Skype applies strong encryption to provide secure communication inside the whole Skype
network. The communication ports of clients are chosen randomly. As a consequence,
traditional port based or payload based identification of Skype traffic cannot be
applied. In this paper we present a novel flow dynamics
based identification method to discover both Skype hosts and voice calls. The method
is based only on packet headers and extracted flow level information. This method
is the second algorithm from our research. It has a significant improvement over our
first method [1]. It can detect the randomly selected
communication port of the Skype client, which makes the identification more reliable.
The whole identification process is scripted in Transact-SQL, thus it can be executed
automatically. We also present the validation of the new algorithm together with the
analysis of the identification results.
