ENVIRONMENT, ENERGY
and EARTH SCIENCES

The detection of encrypted multimedia traffic (like VoIP or Video) is a crucial task for both TELCO operators and authorities involved in lawful interception issues. As an example, Skype traffic that cannot be detected through classical methods as port-based detection (because of a random based choice port option) nor payload inspection (because of encryption mechanisms adopted). Dwelling on Skype, the aim of this work is to propose a novel technique that, by recasting the regularities of the data streams in terms of recurrence plots (a representation derived from Chaos Theory), extracts some unprecedented observables; such observables are then considered in a decision-tree building procedure exploiting the C4.5 algorithm in order to draw a decision about the presence or the absence of the targeted traffic. In the final section, a comparison with a reference technique is presented.

Encrypted traffic detection, Chaos theory, Recurrence plots, Recurrence quantification analysis, Machine learning

2016-12-21 00:00:00

10.12783/DTEEES/SEEIE2016/51