1 / 11

VoIP Tracing

VoIP Tracing. Active De-anonymization of Streams. Timing Attacks [LRWW ’04]. “Normal” flows e.g. HTTP, FTP, SSH Think times dominate Very easy to do timing analysis Constant rate flows 10 pkts/sec = 1 pkt. every 0.1 sec All streams look the same Correlations are poor dropped pkts help.

elisha
Download Presentation

VoIP Tracing

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. VoIP Tracing Active De-anonymization of Streams

  2. Timing Attacks [LRWW ’04] • “Normal” flows • e.g. HTTP, FTP, SSH • Think times dominate • Very easy to do timing analysis • Constant rate flows • 10 pkts/sec = 1 pkt. every 0.1 sec • All streams look the same • Correlations are poor • dropped pkts help

  3. VoIP • Similar to constant rate • high rate of pkts (every 20 or 30 ms) • steady flow • no “think times” • Thus • hard to do end-to-end timing analysis

  4. Key Results • ?

  5. A B C X Y Z Trent’s Anonymity Service A Simple Idea

  6. Caveats • VoIP • time-critcal • Why do we care if we degrade the phone service of the terrorists?

  7. Watermarking • No DRM • 1. Alice sells a song online • 2. Mallory & many others buy the song • 3. Mallory puts the song on Kazaa • 4. Alice gets angry • But doesn’t know who did it

  8. Watermarking • DRM • 1. Alice sells a song online • Each copy has a special, hard-to-see, hard-to-remove “stamp” • 2. Mallory & many others buy the song • 3. Mallory puts the song on Kazaa • 4. Alice gets angry • 5. Alice checks the stamp • 6. Mallory goes to jail

  9. Watermarking Packets • Content-based • Embed the stamp in the data • Ideally based on a key • Very hard to remove the stamp • unless you have a key • Cannot change the packet • Why not? • What can you change?

  10. Algorithm • Select about 2r packets at random • independently selected • Select a distance d • Look at delays • between packet x and x+d • Split the 2r delays into two sets • A and B

  11. Algorithm 2 • The differences should be zero • A(i) - B(j) = 0, on average • The actual value is a random variable • distribution: symmetric, centered on 0 • redundancy: number of differences used • Embedding the “stamp” • increase or decrease the average • which one = which bit (0 or 1)

More Related