The testbed environment for this research to generate real-world Skype behaviors for analyzation is as follows: A NAT-ed LAN consisting of 7 machines running.

Slides:

Advertisements

Similar presentations

IEEE INFOCOM 2004 MultiNet: Connecting to Multiple IEEE Networks Using a Single Wireless Card.

Advertisements

KISS: Stochastic Packet Inspection for UDP Traffic Classification

Secure Content Delivery in Information-Centric Networks: Design, Implementation, and Analyses Computer Science Department New Mexico State University,

Performance Evaluation of the Fuzzy ARTMAP for Network Intrusion Detection Nelcileno Araújo Ruy de Oliveira Ed’Wilson Tavares Ferreira Valtemir Nascimento.

Skype & Network Management Taken from class reference : An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol Salman A. Baset and Henning Schulzrinne.

Voice over IP Skype.

Review of a research paper on Skype

Comparison between Skype and SIP- based Peer-to-Peer Voice-Over-IP Overlay Network Johnson Lee EECE 565 Data Communications.

An Analysis of the Skype Peer-to-Peer Internet Telephony Protocol Salman Baset and Henning Schuzrinne INFOCOMM 2006 Presenter - Bob Kinicki Presenter -

5-Network Defenses Dr. John P. Abraham Professor UTPA.

Internet Traffic Classification KISS Dario Bonfiglio, Alessandro Finamore, Marco Mellia, Michela Meo, Dario Rossi 1.

Edith C. H. Ngai1, Jiangchuan Liu2, and Michael R. Lyu1

Determining applications and characteristics of encrypted wireless traffic. Chris Hanks CMPE 257 3/17/2011.

BotMiner Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology.

Rheeve: A Plug-n-Play Peer- to-Peer Computing Platform Wang-kee Poon and Jiannong Cao Department of Computing, The Hong Kong Polytechnic University ICDCSW.

5/1/2006Sireesha/IDS1 Intrusion Detection Systems (A preliminary study) Sireesha Dasaraju CS526 - Advanced Internet Systems UCCS.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

More about Skype. Overview Any node with a public IP address having sufficient CPU, memory and network bandwidth is a candidate to become a super node.

A simulation-based comparative evaluation of transport protocols for SIP Authors: M.Lulling*, J.Vaughan Department of Computer science, University college.

Reliability and Relay Selection in Peer- to-Peer Communication Systems Salman A. Baset and Henning Schulzrinne Internet Real-time Laboratory Department.

Skype & its protocol Aaron Loar CPE 401. Introduction Skype’s Background Topology 3 Node Types Questions.

Licentiate Seminar: On Measurement and Analysis of Internet Backbone Traffic Wolfgang John Department of Computer Science and Engineering Chalmers University.

Network Simulation Internet Technologies and Applications.

Tracking down Traffic Dario Bonfiglio Marco Mellia Michela Meo Nicolo’ Ritacca Dario Rossi.

EC4019PA Intrusion & Access Control Technology (IACT) Chapter 4- CAMS Prepared by Sandy Tay.

Guofei Gu, Roberto Perdisci, Junjie Zhang, and Wenke Lee College of Computing, Georgia Institute of Technology USENIX Security '08 Presented by Lei Wu.

Distributed Network Intrusion Detection An Immunological Approach Steven Hofmeyr Stephanie Forrest Patrik D’haeseleer Dept. of Computer Science University.

Towards Network Containment in Malware Analysis Systems Authors: Mariano Graziano, Corrado Leita, Davide Balzarotti Source: Annual Computer Security Applications.

Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;

Traffic Classification through Simple Statistical Fingerprinting M. Crotti, M. Dusi, F. Gringoli, L. Salgarelli ACM SIGCOMM Computer Communication Review,

Router. Introduction A router is a device in computer networking that forwards data packets to their destinations, based on their addresses. The work.

Computer Network By Tahir Saad. Introduction to computer networking Content : The definitions of networking Use of network Network classification.

Revealing Skype Traffic: When Randomness Plays with You D. Bonfiglio 1, M. Mellia 1, M. Meo 1, D. Rossi 2, P. Tofanelli 3 Dipartimento di Elettronica,

 Introduction  VoIP  P2P Systems  Skype  SIP  Skype - SIP Similarities and Differences  Conclusion.

Behavior-based Spyware Detection By Engin Kirda and Christopher Kruegel Secure Systems Lab Technical University Vienna Greg Banks, Giovanni Vigna, and.

Skype P2P Kedar Kulkarni 04/02/09.

CSC8320. Outline Content from the book Recent Work Future Work.

Jhih-sin Jheng 2009/09/01 Machine Learning and Bioinformatics Laboratory.

On the processing time for detection of Skype traffic P.M. Santiago del Río, J. Ramos, J.L. García-Dorado, J. Aracil Universidad Autónoma de Madrid A.

Automatically Generating Models for Botnet Detection Presenter: 葉倚任 Authors: Peter Wurzinger, Leyla Bilge, Thorsten Holz, Jan Goebel, Christopher Kruegel,

Detection and Prevention of SIP Flooding Attacks in Voice over IP Networks Jin Tang, Yu Cheng and Yong Hao Department of Electrical and Computer Engineering.

Fast Handoff for Seamless wireless mesh Networks Yair Amir, Clauiu Danilov, Michael Hilsdale Mobisys’ Jeon, Seung-woo.

MANETS Justin Champion Room C203, Beacon Building Tel 3292,

Content Sharing over Smartphone-Based Delay- Tolerant Networks.

An Experimental Study of the Skype Peer-to-Peer VoIP System Saikat Guha, Cornell University Neil DasWani, Google Ravi Jain, Google IPTPS ’ 06 Presenter:

Packet Dispersion in IEEE Wireless Networks Mingzhe Li, Mark Claypool and Bob Kinicki WPI Computer Science Department Worcester, MA 01609

1 Measuring P2P IPTV Systems Thomas Silverston, Olivier Fourmaux Universit ´e Pierre et Marie Curie - Paris 6 ACM NOSSDAV th International workshop.

Security in Skype Prepared by Prithula Dhungel. Security in Skype2 The Skype Service P2P based VoIP software Founded by the founders of Kazaa Can be downloaded.

An analysis of Skype protocol Presented by: Abdul Haleem.

Voice over IP B 林與絜.

What is gaming console & platform? A game console is a device which outputs video signal into TV screen to display the video game. A platform is in which.

Voice Over Internet Protocol

Presenter: Kuei-Yu Hsu Advisor: Dr. Kai-Wei Ke 2013/4/29 Detecting Skype flows Hidden in Web Traffic.

BotCop: An Online Botnet Traffic Classifier 鍾錫山 Jan. 4, 2010.

Speaker:Chiang Hong-Ren An Investigation and Implementation of Botnet Detection Schemes.

Wireless Network Management SANDEEP. Network Management Network management is a service that employs a variety of tools, applications, and devices to.

@Yuan Xue CS 283Computer Networks Spring 2011 Instructor: Yuan Xue.

Cisco Router Technology. Overview Topics :- Overview of cisco Overview of cisco Introduction of Router Introduction of Router How Router Works How Router.

1. ABSTRACT Information access through Internet provides intruders various ways of attacking a computer system. Establishment of a safe and strong network.

A special acknowledge goes to J.F Kurose and K.W. Ross Some of the slides used in this lecture are adapted from their original slides that accompany the.

By Asma Hamad Alharbi.

Cisco Router Technology

Peer-to-peer networking

Network and the internet

Forensic Framework for Skype Communication

Dieudo Mulamba November 2017

Unknown Malware Detection Using Network Traffic Classification

Identifying Slow HTTP DoS/DDoS Attacks against Web Servers DEPARTMENT ANDDepartment of Computer Science & Information SPECIALIZATIONTechnology, University.

2019/5/10 A Technique for Classification of VoIP Flows in UDP Media Streams using VoIP Signalling Traffic Author: Tejmani Sinam, Irengbam Tilokchan Singh,

When Machine Learning Meets Security – Secure ML or Use ML to Secure sth.? ECE 693.

Presentation transcript:

The testbed environment for this research to generate real-world Skype behaviors for analyzation is as follows: A NAT-ed LAN consisting of 7 machines running only Skype with all Automatic Updates and other services disabled, with 2 of the machines dedicated to generating VoIP calls and 2 machines generating instant messages to mimic real world user behavior 2 machines with Intel i7 four core processors and 8 GB of RAM running only Skype with all Automatic Updates and other services disabled and the university firewall disabled in order to increase the chance of these machines being promoted to supernodes in the Skype P2P network All machines not making calls or sending instant messages simply have Skype open and running to generate control traffic The features of the connected IPs used for analysis are: Number of bytes per packet Inter-packet delay Calling All Nodes: Classifying Skype Control Protocol Brett Meyer Computer Science Department The University of Georgia Introduction The rise in popularity of P2P applications in the past several years has also led to a corresponding rise in malware which employs this same overlay network technique, most considerably botnets. Detecting valid P2P programs in a network trace is a foremost concern in network security research. Background/Related Work Previous work has attempted to classify voice, video and instant message data transmitted through the Skype application No attempts have been made thus far to classify the P2P overlay control protocol by itself. Most Skype users do not constantly make calls while they have the application open, but leave Skype running in the background, and only make calls or send instant messages periodically. Approach Skype uses a highly robust proprietary encryption mechanism to hide all of the data transmitted from the application. The feature selected to facilitate classification is the keep-alive message that the Skype network must send between the nodes in order to maintain the overlay network. Discussion Skype traffic is being collected from the testbed environment and analyzed for the statistical qualities of the likely keep-alive transmissions. In the next phase of this research, a similar testbed will be created for 4 additional P2P applications in order to generate training, testing, and evaluation sets for classification. Contributions Dataset consisting of real-world Skype control, messaging, and call transactions Dataset consisting of real-world P2P application behaviors Statistical method for modeling Skype control protocol behavior References 1. BASET, S. A., AND SCHULZRINNE, H. An analysis of the skype peer-to-peer internet telephony protocol. In IEEE Infocom ’06 (Barcelona, Spain, April 2006). 2. BONFIGLIO, D., MELLIA, M., MEO, M., ROSSI, D., AND TOFANELLI, P. Revealing skype traffic: When randomness plays with you. In ACMSIGCOMM’07 (Kyoto, Japan, August 2006). 3. GUHA, S., DASWANI, N., AND JAIN, R. An experimental study of the skype peer-to-peer voip system. In 5th International Workshop on Peer-to-Peer Systems (Santa Barbara, California, Feburary 2006). 4. HAQ, I. U., ALI, S., KHAN, H., AND KHAYAM, S. A. What is the impact of p2p traffic on anomaly detection? Recent Advances in Intrusion Detection: Lecture Notes in Computer Science 6307/2010 (2010), 1– ROSSI, D., MELLIA, M., AND MEO, M. Understanding skype signaling. Computer Networks (November 2008).