Hackers of India

VoIPShark: Open Source VoIP Analysis Platform

 Nishant Sharma   Jeswin Mathai   Ashish Bhangale 

2019/06/02

Abstract

Leveraging the packet switched network for making phone calls or VoIP has come a long way now. Today, it has already replaced conventional circuit switching based telephones from the large organizations and now moving to capture the non-commercial users. In this talk, we will focus on the traffic analysis based security analysis of SIP and RTP protocols which are one of the most popular protocols for VoIP. These protocols are already gaining new adopters on high rate and also replacing older protocols like H323.

We will discuss VoIPShark open source VoIP Analysis Platform which will allow people to analyze live or stored VoIP traffic, easily decrypt encrypted SRTP stream, perform macro analysis, generate summary specific to VoIP traffic/nodes and export calls/SMS/DTMF in popular user friendly file formats. We will also be releasing VoIPShark collection of Wireshark plugins written in Lua under GPL. VoIPShark is plug-n-play, easy to modify/extend and platform independent in nature. We will also discuss the currently available open source tools for SRTP decryption, their shortcomings and how VoIPShark address those.