%0 Conference Paper %1 PhonionPoster %A Heuser, Stephan %A Reaves, Bradley %A Pendyala, Praveen Kumar %A Carter, Henry %A Dmitrienko, Alexandra %A Enck, William %A Sadeghi, Ahmad-Reza %A Traynor, Patrick %B Network and Distributed System Security Symposium (NDSS) %D 2016 %K International-Conference-Workshop-Papers-Book-Chapters myown %T POSTER: Phonion: Frustrating Telephony Metadata Analysis %X Phone companies record network use by individual customers via Call Detail Records (CDRs). CDRs contain important metadata ranging from call source and destination to duration of the connection, route through the network and identification of the network device writing the call record.Historically, CDRs have served as a means of not only properly billing customers for the services they use, but also as a way of identifying and debugging network errors.This metadata has most recently been associated with large-scale collection campaigns by intelligence agencies. While these organizations often assert that such programs are necessary to prevent crime and terrorism, privacy advocates argue that the complete cataloging of telephony actions erode civil liberties. However, what researchers and policy makers have generally failed to consider is that a range of other adversaries may also use CDRs to violate the privacy of targeted individuals. In 2006, for example, detectives hired by executives at HP were able to use social engineering to acquire phone records and determine the identity of an anonymous corporate board member who leaked sensitive information to journalists. Such attacks are not limited to private detectives, but have also been executed by jealous spouses, curious neighbors, companies paying for employee cell phones, rogue employees at cellular providers and more. In fact, last September it was revealed that Vodafone scoured a journalist’s personal phone records to discover her sources on a story about Vodafone security problems 1 . Accordingly, strong mechanisms for making analysis of CDRs difficult is crucial to the privacy of citizens across the world.Taking the importance of call metadata for user privacy into consideration, there are prior attempts to build anonymous telecommunication systems based on Voice over IP (VoIP) and anonymization networks like Tor. However, these solutions do not provide adequate quality of service for voice calls.Moreover, they require fast and reliable Internet connectivity,which might not always be available. For instance, Internet access in countries with a repressive regime can be shut down to prevent dissemination of non-censored information. Further,even if Internet access is generally available, access to the Tor network could be censored.

@inproceedings{PhonionPoster, abstract = {Phone companies record network use by individual customers via Call Detail Records (CDRs). CDRs contain important metadata ranging from call source and destination to duration of the connection, route through the network and identification of the network device writing the call record.Historically, CDRs have served as a means of not only properly billing customers for the services they use, but also as a way of identifying and debugging network errors.This metadata has most recently been associated with large-scale collection campaigns by intelligence agencies. While these organizations often assert that such programs are necessary to prevent crime and terrorism, privacy advocates argue that the complete cataloging of telephony actions erode civil liberties. However, what researchers and policy makers have generally failed to consider is that a range of other adversaries may also use CDRs to violate the privacy of targeted individuals. In 2006, for example, detectives hired by executives at HP were able to use social engineering to acquire phone records and determine the identity of an anonymous corporate board member who leaked sensitive information to journalists. Such attacks are not limited to private detectives, but have also been executed by jealous spouses, curious neighbors, companies paying for employee cell phones, rogue employees at cellular providers and more. In fact, last September it was revealed that Vodafone scoured a journalist’s personal phone records to discover her sources on a story about Vodafone security problems [1] . Accordingly, strong mechanisms for making analysis of CDRs difficult is crucial to the privacy of citizens across the world.Taking the importance of call metadata for user privacy into consideration, there are prior attempts to build anonymous telecommunication systems based on Voice over IP (VoIP) and anonymization networks like Tor. However, these solutions do not provide adequate quality of service for voice calls.Moreover, they require fast and reliable Internet connectivity,which might not always be available. For instance, Internet access in countries with a repressive regime can be shut down to prevent dissemination of non-censored information. Further,even if Internet access is generally available, access to the Tor network could be censored. }, added-at = {2020-10-06T15:38:31.000+0200}, author = {Heuser, Stephan and Reaves, Bradley and Pendyala, Praveen Kumar and Carter, Henry and Dmitrienko, Alexandra and Enck, William and Sadeghi, Ahmad-Reza and Traynor, Patrick}, biburl = {https://www.bibsonomy.org/bibtex/2126b2e1cef5fce8c194e84f1fc0f8e3e/sss-group}, booktitle = {Network and Distributed System Security Symposium (NDSS)}, interhash = {c3a60a5322b25a7ce31cdb089a461dc8}, intrahash = {126b2e1cef5fce8c194e84f1fc0f8e3e}, keywords = {International-Conference-Workshop-Papers-Book-Chapters myown}, month = {February}, pdf = {https://se2.informatik.uni-wuerzburg.de/pa/publications/download/paper/1540.pdf}, slides = {https://se2.informatik.uni-wuerzburg.de/pa/publications/download/slides/1540}, timestamp = {2022-12-19T23:30:01.000+0100}, title = {{POSTER}: Phonion: Frustrating Telephony Metadata Analysis}, venue = {NDSS}, year = 2016 }