In the last years Skype has gained more and more attention from both the users and the scientific community. Namely, the users are interested in its ability to provide a free and reliable way to make phone calls over the Internet, while the scientific community is interested in the reverse-engineering process, because of the proprietary design of the application. In more detail, both Skype protocols and algorithms are unknown and use strong encryption mechanisms, making it very difficult to even reveal Skype presence inside a traffic aggregate. This issue is of primary interest for the scientific community and, above all, of big economical relevance for the operators.
In this paper we propose a novel algorithm for detecting Skype traffic, based on both signature-based and statistical approaches. The proposed algorithm is able to reveal in real time the presence of Skype clients in the monitored network, and to distinguish among the several types of Skype "activities": direct calls, calls with relay node, SkypeOut calls, and file tranfers. To assess the effectiveness of our method we have tested the system over several traffic data sets, collected in different networks. Moreover we have compared the performance offered by our system with those provided by "classical" classification techniques, as well as by the state-of-the-art Skype classifier.
[1]
Dario Rossi,et al.
Understanding Skype signaling
,
2009,
Comput. Networks.
[2]
Ravi Jain,et al.
An Experimental Study of the Skype Peer-to-Peer VoIP System
,
2005,
IPTPS.
[3]
Henning Schulzrinne,et al.
An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol
,
2004,
Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.
[4]
Donald F. Towsley,et al.
Characterizing and Detecting Skype-Relayed Traffic
,
2006,
Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.
[5]
Marco Mellia,et al.
Revealing skype traffic: when randomness plays with you
,
2007,
SIGCOMM 2007.