Skip to main content
placeholder image

Transport layer identification of Skype traffic

Chapter


Abstract


  • The Internet telephony application Skype is well-known for its capability to intelligently tunnel through firewalls by selecting customized ports and encrypting its traffic to evade content based filtering. Although this capability may give some convenience to Skype users, it increases the difficulty of managing firewalls to filter out unwanted traffic. In this paper, we propose two different schemes, namely payload-based and non-payload based, for identification of Skype traffic. As payload based identification is not always practical due to legal, privacy, performance, protocol change and software upgrade issues, we focus on the non-payload based scheme, and use the payload based scheme mainly to verify its non-payload based counterpart. Our research results reveal that, at least to a certain extent, encryption by Skype to evade content analysis can be overcome. © 2008 Springer Berlin Heidelberg.

Publication Date


  • 2008

Citation


  • Lu, L., Horton, J., Safavi-Naini, R., & Susilo, W. (2008). Transport layer identification of Skype traffic. In Unknown Book (Vol. 5200 LNCS, pp. 465-481). doi:10.1007/978-3-540-89524-4_47

International Standard Book Number (isbn) 13


  • 9783540895237

Scopus Eid


  • 2-s2.0-58049089052

Book Title


  • Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Start Page


  • 465

End Page


  • 481

Abstract


  • The Internet telephony application Skype is well-known for its capability to intelligently tunnel through firewalls by selecting customized ports and encrypting its traffic to evade content based filtering. Although this capability may give some convenience to Skype users, it increases the difficulty of managing firewalls to filter out unwanted traffic. In this paper, we propose two different schemes, namely payload-based and non-payload based, for identification of Skype traffic. As payload based identification is not always practical due to legal, privacy, performance, protocol change and software upgrade issues, we focus on the non-payload based scheme, and use the payload based scheme mainly to verify its non-payload based counterpart. Our research results reveal that, at least to a certain extent, encryption by Skype to evade content analysis can be overcome. © 2008 Springer Berlin Heidelberg.

Publication Date


  • 2008

Citation


  • Lu, L., Horton, J., Safavi-Naini, R., & Susilo, W. (2008). Transport layer identification of Skype traffic. In Unknown Book (Vol. 5200 LNCS, pp. 465-481). doi:10.1007/978-3-540-89524-4_47

International Standard Book Number (isbn) 13


  • 9783540895237

Scopus Eid


  • 2-s2.0-58049089052

Book Title


  • Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Start Page


  • 465

End Page


  • 481