On Metrics to Distinguish Skype flows from HTTP traffic
- 1 September 2007
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE)
Abstract
Skype is a voice over IP (VoIP) Internet application that is gaining huge popularity in recent years. A key point to Skype popularity is its capability to dynamically adapt itself to operate behind firewalls or network proxies. A common way adopted by Skype to delude these network devices is to use port 80, normally expected to comprise HTTP traffic. In this paper, we propose metrics and investigate statistical tests intended to clearly distinguish Skype flows from HTTP traffic. We validate our study using real-world experimental datasets gathered at a commercial Internet service provider (ISP). Our experimental results suggest that the proposed methodology may be seen as a promising building block towards a system to detect general protocol anomalies in HTTP traffic.Keywords
This publication has 17 references indexed in Scilit:
- Unexpected means of protocol inferencePublished by Association for Computing Machinery (ACM) ,2006
- Traffic classification on the flyACM SIGCOMM Computer Communication Review, 2006
- A behavioral model of Web trafficPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- Is P2P dying or just hiding?Published by Institute of Electrical and Electronics Engineers (IEEE) ,2005
- An analysis of live streaming workloads on the internetPublished by Association for Computing Machinery (ACM) ,2004
- An empirical model of HTTP network trafficPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2002
- Probabilistic techniques for intrusion detection based on computer audit dataIEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans, 2001
- Generating representative Web workloads for network and server performance evaluationPublished by Association for Computing Machinery (ACM) ,1998
- Self-similarity in World Wide Web traffic: evidence and possible causesIEEE/ACM Transactions on Networking, 1997
- On the self-similar nature of Ethernet traffic (extended version)IEEE/ACM Transactions on Networking, 1994