A Real-Time Algorithm for Skype Traffic Detection and Classification

Authors:
D. Adami;C. Callegari;S. Giordano;M. Pagano;T. Pepe
Affiliations:
Dept. of Information Engineering, University of Pisa, Italy;Dept. of Information Engineering, University of Pisa, Italy;Dept. of Information Engineering, University of Pisa, Italy;Dept. of Information Engineering, University of Pisa, Italy;Dept. of Information Engineering, University of Pisa, Italy
Venue:
NEW2AN '09 and ruSMART '09 Proceedings of the 9th International Conference on Smart Spaces and Next Generation Wired/Wireless Networking and Second Conference on Smart Spaces
Year:
2009

Citing 2
Cited 6

Revealing skype traffic: when randomness plays with you

Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Understanding Skype signaling

Computer Networks: The International Journal of Computer and Telecommunications Networking

YAF: yet another flowmeter

LISA'10 Proceedings of the 24th international conference on Large installation system administration
Identifying skype traffic in a large-scale flow data repository

TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
Entropy estimation for real-time encrypted traffic identification

TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
Skype-Hunter: A real-time system for the detection and classification of Skype traffic

International Journal of Communication Systems
Cachet: a decentralized architecture for privacy preserving social networking with caching

Proceedings of the 8th international conference on Emerging networking experiments and technologies
Detection and classification of peer-to-peer traffic: A survey

ACM Computing Surveys (CSUR)

Quantified Score

Hi-index	0.00

Visualization

Abstract

In the last years Skype has gained more and more attention from both the users and the scientific community. Namely, the users are interested in its ability to provide a free and reliable way to make phone calls over the Internet, while the scientific community is interested in the reverse-engineering process, because of the proprietary design of the application. In more detail, both Skype protocols and algorithms are unknown and use strong encryption mechanisms, making it very difficult to even reveal Skype presence inside a traffic aggregate. This issue is of primary interest for the scientific community and, above all, of big economical relevance for the operators. In this paper we propose a novel algorithm for detecting Skype traffic, based on both signature-based and statistical approaches. The proposed algorithm is able to reveal in real time the presence of Skype clients in the monitored network, and to distinguish among the several types of Skype "activities": direct calls, calls with relay node, SkypeOut calls, and file tranfers. To assess the effectiveness of our method we have tested the system over several traffic data sets, collected in different networks. Moreover we have compared the performance offered by our system with those provided by "classical" classification techniques, as well as by the state-of-the-art Skype classifier.