The Community for Technology Leaders
RSS Icon
Issue No.04 - April (2011 vol.22)
pp: 621-633
Mudhakar Srivatsa , IBM T.J. Watson Research Center, Hawthorne
Arun Iyengar , IBM T.J. Watson Research Center, Hawthorne
Ling Liu , Georgia Institute of Technology, Atlanta
Hongbo Jiang , Huazhong University of Science and Technology, Wuhan
(A short version of this paper appears in IEEE INFOCOM 2009: Peer-to-peer VoIP (voice over IP) networks, exemplified by Skype [5], are becoming increasingly popular due to their significant cost advantage and richer call forwarding features than traditional public switched telephone networks. One of the most important features of a VoIP network is privacy (for VoIP clients). Unfortunately, most peer-to-peer VoIP networks neither provide personalization nor guarantee a quantifiable privacy level. In this paper, we propose novel flow analysis attacks that demonstrate the vulnerabilities of peer-to-peer VoIP networks to privacy attacks. We then address two important challenges in designing privacy-aware VoIP networks: Can we provide personalized privacy guarantees for VoIP clients that allow them to select privacy requirements on a per-call basis? How to design VoIP protocols to support customizable privacy guarantee? This paper proposes practical solutions to address these challenges using a quantifiable k-anonymity metric and a privacy-aware VoIP route setup and route maintenance protocols. We present detailed experimental evaluation that demonstrates the performance and scalability of our protocol, while meeting customizable privacy guarantees.
VoIP networks, privacy, k-anonymity, mix networks, flow analysis attacks.
Mudhakar Srivatsa, Arun Iyengar, Ling Liu, Hongbo Jiang, "Privacy in VoIP Networks: Flow Analysis Attacks and Defense", IEEE Transactions on Parallel & Distributed Systems, vol.22, no. 4, pp. 621-633, April 2011, doi:10.1109/TPDS.2010.122
[1] "GT-ITM: Georgia, Tech Internetwork Topology Models,", 2010.
[2] "The Network Simulator NS-2,", 2010.
[3] "The Network Simulator NS-2: Topology Generation," , 2010.
[4] "Phex Client," http:/, 2010.
[5] "Skype—The Global Internet Telephone Company," http:/, 2010.
[6] "Telegeography Research," http:/, 2010.
[7] A. Back, I. Goldberg, and A. Shostack, "Freedom 2.1 Security Issues and Analysis," Zero Knowledge Systems, Inc., White Paper, 2001.
[8] A. Blum, D. Song, and S. Venkataraman, "Detection of Interactive Stepping Stones: Algorithms and Confidence bounds," Proc. Seventh Symp. Recent Advances in Intrusion Detection (RAID), 2004.
[9] D. Chaum, "Untraceable Electronic Mail, Return Addresses, and Digital Pseudonyms," Comm. ACM, vol. 24, no. 2, pp. 84-88, 1981.
[10] R. Dingledine, N. Mathewson, and P. Syverson, "Tor: The Second Generation Onion Router," Proc. 13th USENIX Security Symp., 2000.
[11] D.L. Donoho, A.G. Flesia, U. Shankar, V. Paxson, J. Coit, and S. Staniford, "Multiscale Stepping Stone Detection: Detecting Pairs of Jittered Interactive Streams by Exploiting Maximum Tolerable Delay," Proc. Fifth Symp. Recent Advances in Intrusion Detection (RAID), 2002.
[12] "Eclipse. Aspectj Compiler," http://eclipse.orgaspectj, 2010.
[13] "FBI. Letter to FCC," , 2009.
[14] B. Fortz and M. Thorup, "Optimizing OSPF/IS-IS Weights in a Changing World," IEEE J. Selected Areas in Comm., vol. 20, no. 4, pp. 756-767, May 2002.
[15] M.J. Freedman and R. Morris, "Tarzan: A Peer-to-Peer Anonymizing Network Layer," Proc. Ninth ACM Conf. Computer and Comm. Security (CCS), 2002.
[16] D. Goldschlag, M. Reed, and P. Syverson, "Onion Routing for Anonymous and Private Internet Connections," Comm. ACM, vol. 42, no. 2, 1999.
[17] K. Gummadi, R. Gummadi, S. Gribble, S. Ratnasamy, S. Shenker, and I. Stoica, "The Impact of DHT Routing Geometry on Resilience and Proximity," Proc. ACM SIGCOMM, 2003.
[18] J.Y. Hui, Switching and Traffic Theory for Integrated Broadband Networks. Springer, 1990.
[19] G. Perng, M.K. Reiter, and C. Wang, "M2: Multicasting Mixes for Efficient and Anonymous Communication," Proc. IEEE Int'l Conf. Distributed Computing Systems (ICDCS), 2006.
[20] A. Pfitzmann, B. Pfitzmann, and M. Waidner, "ISDN-MIXes: Untraceable Communication with Small Bandwidth Overhead," Proc. GI/ITG Conf. Comm. in Distributed Systems, 1991.
[21] A. Pfitzmann and M. Waidner, "Networks without User Observability," Computers and Security, vol. 6, no. 2, pp. 158-166, 1987.
[22] L. Qiu, V.N. Padmanabhan, and G.M. Voelker, "On the Placement of Web Server Replicas," Proc. IEEE INFOCOM, 2001.
[23] S. Saroiu, P.K. Gummadi, and S.D. Gribble, "A Measurement Study of Peer-to-Peer File Sharing Systems," Proc. Multimedia Computing and Networks (MMCN) Conf., 2002.
[24] C. Shields and B.N. Levine, "A Protocol for Anonymous Communication over the Internet," Proc. ACM Conf. Computer and Comm. Security (CCS), 2000.
[25] V. Shmatikov and M.H. Wang, "Timing Analysis in Low Latency Mix Networks: Attacks and Defenses," Proc. 11th European Symp. Research in Computer Security (ESORICS), 2006.
[26] G.I. Sound, "VoIP: Better than PSTN?" http://www.globalip , 2010.
[27] M. Srivatsa, A. Iyengar, and L. Liu, "Privacy in VOIP Networks: A k-Anonymity Approach," Technical Report IBM Research RC24625, 2008.
[28] P. Syverson, G. Tsudik, M. Reed, and C. Landwehr, "Towards an Analysis of Onion Routing Security," Proc. Workshop Design Issues in Anonymity and Unobservability, 2000.
[29] C.J. Van-Rijsbergen, Information Retrieval, second ed. Butterworths, 1979.
[30] X. Wang, S. Chen, and S. Jajodia, "Tracking Anonymous Peer-to-Peer VoIP Calls on the Internet," Proc. 12th ACM Conf. Computer and Comm. Security (CCS), 2005.
[31] X. Wang and D. Reeves, "Robust Correlation of Encrypted Attack Traffic through Stepping Stones by Manipulation of Interpacket Delays," Proc. 10th ACM Conf. Computer and Comm. Security (CCS), 2003.
[32] X. Wang, D. Reeves, and S. Wu, "Inter-Packet Delay Based Correlation for Tracing Encrypted Connections through Stepping Stones," Proc. Seventh European Symp. Research in Computer Security (ESORICS), 2002.
[33] X.Y. Wang and D.S. Reeves, "Robust Correlation of Encrypted Attack Traffic through Stepping Stones by Manipulation of Interpacket Delays," Proc. ACM Conf. Computer and Comm. Security (CCS), 2003.
[34] K. Yoda and H. Etoh, "Finding a Connection Chain for Tracing Intruders," Proc. Sixth European Symp. Research in Computer Security (ESORICS), 2000.
[35] E.W. Zegura, K. Calvert, and S. Bhattacharjee, "How to Model an Internetwork?" Proc. IEEE INFOCOM, 1996.
[36] Y. Zhang and V. Paxon, "Detecting Stepping Stones," Proc. Ninth USENIX Security Symp., 2000.
15 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool