Revealing skype traffic: when randomness plays with you
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
Computer Networks: The International Journal of Computer and Telecommunications Networking
LISA'10 Proceedings of the 24th international conference on Large installation system administration
Identifying skype traffic in a large-scale flow data repository
TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
Entropy estimation for real-time encrypted traffic identification
TMA'11 Proceedings of the Third international conference on Traffic monitoring and analysis
Skype-Hunter: A real-time system for the detection and classification of Skype traffic
International Journal of Communication Systems
Cachet: a decentralized architecture for privacy preserving social networking with caching
Proceedings of the 8th international conference on Emerging networking experiments and technologies
Detection and classification of peer-to-peer traffic: A survey
ACM Computing Surveys (CSUR)
Hi-index | 0.00 |
In the last years Skype has gained more and more attention from both the users and the scientific community. Namely, the users are interested in its ability to provide a free and reliable way to make phone calls over the Internet, while the scientific community is interested in the reverse-engineering process, because of the proprietary design of the application. In more detail, both Skype protocols and algorithms are unknown and use strong encryption mechanisms, making it very difficult to even reveal Skype presence inside a traffic aggregate. This issue is of primary interest for the scientific community and, above all, of big economical relevance for the operators. In this paper we propose a novel algorithm for detecting Skype traffic, based on both signature-based and statistical approaches. The proposed algorithm is able to reveal in real time the presence of Skype clients in the monitored network, and to distinguish among the several types of Skype "activities": direct calls, calls with relay node, SkypeOut calls, and file tranfers. To assess the effectiveness of our method we have tested the system over several traffic data sets, collected in different networks. Moreover we have compared the performance offered by our system with those provided by "classical" classification techniques, as well as by the state-of-the-art Skype classifier.