Preserving Caller Anonymity in Voice-over-IP Networks Mudhakar Srivatsa, Ling Liu and Arun Iyengar Presented by Mounica Atluri
Feb 23, 2016
Preserving Caller Anonymity in
Voice-over-IP NetworksMudhakar Srivatsa, Ling Liu and Arun Iyengar
Presented by Mounica Atluri
Voice-over-IP Attacks Proposed solution Experimental Evaluation Conclusion
Agenda
Data transmission through Public switched telephone network
Uses Circuit switched networks
Expensive
Voice and data communication
We see people talking through Skype, Vonage, instant messengers
Technology behind is called VoIP Transmission of voice traffic over IP-based
networks Sounds are recorded and compressed Benefit of VoIP: Very economical
What is VoIP ?
Caller anonymity and QoS
Existing approaches use Mix networks
Mix networks route traffic through nodes with random delays and random routes
For example, Onion routing
VoIP Requirements
Other examples are Tor, Freedom and Tarzan
Mix networks cannot accommodate the QoS requirement
Low latency apps are vulnerable to timing attacks
VoIP Requirements
Uses RTP for data transmission
Route Set Up protocol for call set up and termination
Protocols in VoIP
Operates in four steps1. initSearch: initiates a route set up request2. processSearch: processes a route set up request3. processResult: processes the results of a route set
up request4. finSearch: concludes the route set up procedure
Route set up protocol
src initiates a request by broadcasting
initSearch
src
dst
If p receives a request from q, it checks if the sipurl is the url of the client connected to p.
processSearch
src
dst
p
If p receives result (searchId, q), it searches for <searchId, sipurl, prev>, adds <sipurl, q> and forwards result to prev
processResult
src
dst p
If src receives result, it adds <dst, q> to its routing table
finSearch
src
dst
q
Encryption with shared symmetric key Exposes dst (through dst.sipurl) dst adds a random delay src or dst can be inferred if all of their
neighboring nodes are malicious
Security features of Route setup protocol
Triangulation based timing attacks
3 steps in triangulation based timing attacks• Candidate caller detection: malicious nodes
deduce a list of potential callers
• Candidate caller ranking: malicious nodes associate a score with every potential caller
• Triangulation: Colluding malicious nodes combine their sets to obtain more accurate list of callers.
Caller Identification attacks
Deterministic triangulation attack Statistical triangulation attack Differential triangulation attack
Three timing attacks
2 assumptions• Link latencies are deterministic• All nodes are synchronized
2 properties of route setup protocol• Protocol establishes shortest route between the src and dst
• Node p that receives route set up request originated from src can estimate dist(src, p)
Deterministic triangulation attack
Candidate caller detection• Compute S(p) for all s ∈ S(p),
Deterministic triangulation attack
Candidate caller ranking• Compute the score
Triangulation• Compute the final score
Deterministic triangulation attack
Deterministic triangulation attack
Link latencies are independently distributed Length of a path P is given by
In candidate caller detection, p computes a set of Pareto-optimal distances to all nodes v
A set of path lengths d1, d2.. dm is Pareto-optimal if for all other path lengths d,
Statistical triangulation attack
A node v is marked as a candidate caller if
If link latencies follow Gaussian, the path latencies follow Gaussian too
Score of v can be computed as
For other any other distribution, use Chebyshev’s inequality to compute
Statistical triangulation attack
In Triangulation step, the aggregate score for a candidate caller v is computed
Statistical triangulation attack
Eliminates time stamp ts from the route set up request
Malicious nodes can estimate the difference
In candidate caller detection, malicious node p computes statistical shortest distances to every other node v as
Differential triangulation attack
Statistical distance distpq[v] is given by distp[v] – distq[v]
v is a candidate caller if
If the link latency distribution is Gaussian, the score of v is given by
Finally, the average score for v is computed
Differential triangulation attack
Network topology should be known for Timing attacks
Achieved by ping and pong messages
Topology Discovery
x yping(x,all)
pong(y, x)
y´pong(y´,x)
Experimental set up• A synthetic network with 1024 nodes • Topology was constructed using NS-2 topology
generator• Node-to-node round trip times varies from 24ms-
150ms with a mean of 74ms
Evaluation of the Threat models
Deterministic Triangulation• Number of suspects varies with number of
malicious nodes• Epsilon should not be too small or large
Statistical Triangulation• More effective than deterministic when there are
uncertainties in link latencies
Differential Triangulation• Statistical attack performs better if the clocks are
synchronized• Differential triangulation can achieve a top-10
probability of 0.78 with only 10 malicious nodes
Topology Discovery• With m=20 and ttl=2, about 75% of the topology
is discovered
Latency perturbation• each node adds random delay
Random Walk Search Algorithm• Resilient to timing attacks but generates
suboptimal routes
Hybrid route set up• Trade off anonymity with QoS
Countering timing attacks
Sends a search request to a randomly chosen neighbor
Two key properties• Markovian property• Random walker does not traverse the shortest
path between any two nodes
Random Walk Search Algorithm
Controlled Random Walk• Combination of two protocols• γ limits the length of random walk• Starts with random walk search• Switches to broadcast search with probability 1-γ
Hybrid route setup protocols
q
Multi-Agent Random Walk• Similar to random walk• Src sends ω random walkers (ω >1)• Route is established when the first random walker
reaches dst• Higher ω results in optimal route latency• Vulnerable to triangulation based timing attack if src sends out random walkers at time t=0
Hybrid route setup protocols
Performed on 1024-node synthetic VoIP network topology using NS-2
Algorithms implemented using Phex: an open source Java based implementation of peer-to-peer broadcast based route set up protocol
Experimental evaluation
Performance• Characterized by cost of messaging
QoS guarantees• Routes with latency<250ms satisfy QoS
requirements• Larger route set up latency does not affect the
quality of voice conversation
Optimal parameter settings
Attack resilience• 99% optimal parameter settings
Topology discovery• Only fraction of topology has been discovered• Top-10 probability for marw was 42% less, crw was
33% less and broadcast was only 9% less • Random walk protocols are more sensitive to
topology
VoIP in becoming popular due to its advantages in cost and convenience
It is a major concern to provide anonymity to the clients
Threat models targeting callers’ anonymity are efficient
Even if a small fraction of network is malicious, the caller can be inferred accurately
It is difficult to trade QoS with anonymity
Conclusion
QUESTIONS??