Electronic Commerce Research

, Volume 19, Issue 3, pp 655–687 | Cite as

A survey on anonymous voice over IP communication: attacks and defenses

  • Ge ZhangEmail author
  • Simone Fischer-Hübner


Anonymous voice over IP (VoIP) communication is important for many users, in particular, journalists, human rights workers and themilitary. Recent research work has shown an increasing interest in methods of anonymous VoIP communication. This survey starts by introducing and identifying the major concepts and challenges in this field. Then we review anonymity attacks on VoIP and the existing work done to design defending strategies. We also propose a taxonomy of attacks and defenses. Finally, we discuss possible future work.


SIP VoIP Anonymity Privacy 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Agrawal, D., Kesdogan, D.: Measuring anonymity: The disclosure attack. IEEE Security and Privacy 1, 27–34 (2003)CrossRefGoogle Scholar
  2. 2.
    Backes, M., Doychev, G., Dürmuth, M., & Köpf, B. (2010). Speaker recognition in encrypted voice streams. ESORICS '10: Proceedings of the 15th European Symposium on Research in Computer Security, LNCS. New York: SpringerGoogle Scholar
  3. 3.
    Baugher, M., McGrew, D., Naslund, M., Carrara, E., & Norrman, K. (2004). The Secure Real-Time Transport Protocol (SRTP). RFC 3711Google Scholar
  4. 4.
    Berners-Lee, T., Fielding, R., & Masinter, L. (2005). Uniform Resource Identifier (URI): Generic Syntax. RFC 3986Google Scholar
  5. 5.
    Berthold, O., Federrath, H., Köpsell, S.: Web mixes: A system for anonymous and unobservable internet access. International Workshop on Designing Privacy Enhancing Technologies, pp. 115–129. Springer, New York, NY (2001)CrossRefGoogle Scholar
  6. 6.
    Buccafurri, F., Lax, G.: Implementing disposable credit card numbers by mobile phones. Electronic Commerce Research 11, 271–296 (2011)CrossRefGoogle Scholar
  7. 7.
    Chang, H.: The security service rating design for it convergence services. Electronic Commerce Research 1, 1–12 (2013)Google Scholar
  8. 8.
    Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24, 84–90 (1981)CrossRefGoogle Scholar
  9. 9.
    Chen, S., Wang, X., Jajodia, S.: On the anonymity and traceability of peer-to-peer voip calls. IEEE Network 20, 32–37 (2006)CrossRefGoogle Scholar
  10. 10.
    Clark, J., van Oorschot, P., & Adams,C. (2007). Usability of anonymous web browsing: an examination of tor interfaces and deployability. In Proceedings of the 3rd Symposium on Usable Privacy and Security, SOUPS '07 (pp. 41–51). New York, NY: ACMGoogle Scholar
  11. 11.
    Coskun, B., & Memon, N. (2010). Tracking encrypted voip calls via robust hashing of network flows. In ICASSP '10: Proceedings of the IEEE 2010 International Conference on Acoustics, Speech, and Signal Processing (pp. 1818–1821). IEEEGoogle Scholar
  12. 12.
    Danezis, G. (2003). Statistical disclosure attacks. In Proceedings of the IFIP TC11 18th International Conference on Information Security (SEC '03) (pp. 421-426). Athens: KluwerGoogle Scholar
  13. 13.
    Danezis, G., Diaz, C., Troncoso, C., & Laurie, B. (2010). Drac: An architecture for anonymous low volume communications. In PETS '10: Proceedings of the 10th international conference on Privacy enhancing technologies (pp. 202–219). Berlin: SpringerGoogle Scholar
  14. 14.
    Danezis, G., Dingledine, R., & Mathewson, N. (2003). Mixminion: Design of a type III anonymous remailer protocol. In SP '03: Proceedings of the 2003 IEEE Symposium on Security and Privacy (p. 2). Washington, DC: IEEE Computer SocietyGoogle Scholar
  15. 15.
    Dierks, T., & Rescorla, E. (2008). The Transport Layer Security (TLS) Protocol Version 1.2. RFC 5246Google Scholar
  16. 16.
    Dingledine, R., Mathewson, N., & Syverson, P. (2004). Tor: The second-generation onion router. In SSYM'04: Proceedings of the 13th Conference on USENIX Security Symposium (pp. 21-21). Berkeley, CA: USENIX AssociationGoogle Scholar
  17. 17.
    European Commission. (2012). Proposal for a Regulation of the European Parliament and of the Council on the Protection of Indivuduals with regard to the Processinf of Personal Data and on the Free Movement of Such Data (General Data Protection Regulation). COM(2012) 11 final, BrusselsGoogle Scholar
  18. 18.
    Google, Facebook, Dropbox, Yahoo, Microsoft, Paltalk, AOL And Apple Deny Participation In NSA PRISM Surveillance Program. (2013). Retrived at 18 June 2013 from
  19. 19.
    Handley, M., & Jacobson, V. (1998). SDP: Session description protocol. RFC 2327Google Scholar
  20. 20.
    Karopoulos, G., Kambourakis, G., Gritzalis, S.: PrivaSIP: Ad-hoc identity privacy in SIP. Computer Standards & Interfaces 33, 301–314 (2011)CrossRefGoogle Scholar
  21. 21.
    Karopoulos, G., Kambourakis, G., Gritzalis, S., Konstantinou, E.: A framework for identity privacy in SIP. Journal of Network and Computer Applications 33, 16–28 (2010)CrossRefGoogle Scholar
  22. 22.
    Kent, S., & Seo, K. (2005). Security architecture for the internet protocol. RFC 4301Google Scholar
  23. 23.
    Khan, L., Baig, M., Youssef, A.M.: Speaker recognition from encrypted voip communications. Digital Investigation 7, 65–73 (2010)CrossRefGoogle Scholar
  24. 24.
    Levine, B. N., Reiter, M. K., Wang, C., & Wright, M. (2004). Timing attacks in low-latency mix systems (extended abstract). In FC '04: Proceedings of the 8th International Conference on Financial Cryptography (pp. 251–265). Berlin: SpringerGoogle Scholar
  25. 25.
    Liberatore, M., Gurung, B., Levine, B.N., Wright, M.: Empirical tests of anonymous voice over IP. Journal of Network and Computer Applications 34, 341–350 (2011)CrossRefGoogle Scholar
  26. 26.
    Lu, Y., & Zhu, Y. (2010). Correlation-based traffic analysis on encrypted voip traffic. In NSWCTC '10: Proceedings of the 2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing (pp. 45–48). Washington, DC: IEEE Computer SocietyGoogle Scholar
  27. 27.
    Mahy, R., Matthews, P., Rosenberg, J. (2010). Traversal using relays around nat (turn): Relay extensions to session traversal utilities for nat (stun). RFC 5766Google Scholar
  28. 28.
    Melchor, C. A., Deswarte, Y., & Iguchi-Cartigny, J. (2007). Closed-circuit unobservable voice over IP. In ACSAC '07: Proceedings of the 23rd Computer Security Applications Conference (pp. 119–128). IEEEGoogle Scholar
  29. 29.
    Munakata, M., Schubert, S., & Ohba, T. (2010). User-agent-driven privacy mechanism for sip. RFC 5767Google Scholar
  30. 30.
    Steiner, P. (1993). On the Internet, nobody knows you're a dog., The New Yorker (p. 61)Google Scholar
  31. 31.
    Peterson, J. (2002). A privacy mechanism for the session initiation protocol (SIP). RFC 3323Google Scholar
  32. 32.
    Pfitzmann, A., & Hansen, M. (2010). A terminology for talking about privacy by data minimization: Anonymity, unlinkability, undetectability, unobservability, pseudonymity, and identity management., v0.34
  33. 33.
    Pfitzmann, A., Pfitzmann, B., & Waidner, M. (1991). ISDN-MIXes: Untraceable communication with small bandwidth overhead. Kommunikation in Verteilten Systemen, Grundlagen, Anwendungen, Betrieb, GI/ITG-Fachtagung, pp. 451-463. London: SpringerGoogle Scholar
  34. 34.
    Ramsdell, B., & Turner, S. (2010). Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.2 Message Specification. RFC 5751Google Scholar
  35. 35.
    Recommendation G.114: One-way Transmission Time. (2013). Retrived at 21 July, 2013 from
  36. 36.
    Rennhard, M., Rafaeli, S., Mathy, L., Plattner, B., Hutchison, D.: Towards pseudonymous e-commerce. Electronic Commerce Research 4, 83–111 (2004)CrossRefGoogle Scholar
  37. 37.
    Rosenberg, J. (2009). Obtaining and using globally routable user agent uris (gruus) in the session initiation protocol (sip). RFC 5627Google Scholar
  38. 38.
    Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., & Schooler, E. (2002). SIP: Session initiation protocol. RFC 3261Google Scholar
  39. 39.
    Schulzrinne, H., Casner, S., Frederick, R., & Jacobson, V. (2003). RTP: A transport protocol for realtime applications. RFC 3550Google Scholar
  40. 40.
    Schulzrinne, H., & Taylor, T. (2006). RTP payload for DTMF digits, telephony tones, and telephony signals. RFC 4733Google Scholar
  41. 41.
    Sengar, H., Ren, Z., Wang, H., Wijesekera, D., & Jajodia, S. (2010). Tracking skype voip calls over the internet. In INFOCOM '10: Proceedings of the 30th IEEE Conference on Computer Communications (pp. 1–5). Washington, DC: IEEE Computer SocietyGoogle Scholar
  42. 42.
    Shen, C., Schulzrinne, H.: A VoIP privacy mechanism and its application in VoIP peering for voice service provider topology and identity hiding. ICC 57, 3844–3849 (2006)Google Scholar
  43. 43.
    Skype. (2013). Retrived at 11 June, 2013 from
  44. 44.
    Skype Security, Skype Homepage. (2013). Retrived 21 July, 2013 from
  45. 45.
    Srivatsa, M., Iyengar, A., Liu, L., Jiang, H.: Privacy in voip networks: Flow analysis attacks and defense. IEEE Transactions on Parallel and Distributed Systems 22, 621–633 (2011)CrossRefGoogle Scholar
  46. 46.
    Srivatsa, M., Liu, L., & Iyengar, A. (2008). Preserving caller anonymity in voice-over-ip networks. In SP '08: Proceedings of the 29th IEEE Symposium on Security and Privacy (pp. 50–63). Washington, DC: IEEE Computer SocietyGoogle Scholar
  47. 47.
    Srivatsa, M., Liu, L., & Iyengar, A. (2009). Privacy in voip networks: A k-anonymity approach. In INFOCOM'09: Proceedings of the 29th IEEEConference on Computer Communications. Washington, DC: IEEE Computer SocietyGoogle Scholar
  48. 48.
    Sweeney, L.: k-Anonymity: A model for protecting privacy. International Journal on Uncertainty, Fuzziness and Knowledge-based Systems 5, 557–570 (2002)CrossRefGoogle Scholar
  49. 49.
    Taylor, D., Davis, D., Jillapalli, R.: Privacy concern and online personalization: The moderating effects of information control and compensation. Electronic Commerce Research 9, 203–223 (2009)CrossRefGoogle Scholar
  50. 50.
    TORFone. (2013). Retrivd 18 June, 2013
  51. 51.
    US: No Plans to End Broad Surveillance Program. (2013). Retrived at 18 June, 2013 from
  52. 52.
    Verscheure, O., Vlachos, M., Anagnostopoulos, A., Frossard, P., Bouillet, E., & Yu, P. S. (2006). Finding ``who is talking to whom" in voip networks via progressive stream clustering. In ICDM '06: Proceedings of the 6th International Conference on Data Mining (pp. 667–677). Washington, DC: IEEE Computer SocietyGoogle Scholar
  53. 53.
    Wang, X., Chen, S., & Jajodia, S. (2005). Tracking anonymous peer-to-peer voip calls on the internet. In CCS '05: Proceedings of the 12th ACM Conference on Computer and Communications Security (pp. 81–91). New York, NY: ACMGoogle Scholar
  54. 54.
    Wright, C. V., Ballard, L.,Monrose, F., & Masson, G. M. (2007). Language identification of encrypted voip traffic: Alejandra y roberto or alice and bob? In Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium, SS'07 (pp. 1–12). Berkeley, CA: USENIX AssociationGoogle Scholar
  55. 55.
    Wright, C. V., Coull, S. E., & Monrose, F. (2009). Traffic morphing: An efficient defense against statistical traffic analysis. In Proceedings of the 16th Annual Network & Distributed System Security Symposium, NDSS '09, ISOC Google Scholar
  56. 56.
    Xu, F., Michael, K., Chen, X.: Factors affecting privacy disclosure on social network sites: An integrated model. Electronic Commerce Research 13, 151–168 (2013)CrossRefGoogle Scholar
  57. 57.
    Zhang, G.: An analysis for anonymity and unlinkability for a voip conversation. Proceings of the 5th IFIP Privacy and Identity Summer School, pp. 198–212. Springer, Berlin (2010)Google Scholar
  58. 58.
    Zhang, G. (2011). Analyzing keystroke patterns of pin code input for recognizing voip users. In: IFIP Future Challenges in Security and Privacy for Academia and Industry, SEC '11. New York, NY: Springer IFIPGoogle Scholar
  59. 59.
    Zhang, G., Berthold, S.: Hidden voip calling records from networking intermediaries. Principles, Systems and Applications of IP Telecommunications, IPTComm '10, pp. 12–21. ACM, New York, NY (2010)CrossRefGoogle Scholar
  60. 60.
    Zhang, G., & Fischer-Hübner, S. (2010). Peer-to-peer VoIP communications using anonymisation overlay networks. In Proceedings of the 11th IFIP TC6, TC11 International Conference on Communications and Multimedia Security, CMS '10 (pp. 130–141). LNCS 6109. New York: SpringerGoogle Scholar
  61. 61.
    Zhu,Y. (2010). On privacy leakage through silence suppression. In Proceedings of the 13th Information Security Conference, ISC '10 (pp. 276–282). New York: Springer LNCSGoogle Scholar
  62. 62.
    Zhu, Y., H, Fu. Traffic analysis attacks on skype VoIP calls. Computer Communications 34(10), 1202–1212 (2011)CrossRefGoogle Scholar
  63. 63.
    Zopf, R. (2002). Real-time transport protocol (RTP) payload for comfort noise (CN). RFC 3389Google Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2019

Authors and Affiliations

  1. 1.Karlstad UniversityKarlstadSweden

Personalised recommendations