Traffic Analysis Attacks on Skype VoIP Calls

Skype is one of the most popular voice-over-IP (VoIP) service providers. One of the main reasons for the popularity of Skype VoIP services is its unique set of features to protect privacy of VoIP calls such as strong encryption, proprietary protocols, unknown codecs, dynamic path selection, and the constant packet rate. In this paper, we propose a class of passive traffic analysis attacks to compromise privacy of Skype VoIP calls. The proposed attacks are based on application-level features extracted from VoIP call traces. The proposed attacks are evaluated by extensive experiments over different types of networks including commercialized anonymity networks and our campus network. The experiment results show that the proposed traffic analysis attacks can greatly compromise the privacy of Skype calls. Possible countermeasure to mitigate the proposed traffic analysis attacks are analyzed in this paper

Traffic Analysis Attacks on Skype VoIP Calls

Skype is one of the most popular voice-over-IP (VoIP) service providers. One of the main reasons for the popularity of Skype VoIP services is its unique set of features to protect privacy of VoIP calls such as strong encryption, proprietary protocols, unknown codecs, dynamic path selection, and the constant packet rate. In this paper, we propose a class of passive traffic analysis attacks to compromise privacy of Skype VoIP calls. The proposed attacks are based on application-level features extracted from VoIP call traces. The proposed attacks are evaluated by extensive experiments over different types of networks including commercialized anonymity networks and our campus network. The experiment results show that the proposed traffic analysis attacks can greatly compromise the privacy of Skype calls. Possible countermeasure to mitigate the proposed traffic analysis attacks are analyzed in this paper

I Know Where You are and What You are Sharing: Exploiting P2P Communications to Invade Users' Privacy

In this paper, we show how to exploit real-time communication applications to determine the IP address of a targeted user. We focus our study on Skype, although other real-time communication applications may have similar privacy issues. We first design a scheme that calls an identified targeted user inconspicuously to find his IP address, which can be done even if he is behind a NAT. By calling the user periodically, we can then observe the mobility of the user. We show how to scale the scheme to observe the mobility patterns of tens of thousands of users. We also consider the linkability threat, in which the identified user is linked to his Internet usage. We illustrate this threat by combining Skype and BitTorrent to show that it is possible to determine the file-sharing usage of identified users. We devise a scheme based on the identification field of the IP datagrams to verify with high accuracy whether the identified user is participating in specific torrents. We conclude that any Internet user can leverage Skype, and potentially other real-time communication systems, to observe the mobility and file-sharing usage of tens of millions of identified users.Comment: This is the authors' version of the ACM/USENIX Internet Measurement Conference (IMC) 2011 pape

Interviews via VoIP: benefits and disadvantages within a PhD study of SMEs

The benefits and disadvantages of Voice over Internet Protocol (VoIP) are explored as part of a PhD study to conduct qualitative interviews to discuss risk management within records management. This was used in conjunction with an internet-based electronic whiteboard system to provide online collaboration between participant and researcher. This work describes interviews that were held separately with two participants from one small to medium enterprise (SME). An analysis of factors that might affect researcher choice of interview format is given, and the differences noted between other formats of ‘remote’ interview. Suggestions are made as to how other forms of e-communication may be used for interviews

Detecting and Mitigating Denial-of-Service Attacks on Voice over IP Networks

Voice over IP (VoIP) is more susceptible to Denial of Service attacks than traditional data traffic, due to the former's low tolerance to delay and jitter. We describe the design of our VoIP Vulnerability Assessment Tool (VVAT) with which we demonstrate vulnerabilities to DoS attacks inherent in many of the popular VoIP applications available today. In our threat model we assume an adversary who is not a network administrator, nor has direct control of the channel and key VoIP elements. His aim is to degrade his victim's QoS without giving away his presence by making his attack look like a normal network degradation. Even black-boxed, applications like Skype that use proprietary protocols show poor performance under specially crafted DoS attacks to its media stream. Finally we show how securing Skype relays not only preserves many of its useful features such as seamless traversal of firewalls but also protects its users from DoS attacks such as recording of conversations and disruption of voice quality. We also present our experiences using virtualization to protect VoIP applications from 'insider attacks'. Our contribution is two fold we: 1) Outline a threat model for VoIP, incorporating our attack models in an open-source network simulator/emulator allowing VoIP vendors to check their software for vulnerabilities in a controlled environment before releasing it. 2) We present two promising approaches for protecting the confidentiality, availability and authentication of VoIP Services

Pilot Open Case Series of Voice over Internet Protocol-Delivered Assessment and Behavior Therapy for Chronic Tic Disorders

Comprehensive Behavioral Intervention for Tics (CBIT) is an efficacious treatment for children with chronic tic disorders (CTDs). Nevertheless, many families of children with CTDs are unable to access CBIT due to a lack of adequately trained treatment providers, time commitment, and travel distance. This study established the interrater reliability between in-person and Voice over Internet Protocol (VoIP) administrations of the Yale Global Tic Severity Scale (YGTSS), and examined the preliminary efficacy, feasibility, and acceptability of VoIP-delivered CBIT for reducing tics in children with CTDs in an open case series. Across in-person and VoIP administrations of the YGTSS, results showed mean agreement of 91%, 96%, and 95% for motor, phonic, and total tic severity subscales. In the pilot feasibility study, 4 children received 8 weekly sessions of CBIT via VoIP and were assessed at pre- and posttreatment by an independent evaluator. Results showed a 29.44% decrease in clinician-rated tic severity from pre- to posttreatment on the YGTSS. Two of the 4 patients were considered treatment responders at posttreatment, using Clinical Global Impressions–Improvement ratings. Therapeutic alliance, parent and child treatment satisfaction, and videoconferencing satisfaction ratings were high. CBIT was considered feasible to implement via VoIP, although further testing is recommended

Evaluation of users’ perspective on VOIP’s security vulnerabilities

Voice over Internet protocol (VoIP) represents a major newish trend in telecommunications and an alternative to traditional phone systems. VoIP uses IP networks and therefore inherits their vulnerabilities. Adding voice traffic to IP networks complicates security issues and introduces a range of vulnerabilities. A VoIP system may face either an exclusive attack or an attack to the underlying IP network. The significance of security and privacy in VoIP communications are well known, and many studies mostly from the technical perspective have been published. However to date, no known research has been conducted to evaluate users’ perspectives on these issues. In light of this scarcity, we carried out a survey to evaluate users’ awareness of VoIP security vulnerabilities, and their attitudes towards privacy in VoIP communications. An overall finding highlights the fact that the majority of participants are neither concerned about VoIP privacy (eavesdropping) or VoIP security

On Traffic Analysis Attacks to Encrypted VOIP Calls

The increasing popularity of VoIP telephony has brought a lot of attention and concern over security and privacy issues of VoIP communication. This thesis proposes a new class of traffic analysis attacks to encrypted VoIP calls. The goal of these attacks is to detect speaker or speech of encrypted VoIP calls. The proposed traffic analysis attacks exploit silent suppression, an essential feature of VoIP telephony. These attacks are based on application-level features so that the attacks can detect the same speech or the same speaker of different VoIP calls made with different VoIP codecs. We evaluate the proposed attacks by extensive experiments over different type of networks including commercialized anonymity networks and campus networks. The experiments show that the proposed traffic analysis attacks can detect speaker and speech of encrypted VoIP calls with a high detection rate which is a great improvement comparing with random guess. With the help of intersection attacks, the detection rate for speaker detection can be increased. In order to shield the detrimental effect of this proposed attacks, a countermeasure is proposed to mitigate the proposed traffic analysis attack

On Traffic Analysis Attacks to Encrypted VOIP Calls

The increasing popularity of VoIP telephony has brought a lot of attention and concern over security and privacy issues of VoIP communication. This thesis proposes a new class of traffic analysis attacks to encrypted VoIP calls. The goal of these attacks is to detect speaker or speech of encrypted VoIP calls. The proposed traffic analysis attacks exploit silent suppression, an essential feature of VoIP telephony. These attacks are based on application-level features so that the attacks can detect the same speech or the same speaker of different VoIP calls made with different VoIP codecs. We evaluate the proposed attacks by extensive experiments over different type of networks including commercialized anonymity networks and campus networks. The experiments show that the proposed traffic analysis attacks can detect speaker and speech of encrypted VoIP calls with a high detection rate which is a great improvement comparing with random guess. With the help of intersection attacks, the detection rate for speaker detection can be increased. In order to shield the detrimental effect of this proposed attacks, a countermeasure is proposed to mitigate the proposed traffic analysis attack