A preview of this full-text is provided by Springer Nature.
Content available from Multimedia Tools and Applications
This content is subject to copyright. Terms and conditions apply.
An empirical approach towards characterization
of encrypted and unencrypted VoIP traffic
Paromita Choudhury
1
&K. R. Prasanna Kumar
1
&Sukumar Nandi
2
&G. Athithan
3
Received: 9 August 2018 /Revised: 11 June 2019 /Accepted: 6 August 2019
#Springer Science+Business Media, LLC, part of Springer Nature 2019
Abstract
VoIP traffic classification plays a major role towards network policy enforcements. Charac-
terization of VoIP media traffic is based on codec behaviour. With the introduction of variable
bit rate codecs, coding, compression and encryption present different complexities with respect
to the classification of VoIP traffic. The randomness tests do not extend directly to classifica-
tion of compressed and encrypted VoIP traffic. The paper examines the applicability of
randomness tests to encrypted and unencrypted VoIP traffic with constant bit rate and variable
bit rate codecs. A novel method Construction-by-Selection that constructs a test sequence from
partial payload data of VoIP media session is proposed in this paper. The results based on
experimentations on this method show that such construction exhibit randomness and hence
allows differentiation of encrypted VoIP media traffic from unencrypted VoIP media traffic
even in the case of variable bit rate codecs.
Keywords VoI P .Codec .Encryption .Compression .Hamming distance .Auto-correlation .
Randomness test
https://doi.org/10.1007/s11042-019-08088-w
*Paromita Choudhury
paromitaz@gmail.com
K. R. Prasanna Kumar
prasanna@cair.drdo.in
Sukumar Nandi
sukumar@iitg.ernet.in
G. Athithan
athithan.g@gmail.com
1
CAIR, DRDO, Bangalore, India
2
Department of CSE, IIT-Guwahati, Guwahati, India
3
DRDO HQ, Delhi, India
Multimedia Tools and Applications (2020) 79:603–631
Published online: 4 2019
September
/
Content courtesy of Springer Nature, terms of use apply. Rights reserved.