Revealing skype traffic: when randomness plays with you
Proceedings of the 2007 conference on Applications, technologies, architectures, and protocols for computer communications
What is the impact of p2p traffic on anomaly detection?
RAID'10 Proceedings of the 13th international conference on Recent advances in intrusion detection
Friends of an enemy: identifying local members of peer-to-peer botnets using mutual contacts
Proceedings of the 26th Annual Computer Security Applications Conference
Hi-index | 0.00 |
In this paper we present an algorithm that is able to progressively discover nodes of a Skype overlay P2P network. Most notably, super nodes in the network core. Starting from a single, known Skype node, we can easily identify other Skype nodes in the network, through the analysis of widely available and standardized IPFIX (NetFlow) data. Instead of relying on the analysis of content characteristics or packet properties of the flow itself, we monitor connections of known Skype nodes in the network and then progressively discover the other nodes through the analysis of their mutual contacts.