Internet Protocol - Research by Kirils Solovjovs
Internet Protocol - Research by Kirils Solovjovs
Internet Protocol - Research by Kirils Solovjovs
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Skype protocol 76<br />
• The external port numbers or IP address are not derivable, because NAT rewrites them,<br />
• The firewall and NAT in use prevents the session being received<br />
• UDP is not usable due to NAT issues, such as timeout<br />
• firewalls block many ports<br />
• TCP through many to one NAT is always "outward only" <strong>by</strong> default - Adding Port Forwarding settings to the<br />
NAT router can allow receiving TCP sessions<br />
Supernodes are grouped into slots (9-10 supernodes), and slots are grouped into blocks (8 slots).<br />
<strong>Protocol</strong><br />
Signaling is encrypted using RC4; however, the method only obfuscates the traffic as the key can be recovered from<br />
the packet. Voice data is encrypted with AES. [4]<br />
The Skype client's application programming interface (API) opens the network to software developers. The Skype<br />
API allows other programs to use the Skype network to get "white pages" information and manage calls.<br />
The Skype code is closed source, and the protocol is not standardized. [5] Parts of the client use <strong>Internet</strong> Direct (Indy),<br />
an open source socket communication library.<br />
8 July 2012, a searcher from Benin, Ouanilo Medegan, released articles and a proof of concept client source code,<br />
results of reverse engineering on the Skype client [6] .<br />
<strong>Protocol</strong> detection<br />
Many networking and security companies claim to detect and control Skype's protocol for enterprise and carrier<br />
applications. While the specific detection methods used <strong>by</strong> these companies are often proprietary, Pearson's<br />
chi-squared test and stochastic characterization with Naive Bayes classifiers are two approaches that were published<br />
in 2007. [7]<br />
Preliminaries<br />
Abbreviations that are used:<br />
• SN: Skype network<br />
• SC: Skype client<br />
• HC: host cache<br />
Skype client<br />
The main functions of a Skype client are:<br />
• login<br />
• user search<br />
• start and end calls<br />
• media transfer<br />
• presence messages<br />
• video conference