Issue No. 04 - April (2011 vol. 22)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TPDS.2010.122
Mudhakar Srivatsa , IBM T.J. Watson Research Center, Hawthorne
Arun Iyengar , IBM T.J. Watson Research Center, Hawthorne
Ling Liu , Georgia Institute of Technology, Atlanta
Hongbo Jiang , Huazhong University of Science and Technology, Wuhan
(A short version of this paper appears in IEEE INFOCOM 2009: http://www.research.ibm.com/people/i/iyengar/INFOCOM2009-kanon.pdf.) Peer-to-peer VoIP (voice over IP) networks, exemplified by Skype , are becoming increasingly popular due to their significant cost advantage and richer call forwarding features than traditional public switched telephone networks. One of the most important features of a VoIP network is privacy (for VoIP clients). Unfortunately, most peer-to-peer VoIP networks neither provide personalization nor guarantee a quantifiable privacy level. In this paper, we propose novel flow analysis attacks that demonstrate the vulnerabilities of peer-to-peer VoIP networks to privacy attacks. We then address two important challenges in designing privacy-aware VoIP networks: Can we provide personalized privacy guarantees for VoIP clients that allow them to select privacy requirements on a per-call basis? How to design VoIP protocols to support customizable privacy guarantee? This paper proposes practical solutions to address these challenges using a quantifiable k-anonymity metric and a privacy-aware VoIP route setup and route maintenance protocols. We present detailed experimental evaluation that demonstrates the performance and scalability of our protocol, while meeting customizable privacy guarantees.
VoIP networks, privacy, k-anonymity, mix networks, flow analysis attacks.
Mudhakar Srivatsa, Arun Iyengar, Ling Liu, Hongbo Jiang, "Privacy in VoIP Networks: Flow Analysis Attacks and Defense", IEEE Transactions on Parallel & Distributed Systems, vol. 22, no. , pp. 621-633, April 2011, doi:10.1109/TPDS.2010.122