses a systematic approach to analyze steganography in VoIP using misuse patterns [Pel09]. Misuse patterns describe, from the point of view of the attacker, how a type of information misuse is performed, analyzes the ways of stopping the attack, and considers how to trace the attack once it has happened. The pattern also attempts to correlate events with specific parts of the system. We will use these semiformal models as a method to improve the detection of embedded hidden messages in IP telephony.
Keywords :
Internet telephony; steganography; VoIP steganalysis; embedded hidden message detection; misuse patterns; semiformal models; steganography; voice over Internet protocol; Bandwidth; Communication switching; Information analysis; Internet telephony; Monitoring; Pattern analysis; Performance analysis; Steganography; Streaming media; Terrorism; IP Protocol; VoIP; networks; object-oriented patterns; security; steganography;
Conference_Titel :
Database and Expert Systems Application, 2009. DEXA '09. 20th International Workshop on
Conference_Location :
Linz
Print_ISBN :
978-0-7695-3763-4
DOI :
10.1109/DEXA.2009.90
