-
Adversary Simulation
Our best in class red team can deliver a holistic cyber attack simulation to provide a true evaluation of your organisation’s cyber resilience.
-
Application
SecurityLeverage the team behind the industry-leading Web Application and Mobile Hacker’s Handbook series.
-
Penetration
TestingMDSec’s penetration testing team is trusted by companies from the world’s leading technology firms to global financial institutions.
-
Response
Our certified team work with customers at all stages of the Incident Response lifecycle through our range of proactive and reactive services.
Practical Attacks Against Encrypted VoIP Communications
At HackInTheBox KUL 2013, we demonstrated two possible techniques that could be used to perform side channel attacks on packet captures of encrypted VoIP communications.
The two techniques, Dynamic Time Warping and Profile Hidden Markov Models, can be used to detect spoken conversations in encrypted VoIP sessions when a Variable Bitrate Codec is used with a length preserving cipher. Ultimately, this poses a significant risk to the confidentiality of encrypted conversations and we demonstrated this, using Skype as a case study.
The slides for our presentation can be found below:
The associated source code will also be released in due course via our github page.
