A technique for counting natted hosts
Proceedings of the 2nd ACM SIGCOMM Workshop on Internet measurment
Remote Physical Device Fingerprinting
SP '05 Proceedings of the 2005 IEEE Symposium on Security and Privacy
Tor: the second-generation onion router
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Why and How to Perform Fraud Experiments
IEEE Security and Privacy
HOTSEC'08 Proceedings of the 3rd conference on Hot topics in security
Monitoring the Bittorrent Monitors: A Bird's Eye View
PAM '09 Proceedings of the 10th International Conference on Passive and Active Network Measurement
Where's that phone?: geolocating IP addresses on 3G networks
Proceedings of the 9th ACM SIGCOMM conference on Internet measurement conference
Identity trail: covert surveillance using DNS
PET'07 Proceedings of the 7th international conference on Privacy enhancing technologies
A Practical Attack to De-anonymize Social Network Users
SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Privacy-preserving P2P data sharing with OneSwarm
Proceedings of the ACM SIGCOMM 2010 conference
LEET'10 Proceedings of the 3rd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
Crawling BitTorrent DHTs for fun and profit
WOOT'10 Proceedings of the 4th USENIX conference on Offensive technologies
One bad apple spoils the bunch: exploiting P2P applications to trace and profile Tor users
LEET'11 Proceedings of the 4th USENIX conference on Large-scale exploits and emergent threats
Towards street-level client-independent IP geolocation
Proceedings of the 8th USENIX conference on Networked systems design and implementation
Unraveling the BitTorrent Ecosystem
IEEE Transactions on Parallel and Distributed Systems
What's in a name: a study of names, gender inference, and gender behavior in facebook
DASFAA'11 Proceedings of the 16th international conference on Database systems for advanced applications
Hi-index | 0.00 |
In this paper, we show how to exploit real-time communication applications to determine the IP address of a targeted user. We focus our study on Skype, although other real-time communication applications may have similar privacy issues. We first design a scheme that calls an identified-targeted user inconspicuously to find his IP address, which can be done even if he is behind a NAT. By calling the user periodically, we can then observe the mobility of the user. We show how to scale the scheme to observe the mobility patterns of tens of thousands of users. We also consider the linkability threat, in which the identified user is linked to his Internet usage. We illustrate this threat by combining Skype and BitTorrent to show that it is possible to determine the filesharing usage of identified users. We devise a scheme based on the identification field of the IP datagrams to verify with high accuracy whether the identified user is participating in specific torrents. We conclude that any Internet user can leverage Skype, and potentially other real-time communication systems, to observe the mobility and filesharing usage of tens of millions of identified users.