Digital Forensics in VoIP networks

Abstract : With VoIP being deployed on large scale, forensic analysis of captured VoIP traffic is of major practical interest. In this paper, we present a new fingerprinting approach that identifies the types of devices (name, version, brand, series) in captured VoIP traffic. We focus only on the signaling plane and discard voice related data. Although we consider only one signaling protocol for the illustration, our tool relies on structural information trees and can easily be adapted to any protocol of that has a known syntax. We have integrated our tool within the well known tshark application in order to provide an easy to use support for forensic analysts.
Type de document :
Communication dans un congrès
IEEE. IEEE Workshop on Information Forensics and Security - WIFS'10, Dec 2010, Seattle, United States. pp.6, 2010
Liste complète des métadonnées

Littérature citée [22 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/inria-00548768
Contributeur : Jérôme François <>
Soumis le : lundi 20 décembre 2010 - 13:54:32
Dernière modification le : jeudi 11 janvier 2018 - 06:19:50
Document(s) archivé(s) le : jeudi 30 juin 2011 - 13:12:10

Fichier

wifs10.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : inria-00548768, version 1

Collections

Citation

Jérôme François, Radu State, Thomas Engel, Olivier Festor. Digital Forensics in VoIP networks. IEEE. IEEE Workshop on Information Forensics and Security - WIFS'10, Dec 2010, Seattle, United States. pp.6, 2010. 〈inria-00548768〉

Partager

Métriques

Consultations de la notice

426

Téléchargements de fichiers

417