Engineering Commons^™

Fast Rtp Detection And Codecs Classification In Internet Traffic, Petr Matousek, Ondrej Rysavy, Martin Kmet

Journal of Digital Forensics, Security and Law

This paper presents a fast multi-stage method for on-line detection of RTP streams and codec identification of transmitted voice or video traffic. The method includes an RTP detector that filters packets based on specific values from UDP and RTP headers. When an RTP stream is successfully detected, codec identification is applied using codec feature sets. The paper shows advantages and limitations of the method and its comparison with other approaches. The method was implemented as a part of network forensics framework NetFox developed in project SEC6NET. Results show that the method can be successfully used for Lawful Interception as well …