Strategy for Detecting IP Address of LINE VOIP Network Packets by Using the Decision-Tree Approach

Abstract

With the widespread use of encryption techniques in network instant messaging applications, encrypted traffic has become a great challenge for digital surveillance. As the threats of frauds and deceptions in social media communications have increased, Law Enforcement Agencies (LEAs) face tremendous problems in identifying anonymous suspects. Although the transferred message is encrypted, there are some digital trace evidences on the end users' Internet protocol (IP) address. This paper aims to investigate an effective mechanism to analyze the IP address of the voice over IP (VoIP) caller without any help from Internet Service Providers (ISPs) or other LEAs. In this paper, we propose a learning-based approach that integrates a decision tree by sniffing the LINE application VoIP network packets at the client-user side. Our proposed IP-address detection strategy can handle the identification of the end user. A decision-tree approach was adopted to analyze the target's remote IP address of VoIP calls in four scenarios. The accuracy rate for identifying the speaker's IP address for the decision tree was 65.1%. To improve the detection rates, other machine algorithms can be developed in future research.