Researchers ID Skype users who also use BitTorrent

The research chips away at the perceived privacy protections of using Skype's encrypted service

Entertainment companies seeking to trace people who are illegally file sharing may be interested in new research that could identify filesharers through their Skype accounts. A research team has figured out how to link online Skype users to their activity on peer-to-peer networks, a correlation that could represent a major threat to users' privacy.

The study focused on how a Skype user's IP address can be determined without that user knowing, and then linking that same IP address to files that are being shared through peer-to-peer networks such as BitTorrent.

Using information that users publish in Skype's directory, such as their name, location and birth date, the researchers were able to get very close to identifying the person doing the sharing. They note, however, the method will just identify a machine rather than an actual person behind the computer.

A Skype user's IP address can be figured out even without their knowledge due to a major privacy vulnerability, the researchers wrote. Skype was notified in May -- the same month that it was announced Microsoft had acquired the company -- but the issue has not been fixed.

Skype's Chief Information Security Officer, Adrian Asher, said in an e-mailed statement that "just as with typical internet communications software, Skype users who are connected may be able to determine each other's IP address. Through research and development, we will continue to make advances in this area and improvements to our software."

Skype's peer-to-peer routing system means many machines are involved in setting up a Skype call. But the team figured out a way to sift out the nodes through which calls are routed and determine the user's real IP address by sniffing the packets.

Because Skype uses a proprietary protocol and encrypts the payloads of its messages, packets coming from the called party can't be inspected, the researchers wrote. Instead, they looked at the patterns between a caller and the Skype nodes.

Due to Skype's privacy vulnerability, an IP address could be extracted even if the caller wasn't in the called party's Skype's contact list, or if the caller had been blocked. The researchers also found a way to exchange packets with a user without them ever receiving a notification of a call.

The researchers built a Skype tracker that selected a set of 100,000 identified users. To correlated those IP addresses with files shared on BitTorrent, they also built tools to collect BitTorrent file identifiers, called infohashes, a BitTorrent crawler to collect IP addresses on the network and a verifier to match an online Skype user with an online BitTorrent user.

"As soon as the BitTorrent crawler detects a matching IP address, it signals the verifier, which immediately calls the corresponding Skype user and, at the same time, initiates a handshake with the BitTorrent client," they wrote.

A Skype user and a BitTorrent user could appear to be one and the same because they have the same IP address, but that may not be true due to the use of NAT (Network Address Translation), which allows several machines to share one public IP address. To weed out false positives of this nature, the researchers looked at identifiers in the IP datagrams received to see whether they had been sent shortly after one another from the same machine. If the identifiers in the datagrams generated by Skype and BitTorrent suggested they were sent close together in the same sequence, the Skype user was likely to be the one using BitTorrent.

Overall, the researchers determined that 52 percent of the 765 users they had verified were really using both applications. That means from a sample set of 100,000 Skype users, they figured out that 400 of them were using BitTorrent. Of those users, all had provided their last names to Skype and all but two provided their first names. All but one listed where they lived.

"We have further shown that by deploying modest resources, it is possible for an attacker to scale this scheme to not just one user but tens of thousands of users simultaneously," the researchers wrote. "A prankster could use this scalable calling scheme to, for example, create a public website which provides the mobility and file-sharing history of all active Skype users in a city or a country."

The research was done by Stevens Le Blond of MPI-SWS in Germany; Chao Zhang and Keith Ross of NYU-Poly in the U.S.; and Walid Dabbous and Arnaud Legout of INRIA in France.

Send news tips and comments to

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags securityMicrosoftinternetskypevoiptelecommunicationInternet-based applications and servicesTelephony/conferencing

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Jeremy Kirk

IDG News Service
Show Comments


James Cook University - Master of Data Science Online Course

Learn more >


Sansai 6-Outlet Power Board + 4-Port USB Charging Station

Learn more >



Back To Business Guide

Click for more ›

Most Popular Reviews

Latest Articles


PCW Evaluation Team

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?