Abstract
Nowadays, Voice over Internet Protocol (VoIP) which enables voice conversation remotely over packet switched networks gains much attentions for its low costs and flexible services. However, VoIP calling anonymity, particularly to withhold “who called whom”, is difficult to achieve since VoIP infrastructures are usually deployed in an open networking environment (e.g., the Internet). Our work studies an anonymisation overlay network (AON) based solution to prevent surveillance from external attackers, who are able to wiretap the communication channels as well as to manipulate voice packets in the channels. However, it has been demonstrated that the VoIP combined with traditional AONs are vulnerable to two attacks, namely watermark attack and complementary matching attack. Taking these two attacks into account, we investigate the “defensive dropping” method in VoIP: A VoIP user-agent sends packets to an AON in a constant rate, but packets during periods of silence are marked. Then, the AON drops some silence packets and forwards the remaining ones to their destinations. The result of our experiments shows that the dropping rate must be carefully selected to counteract both of the two attacks. Finally, we discuss further threats in terms of this solution.
The authors would like to thank Stefan Köpsell and Stefan Berthold for their valuable comments and suggestions.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
G.711, http://www.itu.int/rec/T-REC-G.711/e (visited October 21, 2009)
ITU-T. Recommendation G.114 - One-way Transmission Time (2003)
Skype, www.Skype.com (visited October 21, 2009)
Speex, http://www.speex.org/ (visited October 21, 2009)
X-lite, http://www.counterpath.com/x-lite.html (visited November 15, 2009)
Wang, C., Levine, B.N., Reiter, M.K., Wright, M.: Timing attacks in low-latency MIX systems (extended abstract). In: Juels, A. (ed.) FC 2004. LNCS, vol. 3110, pp. 251–265. Springer, Heidelberg (2004)
Berthold, O., Federrath, H., Köpsell, S.: Web MIXes: a system for anonymous and unobservable Internet access. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 115–129. Springer, Heidelberg (2001)
Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Commun. ACM 24(2), 84–90 (1981)
Melchor, C.A., Deswarte, Y., Iguchi-Cartigny, J.: Closed-circuit unobservable Voice over IP. In: Proceedings of the 23rd Annual Computer Security Applications Conference (ACSAC ’07), Los Alamitos, CA, USA, pp. 119–128. IEEE Computer Society, Los Alamitos (2007)
Peterson, J.: A privacy mechanism for the Session Initiation Protocol (SIP), RFC 3323 (2002)
Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.: SIP: Session Initiation Protocol, RFC 3261 (2002)
Schulzrinne, H., Casner, S., Frederick, R., Jacobson, V.: RTP: A transport protocol for real-time applications, RFC 3550 (2003)
Shen, C., Schulzrinne, H.: A VoIP privacy mechanism and its application in VoIP peering for voice service provider topology and identity hiding. Technical report (2008)
Srivatsa, M., Liu, L., Iyengar, A.: Preserving Caller Anonymity in Voice-over-IP Networks. In: Proceedings of the 2008 IEEE Symposium on Security and Privacy (SP ’08), Washington, DC, USA, pp. 50–63. IEEE Computer Society, Los Alamitos (2008)
Srivatsa, M., Liu, L., Iyengar, A.: Privacy in VoIP networks: A k-anonymity approach. In: Proceedings of the 28th IEEE Conference on Computer Communication (INFOCOM ’09), Washington, DC, USA. IEEE Computer Society, Los Alamitos (2009)
Verscheure, O., Vlachos, M., Anagnostopoulos, A., Frossard, P., Bouillet, E., Yu, P.S.: Finding “Who is talking to whom” in VoIP networks via progressive stream clustering. In: Proceedings of the 6th International Conference on Data Mining (ICDM ’06), Washington, DC, USA, pp. 667–677. IEEE Computer Society, Los Alamitos (2006)
Vlachos, M., Anagnostopoulos, A., Verscheure, O., Yu, P.S.: Online pairing of VoIP conversations. The VLDB Journal 18(1), 77–98 (2009)
Wang, X., Chen, S., Jajodia, S.: Tracking anonymous peer-to-peer VoIP calls on the Internet. In: Proceedings of the 12nd ACM conference on Computer and communications security (CCS ’05), pp. 81–91. ACM, New York (2005)
Wright, C.V., Ballard, L., Coull, S.E., Monrose, F., Masson, G.M.: Spot me if you can: Uncovering spoken phrases in encrypted VoIP conversations. In: Proceedings of the 2008 IEEE Symposium on Security and Privacy (SP ’08), Washington, DC, USA, pp. 35–49. IEEE Computer Society, Los Alamitos (2008)
Wright, C.V., Ballard, L., Monrose, F., Masson, G.M.: Language identification of encrypted VoIP traffic: Alejandra y Roberto or Alice and Bob? In: Proceedings of 16th USENIX Security Symposium on USENIX Security Symposium (SS ’07), Berkeley, CA, USA, pp. 1–12. USENIX Association (2007)
Zopf, R.: Real-time Transport Protocol (RTP) payload for Comfort Noise (CN), RFC 3389 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, G., Fischer-Hübner, S. (2010). Peer-to-Peer VoIP Communications Using Anonymisation Overlay Networks. In: De Decker, B., Schaumüller-Bichl, I. (eds) Communications and Multimedia Security. CMS 2010. Lecture Notes in Computer Science, vol 6109. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-13241-4_13
Download citation
DOI: https://doi.org/10.1007/978-3-642-13241-4_13
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-13240-7
Online ISBN: 978-3-642-13241-4
eBook Packages: Computer ScienceComputer Science (R0)