Title :
Detecting VoIP calls hidden in web traffic
Author :
Freire, Emanuel P. ; Ziviani, Artur ; Salles, Ronaldo M.
Author_Institution :
Mil. Inst. of Eng. (IME), Rio de Janeiro
fDate :
12/1/2008 12:00:00 AM
Abstract :
Peer-to-peer (P2P) voice over IP (VoIP) applications (e.g. Skype or Google Talk) commonly use Web TCP ports (80 or 443) as a fallback mechanism to delude restrictive firewalls. This strategy renders this kind of traffic quite difficult to be detected by network managers. To deal with this issue, we propose and evaluate a method to detect VoIP calls hidden in Web traffic. We validate our proposal considering both Skype and Google Talk generated traffic by using real-world experimental data gathered at a commercial Internet Service Provider (ISP) and an academic institution. Our experimental results demonstrate that our proposed method achieves a performance of around 90% detection rate of VoIP calls hidden in Web traffic with a false positive rate of only 2%, whereas a 100% detection rate is achieved with a false positive rate limited to only 5%. We also evaluate the feasibility of applying our proposal in real-time detection scenarios.
Keywords :
Internet telephony; peer-to-peer computing; telecommunication traffic; transport protocols; ISP; Internet service provider; TCP/IP protocol; VoIP hidden calls detection; Web traffic; fallback mechanism; peer-to-peer application; voice over IP; Access protocols; Communication system traffic control; IP networks; Internet telephony; Network address translation; Peer to peer computing; Proposals; TCPIP; Telecommunication traffic; Web and internet services; Network anomaly detection, Skype, P2P VoIP systems, HTTP traffic;
Journal_Title :
Network and Service Management, IEEE Transactions on
DOI :
10.1109/TNSM.2009.041102
