Abstract
While VoIP enables new means for communication, it may also provide a new way of transmitting bulk unsolicited messages and calls, namely SPam over Internet Telephony (SPIT). In this paper, we present the phases of a SPIT management process and we form a set of SPIT identification criteria, which are needed in order to characterize a call as SPIT, or a caller as spitter. Then, we present briefly the currently existing anti-SPIT frameworks, so as to examine which of the SPIT identification criteria is fulfilled by each framework, thus providing an insight on which criteria a technique should cope with, as well as how one can evaluate and combine existing approaches, in order to effectively mitigate SPIT. Finally, we implement a list of the criteria in our lab environment in order to examine the applicability of these controls in a Session Initiation Protocol (SIP) environment.
Chapter PDF
Similar content being viewed by others
Keywords
- Session Initiation Protocol
- Instant Message
- Email Spam
- Session Initiation Protocol Server
- Session Initiation Protocol Message
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Baumann R., Cavin S., Schmid S.: Voice Over IP - Security and Spit. Swiss Army, FU Br 41, KryptDet Report, Univ. of Berne (2006)
Croft, N., Olivier,M.: A Model for Spam Prevention in Voice over IP Networks using Anonymous Verifying Authorities. In: Venter, H.S. et al. (eds.) Proc. of the 5th Annual Information Security South Africa Conf., South Africa (2005)
Dantu R., Kolan P.: Detecting Spam in VoIP Networks. In: Proc. of Steps to Reducing Unwanted Traffic on the Internet Workshop, USA (2005)
Dongwook S., Jinyoung A., Choon S.: Progressive Multi Gray-Leveling: A Voice Spam Protection Algorithm. IEEE Network, 20(5), 18-24 (2006)
Dritsas S., Mallios J., Theoharidou M.,Marias G., Gritzalis D.: Threat Analysis of the Session Initiation Protocol Regarding Spam. In Proc. of the 3rd IEEE Int. Workshop on Information Assurance (26th IEEE International Performance Computing and Communications Conference), IEEE Press, pp. 426-433, New Orleans (2007)
Madhosingh B.: The Design of a Differentiated SIP to Control VoIP Spam. Technical Report, Computer Science Department, Florida State University (2006)
Marias G., Dritsas S., Theoharidou M., Mallios J., Gritzalis D.: SIP vulnerabilities and anti- SPIT mechanisms assessment. In Proc. of the 16th IEEE Int. Conf. on Computer Communications and Networks (ICCCN ’07), IEEE Press, Hawaii, pp. 597-604 (2007)
Mathieu, B. et al.: Spit Mitigation by a Network-Level Anti-Spit Entity. In: Proc. of the 3rd Annual VoIP Security Workshop, Germany (2006)
Niccolini S.: Spit prevention: State of the art and research challenges. Network Laboratories, NEC Europe, Germany (2006)
Park S., Kim J., Kang S.: Analysis of applicability of traditional spam regulations to VoIP spam. In: Proc. 8th Int. Conf. of the Advanced Communication Technology, Phoenix Park, Korea (2006)
Peterson J., Jennings C.: Enhancements for Authenticated Identity Management in the Session Initiation Protocol. RFC 4474 (2006)
Rebahi Y., Sisalem D.: SIP service providers and the spam problem. In: Proc. of the Voice over IP Security Workshop, Washington, USA (2005)
Rebahi, Y., Sisalem, D., Magedanz T.: SIP Spam Detection. In: Proc. of the Int. Conf. on Digital Telecommunications, pp. 29-31, France (2006)
Rosenberg, J. et al.: Session Initiation Protocol. RFC 3261 (2002)
Rosenberg J., Jennings C.: The Session Initiation Protocol (SIP) and Spam. draft-ietf-sippingspam- 03 (2006)
SER server version 2.0, Available via www.iptel.org/ser. Cited 10 Jan 2008
Srivastava K., Schulzrinne H.: Preventing Spam For SIP-based Instant Messages and Sessions. Technical Report, University of Columbia (2004)
Tschofenig H. et al.: Using SAML to Protect the Session Initiation Protocol. IEEE Network, 20(5), 14-17 (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Dritsas, S., Soupionis, Y., Theoharidou, M., Mallios, Y., Gritzalis, D. (2008). SPIT Identification Criteria Implementation: Effectiveness and Lessons Learned. In: Jajodia, S., Samarati, P., Cimato, S. (eds) Proceedings of The Ifip Tc 11 23rd International Information Security Conference. SEC 2008. IFIP – The International Federation for Information Processing, vol 278. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-09699-5_25
Download citation
DOI: https://doi.org/10.1007/978-0-387-09699-5_25
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-09698-8
Online ISBN: 978-0-387-09699-5
eBook Packages: Computer ScienceComputer Science (R0)