On Privacy of Encrypted Speech Communications

Silence suppression, an essential feature of speech communications over the Internet, saves bandwidth by disabling voice packet transmissions when silence is detected. However, silence suppression enables an adversary to recover talk patterns from packet timing. In this paper, we investigate privacy leakage through the silence suppression feature. More specifically, we propose a new class of traffic analysis attacks to encrypted speech communications with the goal of detecting speakers of encrypted speech communications. These attacks are based on packet timing information only and the attacks can detect speakers of speech communications made with different codecs. We evaluate the proposed attacks with extensive experiments over different type of networks including commercial anonymity networks and campus networks. The experiments show that the proposed traffic analysis attacks can detect speakers of encrypted speech communications with high accuracy based on traces of 15 minutes long on average

Hiding Traffic Patterns in VoIP Communication

Voice over IP(VoIP) is widely used in today\u27s communication, VoIP is a methodology that able to converts analog voice signals into digital data packets and support real-time, two-way transmission of conversations using Internet Protocol. Despite of the fact that VoIP technology have greatly developed since the earliest design, it still suffer from the common problem that affect Internet security: hacker. Currently Timing-based attack is the most famous attack method on VoIP. Timing-based traffic analysis attacks mainly based on packet inter-arrival time. Attackers are able to analyze the packet sending time intervals and export user\u27s talking pattern. Finally, attacker can identify the user by comparing the exported talking pattern with the talking pattern in their databases. Therefore, to protect user\u27s identity, we propose a new application to hide user\u27s talking pattern. In this thesis, we address issues related to traffic analysis attacks and the corresponding countermeasures in VoIP traffic. We focus on a particular class of traffic analysis attack, timing-based correlation attacks, by which an adversary attempt to analyze packet inter-arrival time of a user and correlate the output traffic with the traffic in their database. Correlation method that is used in this type of attack, namely Dynamic Time Warping(DTW) based Correlation. Based on our threat model and known strategies in existing VoIP communication, we develop methods that can effectively counter the timing-based correlation attacks. The empirical results shows the effectiveness of the proposed scheme in term of countering timing-based correlation attacks. Our experimental result showed that our application is able to hide user\u27s identity in VoIP communication, with a few modifications in the sending process