[VOIPSEC] Voice or Not -- Fake Voice Packet???

Greg Schmid gschmid at securelogix.com
Tue Oct 4 10:58:11 CDT 2005 

All,

There will probably be someday (if not now) applications that tunnel data
using
RTP to trick the network into giving the application a higher priority
throughput. 
Of course, the rogue application taking advantage of RTP would indicate
audio in
the PT to bump up its priority reserved normally for real-time transport.

To block this type of trickery, the payload needs to be processed. Using a
VAD 
algorithm directly on the payload would work with uncompressed audio.  With 
compressed audio the codec would have to be determined from the signaling
stream
and the audio decompressed.  The decompressed audio could then be processed
with
a VAD.  This all would require some DSP resources, but it can be done.

Greg Schmid



-----Original Message-----
From: Haluska, John J [mailto:jhaluska at telcordia.com]
Sent: Tuesday, October 04, 2005 8:06 AM
To: Voipsec at voipsa.org
Subject: Re: [VOIPSEC] Voice or Not -- Fake Voice Packet???


All,

 

RTP is intended to carry more than just voice - so in general it is
legitimate to carry other types of media, for which there are defined
RTP profiles,  which can include audio, video, text, etc. So if you want
to determine the type of media it is carrying, you could use the payload
type.

 

Of course, if you are suspecting some skullduggery such as sending email
etc over VOIP, you would need to process the payload to some extent
based on the  claimed  PT.  If you are looking for  some particular
thing then that is probably an easier task than trying to verify that a
stream is actually carrying audio encoded in the claimed PT.

 

 

 

John Haluska

 

 

---------------------------------------------------------------------

 

Message: 1

Date: Mon, 3 Oct 2005 14:09:08 -0400

From: Vijay Shyamasundar Shyamasundar <vijayshyamasundar at gmail.com>

Subject: [VOIPSEC] Voice or Not -- Fake Voice Packet???

To: "Voipsec at voipsa.org" <Voipsec at voipsa.org>

Message-ID:

      <3eeef23a0510031109y434a4ff8q897ebae6e4fd75e2 at mail.gmail.com>

Content-Type: text/plain; charset=ISO-8859-1

 

Hi All,

 Is there any way to find out if the packets are genuine voice packets
or not. By looking into the Payload Type(PT) field of RTP packet, we can
say if its audio/video.. and the codec used. What if i could generate
some packets with that PT field showing it as audio packet while the
payload contains something else.  I would like to know if there is a way
to find out if the packet really contains voice or not.

  Regards,

Vijay

 On 9/9/05, Dalton, Ronda L <DaltonR at state.gov> wrote:

>

 

_______________________________________________
Voipsec mailing list
Voipsec at voipsa.org
http://voipsa.org/mailman/listinfo/voipsec_voipsa.org

More information about the Voipsec mailing list