TY - JOUR
T1 - Exploiting encrypted and tunneled multimedia calls in high-speed big data environment
AU - Mazhar Rathore, M.
AU - Ahmad, Awais
AU - Paul, Anand
AU - Rho, Seungmin
N1 - Publisher Copyright:
© 2017, Springer Science+Business Media New York.
PY - 2018/2/1
Y1 - 2018/2/1
N2 - Due to the rapid increase in the speed as well as the number of users over the Internet, the rate of data generation is enormously grown. In addition, at the same rate, the multimedia transmission especially the usage of VoIP calls is rapidly growing due to its cost effectiveness, dramatic functionality over the traditional telephone network and its compatibility with public switched telephone network (PSTN). In most of the developing countries, internet service providers (ISPs) and telecommunication authorities are concerned in detecting such calls to either block or prioritize commercial VoIP. Signature-based, port-based, and pattern-based detection techniques are inaccurate due to the complex and confidential security and tunneling mechanisms used by VoIP. Therefore, in this paper, we proposed a generic, robust, efficient statistical analysis-based solution to identify encrypted and tunneled voice media flows. We extracted six statistical parameters, which are extracted for each flow and compared with threshold values while generating a number of rules to identify VoIP media calls. The paper also offers a complete architecture that can efficiently process high-speed traffic in order to detect VoIP flows at real-time. The proposed system, including the architecture and the algorithm, can be practically implemented in a real environment, such as ISP or telecommunication authority’s gateway. We implemented the system using the parallel environment of Hadoop ecosystem with Spark on the top of it to achieve the real-time processing. We evaluated the system by considering 1) the accuracy in terms of detection rate by computing the direct rate and false positive rate and 2) the efficiency in terms of processing power. The result shows that the system has 97.54% direct rate and.00015% false positive rate, which are quite high. The comparative study proved that the proposed system is more accurate than the existing techniques.
AB - Due to the rapid increase in the speed as well as the number of users over the Internet, the rate of data generation is enormously grown. In addition, at the same rate, the multimedia transmission especially the usage of VoIP calls is rapidly growing due to its cost effectiveness, dramatic functionality over the traditional telephone network and its compatibility with public switched telephone network (PSTN). In most of the developing countries, internet service providers (ISPs) and telecommunication authorities are concerned in detecting such calls to either block or prioritize commercial VoIP. Signature-based, port-based, and pattern-based detection techniques are inaccurate due to the complex and confidential security and tunneling mechanisms used by VoIP. Therefore, in this paper, we proposed a generic, robust, efficient statistical analysis-based solution to identify encrypted and tunneled voice media flows. We extracted six statistical parameters, which are extracted for each flow and compared with threshold values while generating a number of rules to identify VoIP media calls. The paper also offers a complete architecture that can efficiently process high-speed traffic in order to detect VoIP flows at real-time. The proposed system, including the architecture and the algorithm, can be practically implemented in a real environment, such as ISP or telecommunication authority’s gateway. We implemented the system using the parallel environment of Hadoop ecosystem with Spark on the top of it to achieve the real-time processing. We evaluated the system by considering 1) the accuracy in terms of detection rate by computing the direct rate and false positive rate and 2) the efficiency in terms of processing power. The result shows that the system has 97.54% direct rate and.00015% false positive rate, which are quite high. The comparative study proved that the proposed system is more accurate than the existing techniques.
KW - Big data
KW - Hadoop
KW - Spark
KW - Tunneling
KW - VoIP
UR - http://www.scopus.com/inward/record.url?scp=85010831548&partnerID=8YFLogxK
U2 - 10.1007/s11042-017-4393-7
DO - 10.1007/s11042-017-4393-7
M3 - Article
AN - SCOPUS:85010831548
SN - 1380-7501
VL - 77
SP - 4959
EP - 4984
JO - Multimedia Tools and Applications
JF - Multimedia Tools and Applications
IS - 4
ER -