Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Hidden VoIP Calling Records from Networking Intermediaries
Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science.
Karlstad University, Faculty of Economic Sciences, Communication and IT, Department of Computer Science.
2010 (English)Conference paper, (Refereed)
Abstract

While confidentiality of telephone conversation contents has recently received considerable attention in Internet telephony (VoIP), the protection of the caller--callee relation is largely unexplored. From the privacy research community we learn that this relation can be protected by Chaum's mixes. In early proposals of mix networks, however, it was reasonable to assume that high latency is acceptable. While the general idea has been deployed for low latency networks as well, important security measures had to be dropped for achieving performance. The result is protection against a considerably weaker adversary model in exchange for usability. In this paper, we show that it is unjustified to conclude that low latency network applications imply weak protection. On the contrary, we argue that current Internet telephony protocols provide a range of promising preconditions for adopting anonymity services with security properties similar to those of high latency anonymity networks. We expect that implementing anonymity services becomes a major challenge as customer privacy becomes one of the most important secondary goals in any (commercial) Internet application.

Place, publisher, year, edition, pages
Munich, Germany: ACM , 2010.
Keyword [en]
anonymity, voip, mix networks
National Category
Computer Science
Research subject
Computer Science
Identifiers
URN: urn:nbn:se:kau:diva-11443OAI: oai:DiVA.org:kau-11443DiVA: diva2:495037
Conference
Principles, System and Applications of IP Telecommunications (IPTCOMM2010)
Available from: 2012-02-08 Created: 2012-02-08 Last updated: 2014-11-25Bibliographically approved
In thesis
1. Unwanted Traffic and Information Disclosure in VoIP Networks: Threats and Countermeasures
Open this publication in new window or tab >>Unwanted Traffic and Information Disclosure in VoIP Networks: Threats and Countermeasures
2012 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

The success of the Internet has brought significant changes to the telecommunication industry. One of the remarkable outcomes of this evolution is Voice over IP (VoIP), which enables realtime voice communications over packet switched networks for a lower cost than traditional public switched telephone networks (PSTN). Nevertheless, security and privacy vulnerabilities pose a significant challenge to hindering VoIP from being widely deployed. The main object of this thesis is to define and elaborate unexplored security and privacy risks on standardized VoIP protocols and their implementations as well as to develop suitable countermeasures. Three research questions are addressed to achieve this objective:

Question 1:  What are potential unexplored threats in a SIP VoIP network with regard to availability, confidentiality and privacy by means of unwanted traffic and information disclosure?

Question 2:  How far are existing security and privacy mechanisms sufficient to counteract these threats and what are their shortcomings?

Question 3:  How can new countermeasures be designed for minimizing or preventing the consequences caused by these threats efficiently in practice?

Part I of the thesis concentrates on the threats caused by "unwanted traffic", which includes Denial of Service (DoS) attacks and voice spam. They generate unwanted traffic to consume the resources and annoy users. Part II of this thesis explores unauthorized information disclosure in VoIP traffic. Confidential user data such as calling records, identity information, PIN code and data revealing a user's social networks might be disclosed or partially disclosed from VoIP traffic. We studied both threats and countermeasures by conducting experiments or using theoretical assessment. Part II also presents a survey research related to threats and countermeasures for anonymous VoIP communication.

Place, publisher, year, edition, pages
Karlstad: Karlstads universitet, 2012. 32 p.
Series
Karlstad University Studies, ISSN 1403-8099 ; 2012:28
Keyword
SIP, VoIP, security, Denial of Service, Vulnerability analysis, timing attacks, Spam, DTMF, SIP, RTP
National Category
Computer Systems
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-13408 (URN)978-91-7063-432-1 (ISBN)
Public defence
2012-09-14, 1 B 306, Universitetsgatan 2, Karlstad, 10:15 (English)
Opponent
Supervisors
Available from: 2012-08-28 Created: 2012-05-29 Last updated: 2012-08-28Bibliographically approved
2. Inter-temporal Privacy Metrics
Open this publication in new window or tab >>Inter-temporal Privacy Metrics
2014 (English)Doctoral thesis, comprehensive summary (Other academic)
Abstract [en]

Informational privacy of individuals has significantly gained importance after information technology has become widely deployed. Data, once digitalised, can be copied, distributed, and long-term stored at negligible costs. This has dramatic consequences for individuals that leave traces in the form of personal data whenever they interact with information technology, for instance, computers and phones; or even when information technology is recording the personal data of aware or unaware individuals. The right of individuals for informational privacy, in particular to control the flow and use of their personal data, is easily undermined by those controlling the information technology.

The objective of this thesis is to study the measurement of informational privacy with a particular focus on scenarios where an individual discloses personal data to a second party which uses this data for re-identifying the individual within a set of other individuals. We contribute with privacy metrics for several instances of this scenario in the publications included in this thesis, most notably one which adds a time dimension to the scenario for modelling the effects of the time passed between data disclosure and usage. The result is a new framework for inter-temporal privacy metrics.

Place, publisher, year, edition, pages
Karlstad: Karlstad University Press, 2014. 20 p.
Series
Karlstad University Studies, ISSN 1403-8099 ; 2014:63
Keyword
privacy, unlinkability, metrics, uncertainty, valuation process, domain-specific language, anonymous communication
National Category
Computer Systems Communication Systems Probability Theory and Statistics
Research subject
Computer Science
Identifiers
urn:nbn:se:kau:diva-33972 (URN)978-91-7063-603-5 (ISBN)
Public defence
2014-12-16, Karlstad University, 21A342 (Eva Erikssonsalen), Universitetsgatan 2, 651 87 Karlstad, 08:15 (English)
Opponent
Supervisors
Available from: 2014-11-25 Created: 2014-10-03 Last updated: 2014-11-25Bibliographically approved

Open Access in DiVA

No full text

Other links

http://www.cs.kau.se/gezhang/bianji/upload/VoIPanon.pdf

Search in DiVA

By author/editor
Zhang, GeBerthold, Stefan
By organisation
Department of Computer Science
Computer Science

Search outside of DiVA

GoogleGoogle Scholar

Total: 59 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf