New method for evaluating anti-spit in VoIP networks
|
|
- Roy Chapman
- 8 years ago
- Views:
Transcription
1 New method for evaluating anti-spit in VoIP networks Mina Amanian Dept. of Computer engineering Imam Reza International University of Mashhad, Iran Mohammad Hossein Yaghmaee Moghaddam Dept. of Engineering Ferdowsi University of Mashhad Mashhad, Iran Hossein Khosravi Roshkhari IP-PBX Laboratory, Dept. of Engineering Ferdowsi University of Mashhad Mashhad, Iran Abstract Unsolicited bulk or Spam is a menace to the usability of Internet . The possibility of cheap Voice over IP (VoIP) services have introduced the threat of Spam over Internet Telephony (SPIT). In order to detect SPIT efficiently we need to extract some features which help us in categorizing the incoming calls. In recent researches various features have been introduced but some of these features have less effect in detecting SPIT. In this paper we propose an approach that assigns weight to features and determines which feature is more important than the others in classification of suspicious incoming calls. Once we select the best features, we can detect SPIT efficiently in less time. Keywords; PSTN; SPIT; SIP; VoIP; Caller; Callee; I. INTRODUCTION VoIP is a promising technique which uses existing data networks to establish voice sessions via transferring voice streams replaced into data packets. wadays voice transmission via internet has become an essential tool for business market which yields in development and efflorescence of it. VoIP is a transformation of traditional networks or PSTNs (Public Switched Telephone Networks) proposed in Data Network environment. The main reason of VoIP development is that it reduces telephony costs, produces higher availability and provides easy convergence to PSTN. We must perform mechanisms to support real-time delivery for voice packets and also signaling protocols for handling the communicational negotiations between different VoIP devices. Threats and vulnerabilities of internet protocols make VoIP potentially insecure, for example an attacker can send numerous simultaneous advertisement calls or messages to other users with low cost. SIP (Session Initiation Protocol) is the most applied protocol in current VoIP implementations. SIP is a signaling protocol for initiating, managing and terminating voice and video sessions across packet networks. SIP sessions involve one or more participants and can use for unicast or multicast communication [3]. Attackers attempt to establish bulk unsolicited multimedia sessions which are called Spam calls [4]. This type of Spam calls in VoIP environment is named SPIT (Spam Over internet telephony). Although SPIT is essentially similar to Spam but we expect that SPIT has more destructive effect on user [4, 13]. Due to the expensive and end to end nature of PSTN, generating Spam calls are less attractive to attackers in such networks [1]. Basically attackers use specific software (which is assumed as soft phone client) named bot. The attacker may set up Virus or Trojan on various computers to distribute the Caller identity. First report took place in 2006 that many advertisement calls with marketing purpose showed up in Skype. Spam detection approaches are not extendable to SPIT due to the real time nature of it. Moreover, content plays a big role in detection mechanism which is not applicable for VoIP content [1]. The similarity of SPIT and Spam is that both of them use internet to achieve their purposes. Due to the wide deployment of VoIP networks, we assume that SPIT will be a serious problem in the near future. This paper is organized as follows. In section II we survey the related works on Anti-SPIT methods in details. Section III describes the background, section IV discusses the proposed scheme, section V contains evaluation and finally the conclusion is presented. II. RELATED WORKS Black lists and white lists are ordinarily lists of addresses of suspicious and safe users respectively. These lists are preserved by certain organization and can be queried by the servers. There are a few hundred black lists that they are different in their scope and providers of black lists can collect address of suspected Spammers in various ways. Gray list is a complementary mechanism to black and white list. At the time of a call received by server from a sender that is neither listed on a white nor on a black list, then the call is impermanently rejected. Gray listing is based on the supposition that SPIT software is rather simple and is optimized to send a lot of calls but does not care about retransmission [3]. One of the approaches uses DNS black list for detecting SPIT and it shows that 80% of all Spam-messages come from IP addresses, which were blocked by at least one DNSBL (DNS black list), therefore DNSBL might be a survivable solution for Spam from bot nets [5], but this approach is not suitable for SPITTERS that change their IP and escape from lists. As the SPIT threat raised to research area, some researchers tried to use similar techniques to Spam detection such as content filtering. These sort of approaches analyze the content of calls or messages.
2 Although they appear to be inefficient for SPIT calls due to its processing requirement [20]. Some other approaches are based on challenge and response, these approaches are specifically designed to recognize and identify human against computer [1, 8]. Since SPITTER is always computer software, server is attempting to challenge the Caller with human-intelligible questions and determine the unanswered call as SPIT [9]. Using Turing test and analyzing the human behavioral pattern showed to be useful in some other methods. To decrease the number of calls received by users, instant call system ask the user to give her consent before forwarding a call from unknown sender. If a sender is neither on white or black list of the receiver, the call will not be forwarded to the receiver unless the receiver explicitly agrees [3]. Using community signals is one of other mechanisms that share SPIT information between networks and each user in the network is responsible for SPIT problem and fight with it by reporting SPIT once received [6]. Some other techniques have implemented different modules [7, 11] and by a so called voting process, determine the call must be rejected or allowed. Scoring system that uses Naive Bayes and call patterns [15] has been proposed for detecting unwanted communication Callers. A user-behavior-aware filtering [16] that uses adaptive training decides to detect or block SPIT. Trust based mechanism is another approach to detect SPIT [10, 21]. It considers trust of the Caller and compares it with a threshold and if it is below the threshold, the call can pass. Some other approaches use anomaly and ontology for detecting SPIT [12, 13]. Sip Spam labeling system [17] does not use sip extension and uses SIP INVITE message to establish SIP session for the insertion of Spam indicator. Another research collects features of internet telephony [18] then executes k-nearest neighbor classification and analyses that the user is suspicious or not, this approach immediately updates black list. III. BACKGROUND A. SIP SIP is a peer-to peer protocol with the following entities: User Agents (UA), Proxy Servers, Redirect Servers, Location Servers and Redirect Servers. In a sample session establishment between two UAs, after registration of the two users, UAA sends an INVITE request to the Proxy Server. Proxy Server looks up A s IP address and passes the message to UAB. After UAB has confirmed the request by phone pick up, UAA requests a Media session. The established call could be terminated if any of the UAs sends a BYE request to the other UA [3]. SIP is being developed by the SIP Working Group, within the Internet Engineering Task Force (IETF). The protocol is published as IETF RFC 2543 and currently has the status of a proposed standard. Signaling in SIP is based on (ASCII compatible) text messages. A message is composed of a message header and an optional message body. Messages are either requests or responses. Request messages are sent from the client to the server and response messages are sent from the server to the client [2]. Request Methods Response Methods Method INVITE ACK BYE CANCEL OPTIONS Method Register ACK TABLE I. Description Initiates a call, changes call parameters. Confirms a final response for INVITE. Terminates a call. Cancels searches and ringing Queries the capabilities of the other side. TABLE II. Description Registers with the Location Service. Sends mid-session information that does not modify the state. Response messages contain numeric response codes. The SIP response code set is partly based on HTTP response codes [19]. B. SPIT The term Spam, which is usually used to describe unwanted , can be expanded to describe any unsolicited message (with positive appearance) in a sample communication. In VoIP networks, this term, which we name SPIT, determines any unsolicited call or message which usually contains commercial data. Different type of Spam in VoIP networks can be categorized as follows [3]: Spam over Internet Telephony (SPIT) Spam over Instant Messaging (SPIM) Spam over Presence Protocol (SPPP) SPIT as is generally known, refers to unsolicited calls which usually play pre-recorded audio files for target Callee. C. PCA and LDA There are many possible techniques for classification of data. Principal Component Analysis (PCA) and Linear Discriminant Analysis (LDA), both of them are two commonly used techniques for data classification and dimension reduction. Linear Discriminant Analysis easily handles the case where the within-class frequencies are unequal and their performances have been examined on randomly generated test data. This method maximizes the
3 ratio of between-class variance to the within-class variance in any particular data set thereby guaranteeing maximal separability. The main difference between LDA and PCA is that PCA does more of feature classification and LDA does data classification. In PCA, the shape and location of the original data sets changes when transformed to a different space whereas LDA doesn t change the location but only tries to provide more class separability and draw a decision region between the given classes. This method also helps to better understand the distribution of the feature data. LDA has two different approaches, Data sets can be transformed and test vectors can be classified in the transformed space by two different approaches. Class-dependent transformation: This type of approach involves maximizing the ratio of between class variance to within class variance. The main objective is to maximize this ratio so that adequate class separability is obtained. The class-specific type approach involves using two optimizing criteria for transforming the data sets independently. Class-independent transformation: This approach involves maximizing the ratio of overall variance to within class variance. This approach uses only one optimizing criterion to transform the data sets and hence all data points irrespective of their class identity are transformed using this transform. In this type of LDA, each class is considered as a separate class against all other classes. Principal component analysis (PCA) is a well-known feature extraction method, in which the principal components of the input vector relative to the mean vector are extracted by orthogonal transformation. Similarly kernel PCA extracts principal components in the feature space [14]. We call them kernel principal components. Simultaneous Calls: Occurrence of simultaneous calls, precisely determines the suspicious behavior of a Caller. Diversity of Callers: A SPITTER attempts to cover a large amount of different Callees in a short time, while normal users generally call repetitive contacts and it is very rare that SPITTERS call repetitive contacts. Call Duration: Duration of SPIT calls (Distance between INVITE and BYE packet) are usually short, although normal users have long duration. Error Rate: SPITTERS encounter high volume of SIP errors including CANCEL packet and 404 errors. In figure 1 to 4 some of data samples are presented for both normal and SPIT calls. Figure 1. Call Rate Figure 1 shows Call Rate for normal and SPIT users, it is obvious that SPITTERS have higher Call Rate than normal users since SPITTERS try to generate more calls in less time. D. SVDD The original SVDD classification technique is a powerful one-class classifier inspired by the SVM (Support Vector Machines) which is able to form a decision boundary around the training data without any particular knowledge about other data outside the boundary. SVDD tries to obtain a description of a set of training data which should reject all other possible objects [22]. IV. PROPOSED SCHEME Many features can be exploited from VoIP packet which helps us in SPIT detection. In our proposed scheme we selected six important features of the call that are easy to implement and fast to extract, they can be exploited directly from SIP header, which are presented as follows: Call Rate: Most SPITTERS spend their maximum efforts to take advantage of time and bandwidth effectively, thus their call rate is generally high. Call Interval: the intertime distance for the calls generated by a SPITTER usually follows a regular scheme. Hence, their calls have a low variance to mean ratio of previous intertimes. Figure 2. Call Duration Call Duration of SPIT and normal users is shown in figure 2. When users answer a suspicious call, they immediately hang it up, since they find out that it is not a normal call, on the other hand we will have more duration for normal calls.
4 detected to be normal is called True Positive, the number of normal users incorrectly detected to be SPIT is called False Negative. In order to simulate a proposed framework we have evaluated PCA and LDA on a pseudo-real database which is originally a combination of real call detail record from a VoIP company and six simulated SPITTERS with different complexity. As shown in table 3 PCA and LDA have both changed the feature weights within an almost wide range. Both algorithms are deployed in MATLAB. Figure 3. Diversity of Calles Diversity of Callees for normal and abnormal users is compared in figure 3, SPITTERS randomly create a list of users and they commonly tend to call a huge number of different users while normal users tend to call specific users hence SPITTERS have more diversity of Caller than normal users. TABLE III. Features PCA weights LDA weights Call Interval Simultaneous Calls Diversity of Callees Error Rate Call Duration Call Rate Figure 4. Call Interval Call interval is another feature for SPIT detection exactly inherited from [22]. The intertime distance for the calls generated by a SPITTER, usually follows a regular scheme (Especially for beginner SPITTERS). Hence, their calls have a low variance to mean ratio of previous Intertimes. In figure 4 we consider call interval for normal and SPIT users. SPITTERS usually call variety of users in a short time so they have very short regular distance between their calls while normal users show more irregular pattern between their calls. In SPIT detecting some features have more effect on recognizing SPIT hence we will try to allocate weight to each of them. This weight represents the importance of that feature compared to others. As discussed, we apply PCA and LDA techniques to analyze. Initially we may think all features have the same weight however we will show that some features become more valuable for us. V. EVALUATION We select six features of call and apply two classification algorithms to evaluate the weight of each feature. We aim to decrease False Negative and increase True Positive. The number of normal users that truly The results show that Call Rate and Diversity of Callees have the highest weight compared to other features by applying PCA and LDA respectively. We apply the calculated weights to original data and then apply SVDD classification to determine which weighting scheme has the best effect in SPIT detection. We gain False Negative and True Positive for PCA, LDA and original data that is shown in table4. TABLE IV. Original data PCA LDA False Negative True Positive The results of table 4 show that PCA has less False Negative and higher True Positive compared to LDA hence PCA is more effective than LDA. Also Call Rate is a more important feature than the others. Our framework considers weaknesses of other techniques and efficiently improves them. Using access lists plays an important role in SPIT detection since they are faster than other approaches and are easy to implement. In our framework, we firstly check the incoming call within the lists. This will increase the detection speed by bypassing the feature extraction module which takes more time. We consider the decision made by the lists as deterministic, so updating it has to be performed with extra accuracy.
5 After checking the lists we extract the features of incoming call then we multiply the weights that are gained by PCA or LDA approach to features and calculate a total value. This value should be compared with a threshold. If it is greater than the threshold, the call is suspicious and needs more analysis hence we play the CAPTCHA for him in order to answer a question. If the answer is wrong, black list is updated and the call is dropped.on the other hand if number is below the threshold or he answers the CAPTCHA correctly, the call is sent to Callee. Figure 5 shows the framework. Incoming call Figure 6 PCA In figure 7 we applied LDA and gained these total values. The result shows that SPITTERS have higher total value than normal users and LDA correctly separates them. Check black list Drop Check white list Check gray list Feature extraction Multiple the weights and features then calculate them If is bigger than the threshold? Send call Figure 5. Proposed Framework After performing PCA and LDA we calculate total value for Caller. It is calculated according to the following formula: Total = weight (1)*feature (1) + weight (2)*feature (2) + + weight (n)* feature (n) After gaining total value for every Caller we compare this value to the threshold value. We demonstrate these values obtained from different users in figure 6 and 7. The result shows that classification approach properly separates SPITTERS from normal users. Figure 6 shows total values for different users after applying PCA approach. If SPITTER? CAPTCHA VI. Figure 7 LDA CONCLUSION SPIT (Spam over Internet Telephony) is one of the major concerns in VoIP networks. Different detection solutions have been widely discussed in previous researches. Many of them categorized the incoming calls based on the extractable features in SIP headers but none of them has focused on the effective evaluation of these features. In this paper, we have tried to perform a deeper survey into the different SPIT detection mechanisms. This has been illustrated by evaluating the features which help the detection frameworks in classification techniques. Two weighting approaches (PCA and LDA) are applied and the results show that some features are less effective in the detection procedure. Results show that Call Rate is the most important feature. Moreover, a comprehensive framework is proposed which applies lists and classification and the CAPTHCA. REFERENCES [1] J. Quittek, S. Niccolini, S. Tartarelli, M. Stiemerling, M. Brunner, and T. Ewald, "Detecting SPIT calls by checking human communication patterns," in Communications, ICC'07. IEEE International Conference on, 2007, pp [2] J. Seedorf, "Security challenges for peer-to-peer SIP," Network, IEEE, vol. 20, pp , [3] D. Sisalem, J. Floroiu, J. Kuthan, U. Abend, and H. Schulzrinne, SIP security: Wiley, 2009 [4] D. Gritzalis and Y. Mallios, "A sip-oriented spit management framework," computers & security, vol. 27, pp , 2008.
6 [5] M. Hirschbichler, C. Egger, O. Pasteka, and A. Berger, "Using E- Mail SPAM DNS Blacklists for Qualifying the SPAM-over- Internet-Telephony Probability of a SIP Call," in Digital Society, ICDS'09. Third International Conference on, 2009, pp [6] S. Phithakkitnukoon and R. Dantu, "Defense against SPIT using community signals," in Intelligence and Security Informatics, ISI'09. IEEE International Conference on, 2009, pp [7] B. Mathieu, S. Niccolini, and D. Sisalem, "SDRS: A Voice-over-IP Spam Detection and Reaction System," Security & Privacy, IEEE, vol. 6, pp , [8] H. Hai, Y. Hong-Tao, and F. Xiao-Lei, "A SPIT Detection Method Using Voice Activity Analysis," in Multimedia Information Networking and Security, MINES'09. International Conference on, 2009, pp [9] Y. Soupionis and D. Gritzalis, "Audio CAPTCHA: Existing solutions assessment and a new implementation for VoIP telephony," computers & security, vol. 29, pp , 2010.Yannis [10] M. A. Azad and R. Morla, "Multistage spit detection in transit voip," in Software, Telecommunications and Computer Networks (SoftCOM), th International Conference on, 2011, pp [11] J. Quittek, S. Niccolini, S. Tartarelli, and R. Schlegel, "On spam over internet telephony (SPIT) prevention," Communications Magazine, IEEE, vol. 46, pp , [12] H. Sengar, X. Wang, and A. Nichols, "Call Behavioral Analysis to Thwart SPIT Attacks on VoIP Networks," in Security and Privacy in Communication Networks, ed: Springer, 2012, pp [13] S. Dritsas, V. Dritsou, B. Tsoumas, P. Constantopoulos, and D. Gritzalis, "OntoSPIT: SPIT management through ontologies," Computer Communications, vol. 32, pp , [14] S. Abe, Support vector machines for pattern classification: Springer, [15] T. Kusumoto, E. Y. Chen, and M. Itoh, "Using call patterns to detect unwanted communication callers," in Applications and the Internet, SAINT'09. Ninth Annual International Symposium on, 2009, pp [16] Y. Bai, X. Su, and B. Bhargava, "Adaptive voice spam control with user behavior analysis," in High Performance Computing and Communications, HPCC'09. 11th IEEE International Conference on, 2009, pp [17] S. Y. Park and S. G. Kang, "Labeling System for Countering SIP spam," in Advanced Communication Technology, ICACT th International Conference on, 2008, pp [18] M.-Y. Su and C.-H. Tsai, "A Prevention System for Spam over Internet Telephony," Appl. Math, vol. 6, pp. 579S-585S, [19] M. Stiemerling, "SIP: Protocol Overview," ed: Radvision, [20] A. Shahroudi, R. Khosravi, H. Mashhadi, and M. Ghorbanian, "Full survey on SPIT and prediction of how VoIP providers compete in presence of SPITTERS using game-theory," in Computer Applications and Industrial Electronics (ICCAIE), 2011 IEEE International Conference on, 2011, pp [21] N. Chaisamran, T. Okuda, G. Blanc, and S. Yamaguchi, "Trustbased voip spam detection based on call duration and human relationships," in Applications and the Internet (SAINT), 2011 IEEE/IPSJ 11th International Symposium on, 2011, pp [22] H.khosravi,H.yaghmaee, "SIP Header Based Feature Extraction for SPIT Attacks and its application in a comprehensive Anti-SPIT framework," in IASTED Conference, Calgary, Canada, July 2011.
Prevention of Spam over IP Telephony (SPIT)
General Papers Prevention of Spam over IP Telephony (SPIT) Juergen QUITTEK, Saverio NICCOLINI, Sandra TARTARELLI, Roman SCHLEGEL Abstract Spam over IP Telephony (SPIT) is expected to become a serious problem
More informationCustomize Approach for Detection and Prevention of Unsolicited Call in VoIP Scenario: A Review
Customize Approach for Detection and Prevention of Unsolicited Call in VoIP Scenario: A Review Jui Khamar 1, Hardik Upadhya 2, Jayesh Mevada 3 1 M.E Student, Department of Computer Engineering, Merchant
More informationIncrease reliability factor of quality of services in VoIP networks
Increase reliability factor of quality of services in VoIP networks 1 Mojtaba Esfandiari.S, 2 Mina Amanian 1 Dept. of Engineering Ferdowsi University of Mashhad Mashhad, Iran 2Dept. of Computer engineering
More informationA Phased Framework for Countering VoIP SPAM
International Journal of Advanced Science and Technology 21 A Phased Framework for Countering VoIP SPAM Jongil Jeong 1, Taijin Lee 1, Seokung Yoon 1, Hyuncheol Jeong 1, Yoojae Won 1, Myuhngjoo Kim 2 1
More informationDetecting Spam in VoIP Networks. Ram Dantu Prakash Kolan
Detecting Spam in VoIP Networks Ram Dantu Prakash Kolan More Multimedia Features Cost Why use VOIP? support for video-conferencing and video-phones Easier integration of voice with applications and databases
More information1-4244-0353-7/07/$25.00 2007 IEEE
Detecting SPIT Calls by Checking Human Communication Patterns J. Quittek, S. Niccolini, S. Tartarelli, M. Stiemerling, M. Brunner, T. Ewald NEC Europe Ltd., Kurfürsten-Anlage 36, 69115 Heidelberg, Germany;
More informationSpam over SIP. Sebastian Domancich. Helsinki University of Technology, Finland sdomanci@cc.hut.fi
Spam over SIP Sebastian Domancich Helsinki University of Technology, Finland sdomanci@cc.hut.fi Abstract. This work presents an analysis of spam over SIP-based protocols. Firstly, we depict the different
More informationSession Initiation Protocol (SIP) The Emerging System in IP Telephony
Session Initiation Protocol (SIP) The Emerging System in IP Telephony Introduction Session Initiation Protocol (SIP) is an application layer control protocol that can establish, modify and terminate multimedia
More informationVoice Printing And Reachability Code (VPARC) Mechanism for prevention of Spam over IP Telephony (SPIT)
Voice Printing And Reachability Code (VPARC) Mechanism for prevention of Spam over IP Telephony (SPIT) Vijay Radhakrishnan & Ranjith Mukundan Wipro Technologies, Bangalore, India Email:{radhakrishnan.vijay,
More informationSPAM over Internet Telephony (SPIT) und Abwehrmöglichkeiten
Zukunft der Netze, 20.03.2009 SPAM over Internet Telephony (SPIT) und Abwehrmöglichkeiten Dirk Hoffstadt (Uni Duisburg-Essen) Christoph Sorge (NEC) Yacine Rebahi (Fraunhofer FOKUS) Outline Introduction
More informationSPAM over Internet Telephony and how to deal with it
SPAM over Internet Telephony and how to deal with it Dr. Andreas U. Schmidt 1 Nicolai Kuntze 1 Rachid El Khayari 2 1 Fraunhofer Institute SIT {andreas.schmidt nicolai.kuntze}@sit.fraunhofer.de 2 Technical
More informationIn general, spam describes information, often
SDRS: A Voice-over-IP Spam Detection and Reaction System An expected surge in spam over Internet telephony () requires a solution that incorporates multiple detection methods and reaction mechanisms, enabling
More informationA Study on Countering VoIP Spam using RBL
2011 2nd International Conference on Networking and Information Technology IPCSIT vol.17 (2011) (2011) IACSIT Press, Singapore A Study on Countering VoIP Spam using RBL Seokung Yoon, Haeryoung Park, Myoung
More informationCountering Unsolicited Calls in the Internet Telephony: An anti-spit Architecture
Countering Unsolicited Calls in the Internet Telephony: An anti-spit Architecture Panos STAMATIOU 1 and Dimitris GRITZALIS 1,2 1 Hellenic Open University (HOU), Dept. of Informatics, Patras, Greece 2 Athens
More informationPREVENTING SPIT WITH NAIVE BAYES IN VOIP COMMUNICATION
PREVENTING SPIT WITH NAIVE BAYES IN VOIP COMMUNICATION Intesab Hussain Sadhayo*, Fareed Ahmed Jokhio**, Umair Ali Khan*, Pardeep Kumar*, Nisar Ahmed Memon* ABSTRACT Spams over Internet telephony is a serious
More informationSIP : Session Initiation Protocol
: Session Initiation Protocol EFORT http://www.efort.com (Session Initiation Protocol) as defined in IETF RFC 3261 is a multimedia signaling protocol used for multimedia session establishment, modification
More informationSpam Detection in Voice-over-IP Calls through Semi-Supervised Clustering
Spam Detection in Voice-over-IP Calls through Semi-Supervised Clustering Yu-Sung Wu, Saurabh Bagchi Purdue University, USA Navjot Singh Avaya Labs, USA Ratsameetip Wita Chulalongkorn University, Thailand
More informationSecurity issues in Voice over IP: A Review
www.ijecs.in International Journal Of Engineering And Computer Science ISSN:2319-7242 Volume 3 Issue 2 February, 2014 Page No. 3879-3883 Security issues in Voice over IP: A Review Rajni a, Preeti a, Ritu
More informationAn outline of the security threats that face SIP based VoIP and other real-time applications
A Taxonomy of VoIP Security Threats An outline of the security threats that face SIP based VoIP and other real-time applications Peter Cox CTO Borderware Technologies Inc VoIP Security Threats VoIP Applications
More informationPrevention of Anomalous SIP Messages
International Journal of Future Computer and Communication, Vol., No., October 03 Prevention of Anomalous SIP Messages Ming-Yang Su and Chung-Chun Chen Abstract Voice over internet protocol (VoIP) communication
More informationSIP Service Providers and The Spam Problem
SIP Service Providers and The Spam Problem Y. Rebahi, D. Sisalem Fraunhofer Institut Fokus Kaiserin-Augusta-Allee 1 10589 Berlin, Germany {rebahi, sisalem}@fokus.fraunhofer.de Abstract The Session Initiation
More informationVulnerability Analysis on Mobile VoIP Supplementary Services and MITM Attack
Vulnerability Analysis on Mobile VoIP Supplementary Services and MITM Attack You Joung Ham Graduate School of Computer Engineering, Hanshin University, 411, Yangsan-dong, Osan, Gyeonggi, Rep. of Korea
More informationChapter 2 PSTN and VoIP Services Context
Chapter 2 PSTN and VoIP Services Context 2.1 SS7 and PSTN Services Context 2.1.1 PSTN Architecture During the 1990s, the telecommunication industries provided various PSTN services to the subscribers using
More informationSoftware Engineering 4C03 SPAM
Software Engineering 4C03 SPAM Introduction As the commercialization of the Internet continues, unsolicited bulk email has reached epidemic proportions as more and more marketers turn to bulk email as
More informationTwo-Stage Forking for SIP-based VoIP Services
Two-Stage Forking for SIP-based VoIP Services Tsan-Pin Wang National Taichung University An-Chi Chen Providence University Li-Hsing Yen National University of Kaohsiung Abstract SIP (Session Initiation
More informationSIP: Protocol Overview
SIP: Protocol Overview NOTICE 2001 RADVISION Ltd. All intellectual property rights in this publication are owned by RADVISION Ltd. and are protected by United States copyright laws, other applicable copyright
More informationInfluence of Load Balancing on Quality of Real Time Data Transmission*
SERBIAN JOURNAL OF ELECTRICAL ENGINEERING Vol. 6, No. 3, December 2009, 515-524 UDK: 004.738.2 Influence of Load Balancing on Quality of Real Time Data Transmission* Nataša Maksić 1,a, Petar Knežević 2,
More informationDesign of Standard VoIP Spam Report Format Supporting Various Spam Report Methods
보안공학연구논문지 (Journal of Security Engineering), 제 10권 제 1호 2013년 2월 Design of Standard VoIP Spam Report Format Supporting Various Spam Report Methods Ji-Yeon Kim 1), Hyung-Jong Kim 2) Abstract VoIP (Voice
More informationHow To Prevent Spam In A Phone Line From Being Spam In An Ipa Network
Analysis of Techniques for Protection Against Spam over Internet Telephony Vincent M. Quinten, Remco van de Meent, and Aiko Pras University of Twente, The Netherlands v.m.quinten@student.utwente.nl, {r.vandemeent,
More informationMODELLING OF INTELLIGENCE IN INTERNET TELEPHONE SYSTEM
MODELLING OF INTELLIGENCE IN INTERNET TELEPHONE SYSTEM Evelina Nicolova Pencheva, Vessela Liubomirova Georgieva Department of telecommunications, Technical University of Sofia, 7 Kliment Ohridski St.,
More informationSangheon Pack, EunKyoung Paik, and Yanghee Choi
1 Design of SIP Server for Efficient Media Negotiation Sangheon Pack, EunKyoung Paik, and Yanghee Choi Multimedia & Communication Laboratory, Seoul National University, Korea ABSTRACT Voice over IP (VoIP)
More informationAnalysis of SIP Traffic Behavior with NetFlow-based Statistical Information
Analysis of SIP Traffic Behavior with NetFlow-based Statistical Information Changyong Lee, Hwankuk-Kim, Hyuncheol Jeong, Yoojae Won Korea Information Security Agency, IT Infrastructure Protection Division
More informationVoIP. Overview. Jakob Aleksander Libak jakobal@ifi.uio.no. Introduction Pros and cons Protocols Services Conclusion
VoIP Jakob Aleksander Libak jakobal@ifi.uio.no 1 Overview Introduction Pros and cons Protocols Services Conclusion 2 1 Introduction Voice over IP is routing of voice conversations over the internet or
More informationIntroduction to VoIP Technology
Lesson 1 Abstract Introduction to VoIP Technology 2012. 01. 06. This first lesson of contains the basic knowledge about the terms and processes concerning the Voice over IP technology. The main goal of
More informationThreat Analysis of the Session Initiation Protocol Regarding Spam
Threat Analysis of the Session Initiation Protocol Regarding Spam S. Dritsas J. Mallios M. Theoharidou G. F. Marias D. Gritzalis Information Security and Critical Infrastructure Protection Research Group
More informationCollaborative Reputation-based Voice Spam Filtering
Collaborative Reputation-based Voice Spam Filtering Ruishan Zhang, Andrei Gurtov Helsinki Institute for Information Technology Helsinki University of Technology and University of Helsinki zhangruishan@gmail.com,
More informationResearch on P2P-SIP based VoIP system enhanced by UPnP technology
December 2010, 17(Suppl. 2): 36 40 www.sciencedirect.com/science/journal/10058885 The Journal of China Universities of Posts and Telecommunications http://www.jcupt.com Research on P2P-SIP based VoIP system
More informationSession Initiation Protocol (SIP)
Session Initiation Protocol (SIP) An Alcatel Executive Briefing August, 2002 www.alcatel.com/enterprise Table of contents 1. What is SIP?...3 2. SIP Services...4 2.1 Splitting / forking a call...4 2.2
More informationSPAM OVER INTERNET TELEPHONY AND HOW TO DEAL WITH IT
SPAM OVER INTERNET TELEPHONY AND HOW TO DEAL WITH IT Dr. Andreas U. Schmidt 1, Nicolai Kuntze 1, Rachid El Khayari 2 1 Fraunhofer-Insitute for Secure Information Technology SIT Rheinstrasse 75, Germany
More informationSIP: Ringing Timer Support for INVITE Client Transaction
SIP: Ringing Timer Support for INVITE Client Transaction Poojan Tanna (poojan@motorola.com) Motorola India Private Limited Outer Ring Road, Bangalore, India 560 037 Abstract-The time for which the Phone
More informationA Comparative Study of Signalling Protocols Used In VoIP
A Comparative Study of Signalling Protocols Used In VoIP Suman Lasrado *1, Noel Gonsalves *2 Asst. Prof, Dept. of MCA, AIMIT, St. Aloysius College (Autonomous), Mangalore, Karnataka, India Student, Dept.
More informationSIP A Technology Deep Dive
SIP A Technology Deep Dive Anshu Prasad Product Line Manager, Mitel June 2010 Laith Zalzalah Director, Mitel NetSolutions What is SIP? Session Initiation Protocol (SIP) is a signaling protocol for establishing
More informationSIP, Session Initiation Protocol used in VoIP
SIP, Session Initiation Protocol used in VoIP Page 1 of 9 Secure Computer Systems IDT658, HT2005 Karin Tybring Petra Wahlund Zhu Yunyun Table of Contents SIP, Session Initiation Protocol...1 used in VoIP...1
More informationA Lightweight Countermeasure to Cope with Flooding Attacks Against Session Initiation Protocol
A Lightweight Countermeasure to Cope with Flooding Attacks Against Session Initiation Protocol Intesab Hussain, Soufiene Djahel, Dimitris Geneiatakis ±, and Farid Naït-Abdesselam LIPADE, University of
More informationManaging Risks at Runtime in VoIP Networks and Services
Managing Risks at Runtime in VoIP Networks and Services Oussema Dabbebi, Remi Badonnel, Olivier Festor To cite this version: Oussema Dabbebi, Remi Badonnel, Olivier Festor. Managing Risks at Runtime in
More informationMonitoring SIP Traffic Using Support Vector Machines
Monitoring SIP Traffic Using Support Vector Machines Mohamed Nassar, Radu State, Olivier Festor (nassar, state, festor)@loria.fr MADYNES Team INRIA, Nancy Grand Est 17 September 2008 Outline Introduction
More informationA VoIP Traffic Monitoring System based on NetFlow v9
A VoIP Traffic Monitoring System based on NetFlow v9 Chang-Yong Lee *1, Hwan-Kuk Kim, Kyoung-Hee Ko, Jeong-Wook Kim, Hyun- Cheol Jeong Korea Information Security Agency, Seoul, Korea {chylee, rinyfeel,
More informationSIP SECURITY. Status Quo and Future Issues. 23. Chaos Communication Congress: 27. - 30.12.2006, Berlin, Germany
SIP SECURITY Status Quo and Future Issues 23. Chaos Communication Congress: 27. - 30.12.2006, Berlin, Germany Jan Seedorf - seedorf@informatik.uni-hamburg.de SVS - Security in Distributed Systems Intention
More informationTSIN02 - Internetworking
TSIN02 - Internetworking Lecture 9: SIP and H323 Literature: Understand the basics of SIP and it's architecture Understand H.323 and how it compares to SIP Understand MGCP (MEGACO/H.248) SIP: Protocol
More informationImproving Quality in Voice Over Internet Protocol (VOIP) on Mobile Devices in Pervasive Environment
Journal of Computer Applications ISSN: 0974 1925, Volume-5, Issue EICA2012-4, February 10, 2012 Improving Quality in Voice Over Internet Protocol (VOIP) on Mobile Devices in Pervasive Environment Mr. S.Thiruppathi
More informationContent-based Detection and Prevention of Spam over IP Telephony - System Design, Prototype and First Results
Content-based Detection and Prevention of Spam over IP Telephony - System Design, Prototype and First Results Dirk Lentzen, Gary Grutzek, Heiko Knospe and Christoph Pörschmann Cologne University of Applied
More informationSIP SECURITY WILEY. Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne. A John Wiley and Sons, Ltd.
SIP SECURITY Dorgham Sisalem John Floroiu Jiri Kuthan Ulrich Abend Henning Schulzrinne WILEY A John Wiley and Sons, Ltd., Publication Foreword About the Authors Acknowledgment xi xiii xv 1 Introduction
More informationThis specification this document to get an official version of this User Network Interface Specification
This specification describes the situation of the Proximus network and services. It will be subject to modifications for corrections or when the network or the services will be modified. Please take into
More informationDual Mechanism to Detect DDOS Attack Priyanka Dembla, Chander Diwaker 2 1 Research Scholar, 2 Assistant Professor
International Association of Scientific Innovation and Research (IASIR) (An Association Unifying the Sciences, Engineering, and Applied Research) International Journal of Engineering, Business and Enterprise
More informationOverview ENUM ENUM. VoIP Introduction (2/2) VoIP Introduction (1/2)
Overview Voice-over over-ip (VoIP) ENUM VoIP Introduction Basic PSTN Concepts and SS7 Old Private Telephony Solutions Internet Telephony and Services VoIP-PSTN Interoperability IP PBX Network Convergence
More informationProgramming SIP Services University Infoline Service
Programming SIP Services University Infoline Service Tatiana Kováčiková, Pavol Segeč Department of Information Networks University of Zilina Moyzesova 20, 010 26 SLOVAKIA Abstract: Internet telephony now
More informationA Novel Approach for Evaluating and Detecting Low Rate SIP Flooding Attack
A Novel Approach for Evaluating and Detecting Low Rate SIP Flooding Attack Abhishek Kumar Department of Computer Science and Engineering-Information Security NITK Surathkal-575025, India Dr. P. Santhi
More informationFunctional Specifications Document
Functional Specifications Document VOIP SOFT PBX Project Code: SPBX Project Advisor : Aftab Alam Project Team: Umair Ashraf 03-1853 (Team Lead) Imran Bashir 02-1658 Khadija Akram 04-0080 Submission Date:19-10-2007
More informationAn Introduction to VoIP Protocols
An Introduction to VoIP Protocols www.netqos.com Voice over IP (VoIP) offers the vision of a converged network carrying multiple types of traffic (voice, video, and data, to name a few). To carry out this
More informationTECHNICAL CHALLENGES OF VoIP BYPASS
TECHNICAL CHALLENGES OF VoIP BYPASS Presented by Monica Cultrera VP Software Development Bitek International Inc 23 rd TELELCOMMUNICATION CONFERENCE Agenda 1. Defining VoIP What is VoIP? How to establish
More informationVoIP Security, an overview of the Threat Landscape
VoIP Security, an overview of the Threat Landscape Peter Cox CTO Borderware Technologies peter@borderware.com Abstract Voice over IP (VoIP) services are, as the name suggests a method of running Voice
More informationA Brief Overview of VoIP Security. By John McCarron. Voice of Internet Protocol is the next generation telecommunications method.
A Brief Overview of VoIP Security By John McCarron Voice of Internet Protocol is the next generation telecommunications method. It allows to phone calls to be route over a data network thus saving money
More informationEE4607 Session Initiation Protocol
EE4607 Session Initiation Protocol Michael Barry michael.barry@ul.ie william.kent@ul.ie Outline of Lecture IP Telephony the need for SIP Session Initiation Protocol Addressing SIP Methods/Responses Functional
More informationA Scalable Multi-Server Cluster VoIP System
A Scalable Multi-Server Cluster VoIP System Ming-Cheng Liang Li-Tsung Huang Chun-Zer Lee Min Chen Chia-Hung Hsu mcliang@nuk.edu.tw {kpa.huang, chunzer.lee}@gmail.com {minchen, chhsu}@nchc.org.tw Department
More informationUser authentication in SIP
User authentication in SIP Pauli Vesterinen Helsinki University of Technology pjvester@cc.hut.fi Abstract Today Voice over Internet Protocol (VoIP) is used in large scale to deliver voice and multimedia
More informationApplied Networks & Security
Applied Networks & Security VoIP with Critical Analysis http://condor.depaul.edu/~jkristof/it263/ John Kristoff jtk@depaul.edu IT 263 Spring 2006/2007 John Kristoff - DePaul University 1 Critical analysis
More informationCE 817 - Advanced Network Security VoIP Security
CE 817 - Advanced Network Security VoIP Security Lecture 25 Mehdi Kharrazi Department of Computer Engineering Sharif University of Technology Acknowledgments: Some of the slides are fully or partially
More informationSession Initiation Protocol and Services
Session Initiation Protocol and Services Harish Gokul Govindaraju School of Electrical Engineering, KTH Royal Institute of Technology, Haninge, Stockholm, Sweden Abstract This paper discusses about the
More informationeprism Email Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide
eprism Email Security Appliance 6.0 Intercept Anti-Spam Quick Start Guide This guide is designed to help the administrator configure the eprism Intercept Anti-Spam engine to provide a strong spam protection
More informationSPRT for SPIT: Using the Sequential Probability Ratio Test for Spam in VoIP Prevention
SPRT for SPIT: Using the Sequential Probability Ratio Test for Spam in VoIP Prevention Tobias Jung 1, Sylvain Martin 1, Damien Ernst 1, and Guy Leduc 1 {tjung,sylvain.martin,dernst,guy.leduc}@ulg.ac.be
More informationA Content based Spam Filtering Using Optical Back Propagation Technique
A Content based Spam Filtering Using Optical Back Propagation Technique Sarab M. Hameed 1, Noor Alhuda J. Mohammed 2 Department of Computer Science, College of Science, University of Baghdad - Iraq ABSTRACT
More informationSpam Testing Methodology Opus One, Inc. March, 2007
Spam Testing Methodology Opus One, Inc. March, 2007 This document describes Opus One s testing methodology for anti-spam products. This methodology has been used, largely unchanged, for four tests published
More informationBEHAVIOR BASED CREDIT CARD FRAUD DETECTION USING SUPPORT VECTOR MACHINES
BEHAVIOR BASED CREDIT CARD FRAUD DETECTION USING SUPPORT VECTOR MACHINES 123 CHAPTER 7 BEHAVIOR BASED CREDIT CARD FRAUD DETECTION USING SUPPORT VECTOR MACHINES 7.1 Introduction Even though using SVM presents
More informationRam Dantu. VOIP: Are We Secured?
Ram Dantu Professor, Computer Science and Engineering Director, Center for Information and Computer Security University of North Texas rdantu@unt.edu www.cse.unt.edu/~rdantu VOIP: Are We Secured? 04/09/2012
More informationHow to make free phone calls and influence people by the grugq
VoIPhreaking How to make free phone calls and influence people by the grugq Agenda Introduction VoIP Overview Security Conclusion Voice over IP (VoIP) Good News Other News Cheap phone calls Explosive growth
More informationWhite paper. SIP An introduction
White paper An introduction Table of contents 1 Introducing 3 2 How does it work? 3 3 Inside a normal call 4 4 DTMF sending commands in sip calls 6 5 Complex environments and higher security 6 6 Summary
More informationAn Overview on Security Analysis of Session Initiation Protocol in VoIP network
An Overview on Security Analysis of Session Initiation Protocol in VoIP network Tarendra G. Rahangdale 1, Pritish A. Tijare 2, Swapnil N.Sawalkar 3 M.E (Pursuing) 1, Associate Professor 2, Assistant Professor
More informationIndepth Voice over IP and SIP Networking Course
Introduction SIP is fast becoming the Voice over IP protocol of choice. During this 3-day course delegates will examine SIP technology and architecture and learn how a functioning VoIP service can be established.
More informationVoice over IP (VoIP) Overview. Introduction. David Feiner ACN 2004. Introduction VoIP & QoS H.323 SIP Comparison of H.323 and SIP Examples
Voice over IP (VoIP) David Feiner ACN 2004 Overview Introduction VoIP & QoS H.323 SIP Comparison of H.323 and SIP Examples Introduction Voice Calls are transmitted over Packet Switched Network instead
More informationBasic Vulnerability Issues for SIP Security
Introduction Basic Vulnerability Issues for SIP Security By Mark Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com The Session Initiation Protocol (SIP) is the future
More informationContents. Specialty Answering Service. All rights reserved.
Contents 1. Introduction to Session Internet Protocol... 2 2. History, Initiation & Implementation... 3 3. Development & Applications... 4 4. Function & Capability... 5 5. SIP Clients & Servers... 6 5.1.
More informationThe use of IP networks, namely the LAN and WAN, to carry voice. Voice was originally carried over circuit switched networks
Voice over IP Introduction VoIP Voice over IP The use of IP networks, namely the LAN and WAN, to carry voice Voice was originally carried over circuit switched networks PSTN (Public Switch Telephone Network)
More informationAlexandre Weffort Thenorio - Data. IP-Telephony
Alexandre Weffort Thenorio - Data IP-Telephony 1. Introduction... 3 2. What is it?... 4 3. Why IP-Telephony?... 4 3.1. Advantages... 4 3.1.1. Cost... 4 3.1.2. Functionality and Mobility... 4 3.2. Disadvantages...
More informationAuthentication and Authorisation for Integrated SIP Services in Heterogeneous Environments 1
Authentication and Authorisation for Integrated SIP Services in Heterogeneous Environments 1 Dorgham Sisalem, Jiri Kuthan Fraunhofer Institute for Open Communication Systems (FhG Fokus) Kaiserin-Augusta-Allee
More informationVoice-Over-IP. Daniel Zappala. CS 460 Computer Networking Brigham Young University
Voice-Over-IP Daniel Zappala CS 460 Computer Networking Brigham Young University Coping with Best-Effort Service 2/23 sample application send a 160 byte UDP packet every 20ms packet carries a voice sample
More informationSIP Messages. 180 Ringing The UA receiving the INVITE is trying to alert the user. This response MAY be used to initiate local ringback.
SIP Messages 100 Trying This response indicates that the request has been received by the next-hop server and that some unspecified action is being taken on behalf of this call (for example, a database
More informationSIP Penetration Testing in CESNET Best Practice Document
SIP Penetration Testing in CESNET Best Practice Document Produced by CESNET led working group on Multimedia transmissions and collaborative environment (CBPD142) Author: Miroslav Voznak December 2010 TERENA
More informationVIDEOCONFERENCING. Video class
VIDEOCONFERENCING Video class Introduction What is videoconferencing? Real time voice and video communications among multiple participants The past Channelized, Expensive H.320 suite and earlier schemes
More informationSoftware Engineering 4C03 VoIP: The Next Telecommunication Frontier
Software Engineering 4C03 VoIP: The Next Telecommunication Frontier Rudy Muslim 0057347 McMaster University Computing and Software Department Hamilton, Ontario Canada Introduction Voice over Internet Protocol
More informationFrequently Asked Questions about Integrated Access
Frequently Asked Questions about Integrated Access Phone Service How are local, long distance, and international calls defined? Local access transport areas (LATAs) are geographical boundaries set by the
More informationUnified Messaging using SIP and RTSP
1 Unified Messaging using SIP and RTSP Kundan Singh and Henning Schulzrinne Columbia University kns10,hgs @cs.columbia.edu Abstract Traditional answering machines and voice mail services are tightly coupled
More informationBEng (Hons) Telecommunications. Examinations for 2011 2012 / Semester 1
BEng (Hons) Telecommunications Cohort: BTEL/10A/FT Examinations for 2011 2012 / Semester 1 MODULE: IP Telephony MODULE CODE: TELC3107 Duration: 2 Hours Reading time: 15 Minutes Instructions to Candidates:
More informationMixer/Translator VOIP/SIP. Translator. Mixer
Mixer/Translator VOIP/SIP RTP Mixer, translator A mixer combines several media stream into a one new stream (with possible new encoding) reduced bandwidth networks (video or telephone conference) appears
More informationAn Overview of Spam Blocking Techniques
An Overview of Spam Blocking Techniques Recent analyst estimates indicate that over 60 percent of the world s email is unsolicited email, or spam. Spam is no longer just a simple annoyance. Spam has now
More informationA Model for Spam Prevention in IP Telephony Networks using Anonymous Verifying Authorities
A Model for Spam Prevention in IP Telephony Networks using Anonymous Verifying Authorities N.J Croft and M.S Olivier April 2005 Information and Computer Security Architectures Research Group Department
More informationSIP Penetration Test System
CESNET Technical Report 10/2010 SIP Penetration Test System FILIP ŘEZÁ, MIROSLAV VOZ ÁK Received 5. 11. 2010 Abstract e SIP server, as well as other servers providing services in exposed network, o en
More informationNAT TCP SIP ALG Support
The feature allows embedded messages of the Session Initiation Protocol (SIP) passing through a device that is configured with Network Address Translation (NAT) to be translated and encoded back to the
More informationINCREASE NETWORK VISIBILITY AND REDUCE SECURITY THREATS WITH IMC FLOW ANALYSIS TOOLS
WHITE PAPER INCREASE NETWORK VISIBILITY AND REDUCE SECURITY THREATS WITH IMC FLOW ANALYSIS TOOLS Network administrators and security teams can gain valuable insight into network health in real-time by
More informationT-61.3050 : Email Classification as Spam or Ham using Naive Bayes Classifier. Santosh Tirunagari : 245577
T-61.3050 : Email Classification as Spam or Ham using Naive Bayes Classifier Santosh Tirunagari : 245577 January 20, 2011 Abstract This term project gives a solution how to classify an email as spam or
More informationSavita Teli 1, Santoshkumar Biradar 2
Effective Spam Detection Method for Email Savita Teli 1, Santoshkumar Biradar 2 1 (Student, Dept of Computer Engg, Dr. D. Y. Patil College of Engg, Ambi, University of Pune, M.S, India) 2 (Asst. Proff,
More information