Abstract
Malicious intermediaries are able to detect the availability of VoIP conversation flows in a network and observe the IP addresses used by the conversation partners. However, it is insufficient to infer the calling records of a particular user in this way since the linkability between a user and a IP address is uncertain: users may regularly change or share IP addresses. Unfortunately, VoIP flows may contain human-specific features. For example, users sometimes are required to provide Personal identification numbers (PINs) to a voice server for authentication and thus the key-click patterns of entering a PIN can be extracted from VoIP flows for user recognition. We invited 31 subjects to enter 4-digital PINs on a virtual keypad of a popular VoIP user-agent with mouse clicking. Employing machine learning algorithms, we achieved average equal error rates of 10-29% for user verification and a hitting rate up to 65% with a false positive rate around 1% for user classification.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
40 websites offering telephone calling records and other confidential information, http://epic.org/privacy/iei/attachment_a.pdf (visited at November 15, 2010)
e1071: Misc Functions of the Department of Statistics (e1071), TU Wien, http://cran.r-project.org/web/packages/e1071/index.html (visited at September 18, 2010)
randomForest: Breiman and Cutler’s random forests for classification and regression, http://cran.r-project.org/web/packages/randomForest/ (visited at September 18, 2010)
rpart: Recursive Partitioning, http://cran.r-project.org/web/packages/rpart/ (visited at September 18, 2010)
TCPDump, http://www.tcpdump.org/ (visited at July 20, 2010)
The R project for statistical computing, http://www.r-project.org/ (visited at July 18, 2010)
X-Lite, http://www.counterpath.com/x-lite.html (visited at July 18, 2010)
Backes, M., Doychev, G., Dürmuth, M., Köpf, B.: Speaker Recognition in Encrypted Voice Streams. In: Gritzalis, D., Preneel, B., Theoharidou, M. (eds.) ESORICS 2010. LNCS, vol. 6345, pp. 508–523. Springer, Heidelberg (2010)
Barbieri, R., Bruschi, D., Rosti, E.: Voice over ipsec: Analysis and solutions. In: Proceedings of ACSAC 2002. IEEE, Los Alamitos (2002)
Baugher, M., McGrew, D., Naslund, M., Carrara, E., Norrman, K.: The Secure Real-time Transport Protocol (SRTP), RFC 3711 (2004)
Bennett, K.P., Campbell, C.: Support vector machines: hype or hallelujah? SIGKDD Explor. Newsl. 2(2), 1–13 (2000)
Breiman, L.: Random forests. Machine Learning 45, 5–32 (2001)
Breiman, L., Stone, C.J., Friedman, J., Olshen, R.A.: Classification and Regression Trees. Chapman & Hall/CRC, Boca Raton (1984)
Caruana, R., Niculescu-Mizil, A.: An empirical comparison of supervised learning algorithms. In: Proceedings of ICML 2006. ACM, New York (2006)
Clarke, N., Furnell, S.: Advanced user authentication for mobile devices. Computer & Security 26, 109–119 (2007)
Clarke, N., Furnell, S.: Authenticating mobile phone users using keystroke analysis. International Journal of Information Security 6, 1–14 (2007)
Clarke, N., Furnell, S., Lines, B., Reynolds, P.: Using keystroke analysis as a mechanism for subscriber authentication on mobile handsets. In: Proceedings of SEC 2003. Kluwer, Dordrecht (2010)
Egevang, K., Francis, P.: The IP Network Address Translator (NAT), RFC 1631 (2006)
Kent, S., Seo, K.: Security Architecture for the Internet Protocol, RFC 4301 (2005)
Khan, L.A., Baig, M.S., Youssef, A.M.: Speaker Recognition from Encrypted VoIP Communications. Digital Investigationg (2009)
Kotani, K., Horii, K.: Evaluation on a keystroke authentication system by keying force incorporated with temporal characteristics of keystroke dynamics. Behaviour & IT 24(4), 289–302 (2005)
Maxion, R.A., Killourhy, K.S.: Keystroke biometrics with number-pad input. In: Proceedings of DSN 2010. IEEE, Los Alamitos (2010)
Peacock, A., Ke, X., Wilkerson, M.: Typing patterns: A key to user identification. IEEE Security and Privacy 2(5), 40–47 (2004)
Schulzrinne, H., Casner, S., Frederick, R., Jacobson, V.: RTP: A transport protocol for real-time applications, RFC 3550 (2003)
Schulzrinne, H., Taylor, T.: RTP Payload for DTMF Digits, Telephony Tones, and Telephony Signals, RFC 4733 (2006)
Sengar, H., Ren, Z., Wang, H., Wijesekera, D., Jajodia, S.: Tracking skype voip calls over the internet. In: Proceedings of INFOCOM 2010. IEEE, Los Alamitos (2010)
Wang, X., Chen, S., Jajodia, S.: Tracking anonymous peer-to-peer VoIP calls on the Internet. In: Proceedings of CCS 2005. ACM, New York (2005)
Wu, C., Chen, K., Chang, Y., Lei, C.: Speaker Recognition in Encrypted Voice Streams. In: Schulzrinne, H., State, R., Niccolini, S. (eds.) IPTComm 2008. LNCS, vol. 5310. Springer, Heidelberg (2008)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 IFIP International Federation for Information Processing
About this paper
Cite this paper
Zhang, G. (2011). Analyzing Key-Click Patterns of PIN Input for Recognizing VoIP Users. In: Camenisch, J., Fischer-Hübner, S., Murayama, Y., Portmann, A., Rieder, C. (eds) Future Challenges in Security and Privacy for Academia and Industry. SEC 2011. IFIP Advances in Information and Communication Technology, vol 354. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-21424-0_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-21424-0_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-21423-3
Online ISBN: 978-3-642-21424-0
eBook Packages: Computer ScienceComputer Science (R0)