A Real-Time Algorithm for Skype Traffic Detection and Classification
In the last years Skype has gained more and more attention from both the users and the scientific community. Namely, the users are interested in its ability to provide a free and reliable way to make phone calls over the Internet, while the scientific community is interested in the reverse-engineering process, because of the proprietary design of the application. In more detail, both Skype protocols and algorithms are unknown and use strong encryption mechanisms, making it very difficult to even reveal Skype presence inside a traffic aggregate. This issue is of primary interest for the scientific community and, above all, of big economical relevance for the operators.
In this paper we propose a novel algorithm for detecting Skype traffic, based on both signature-based and statistical approaches. The proposed algorithm is able to reveal in real time the presence of Skype clients in the monitored network, and to distinguish among the several types of Skype “activities”: direct calls, calls with relay node, SkypeOut calls, and file tranfers. To assess the effectiveness of our method we have tested the system over several traffic data sets, collected in different networks. Moreover we have compared the performance offered by our system with those provided by “classical” classification techniques, as well as by the state-of-the-art Skype classifier.
KeywordsLinear Discriminant Analysis Relay Node Message Exchange Payload Size Transport Layer Security
Unable to display preview. Download preview PDF.
- 1.Skype web site, http://www.skype.com (accessed on 2009/04/10)
- 2.Telegeography web site, http://www.telegeography.com/ (accessed on 2009/04/10)
- 3.Skype by the numbers web site, http://apple20.blogs.fortune.cnn.com/2009/03/31/skype-by-the-numbers/ (accessed on 2009/04/10)
- 4.Skype users online now web site, http://idisk.mac.com/hhbv-Public/OnlineNow.htm (accessed on 2009/04/10)
- 5.Baset, S.A., Schulzrinne, H.G.: An analysis of the skype peer-to-peer internet telephony protocol. In: INFOCOM 2006. 25th IEEE International Conference on Computer Communications, pp. 1–11 (2006)Google Scholar
- 7.Suh, K., Figueiredo, D.R., Kurose, J., Towsley, D.: Characterizing and detecting skype-relayed traffic. In: Proceedings of IEEE INFOCOM 2006 (2006)Google Scholar
- 8.Guha, S., Daswani, N., Jain, R.: An experimental study of the skype peer-to-peer voip system. In: IPTPS 2006: The 5th International Workshop on Peer-to-Peer Systems, Microsoft Research (2006)Google Scholar
- 10.Tstat - tcp statistic and analysis tool web site, http://tstat.tlc.polito.it/index.shtml (accessed on 2009/04/10)