Practical network support for IP traceback
Proceedings of the conference on Applications, Technologies, Architectures, and Protocols for Computer Communication
IEEE/ACM Transactions on Networking (TON)
Supporting Fine-grained Data Lineage in a Database Visualization Environment
ICDE '97 Proceedings of the Thirteenth International Conference on Data Engineering
Why and Where: A Characterization of Data Provenance
ICDT '01 Proceedings of the 8th International Conference on Database Theory
Chimera: AVirtual Data System for Representing, Querying, and Automating Data Derivation
SSDBM '02 Proceedings of the 14th International Conference on Scientific and Statistical Database Management
Practical Lineage Tracing in Data Warehouses
ICDE '00 Proceedings of the 16th International Conference on Data Engineering
Tracking anonymous peer-to-peer VoIP calls on the internet
Proceedings of the 12th ACM conference on Computer and communications security
Signaling Vulnerabilities in Wiretapping Systems
IEEE Security and Privacy
End-to-end routing behavior in the internet
ACM SIGCOMM Computer Communication Review
ULDBs: databases with uncertainty and lineage
VLDB '06 Proceedings of the 32nd international conference on Very large data bases
ICASSP '01 Proceedings of the Acoustics, Speech, and Signal Processing, 200. on IEEE International Conference - Volume 02
Passive data link layer 802.11 wireless device driver fingerprinting
USENIX-SS'06 Proceedings of the 15th conference on USENIX Security Symposium - Volume 15
Non-intrusive single-ended speech quality assessment in VoIP
Speech Communication
Proceedings of the 13th annual ACM international conference on Mobile computing and networking
On the Effectiveness of Flexible Deterministic Packet Marking for DDoS Defense
NPC '07 Proceedings of the 2007 IFIP International Conference on Network and Parallel Computing Workshops
A taxonomy of internet traceback
International Journal of Security and Networks
Proceedings of the 1st international conference on Forensic applications and techniques in telecommunications, information, and multimedia and workshop
Provenance and scientific workflows: challenges and opportunities
Proceedings of the 2008 ACM SIGMOD international conference on Management of data
Random k-Labelsets: An Ensemble Method for Multilabel Classification
ECML '07 Proceedings of the 18th European conference on Machine Learning
Multi-flow attacks against network flow watermarking schemes
SS'08 Proceedings of the 17th conference on Security symposium
Effective multi-label active learning for text classification
Proceedings of the 15th ACM SIGKDD international conference on Knowledge discovery and data mining
Binary and graded relevance in IR evaluations-Comparison of the effects on ranking of IR systems
Information Processing and Management: an International Journal
Scalable Web Content Attestation
ACSAC '09 Proceedings of the 2009 Annual Computer Security Applications Conference
P.563—The ITU-T Standard for Single-Ended Speech Quality Assessment
IEEE Transactions on Audio, Speech, and Language Processing
VoIP Quality Assessment: Taking Account of the Edge-Device
IEEE Transactions on Audio, Speech, and Language Processing
Automated remote repair for mobile malware
Proceedings of the 27th Annual Computer Security Applications Conference
Audio codec identification from coded and transcoded audios
Digital Signal Processing
| Hi-index | 0.00 |
The recent diversification of telephony infrastructure allows users to communicate through landlines, mobile phones and VoIP phones. However, call metadata such as Caller-ID is either not transferred or transferred without verification across these networks, allowing attackers to maliciously alter it. In this paper, we develop PinDr0p, a mechanism to assist users in determining call provenance - the source and the path taken by a call. Our techniques detect and measure single-ended audio features to identify all of the applied voice codecs, calculate packet loss and noise profiles, while remaining agnostic to characteristics of the speaker's voice (as this may legitimately change when interacting with a large organization). In the absence of verifiable call metadata, these features in combination with machine learning allow us to determine the traversal of a call through as many as three different providers (e.g., cellular, then VoIP, then PSTN and all combinations and subsets thereof) with 91.6% accuracy. Moreover, we show that once we identify and characterize the networks traversed, we can create detailed fingerprints for a call source. Using these fingerprints we show that we are able to distinguish between calls made using specific PSTN, cellular, Vonage, Skype and other hard and soft phones from locations across the world with over 90% accuracy. In so doing, we provide a first step in accurately determining the provenance of a call.