Detecting Spam in VoIP networks



Similar documents
Detecting Spam in VoIP Networks

Detecting Spam in VoIP Networks. Ram Dantu Prakash Kolan

Ram Dantu. VOIP: Are We Secured?

A Study on Countering VoIP Spam using RBL

Solutions IT Ltd Virus and Antispam filtering solutions

USER S MANUAL Cloud Firewall Cloud & Web Security

Barracuda Spam Firewall

FortiMail Filtering Course 221-v2.0. Course Overview. Course Objectives

FortiMail Filtering Course 221-v2.2 Course Overview

Barracuda SPAM Firewall

PANDA CLOUD PROTECTION User Manual 1

EnterGroup offers multiple spam fighting technologies so that you can pick and choose one or more that are right for you.

What makes Panda Cloud Protection different? Is it secure? How messages are classified... 5

Security & Reliability in VoIP Solution

About this documentation

Voice Printing And Reachability Code (VPARC) Mechanism for prevention of Spam over IP Telephony (SPIT)

An outline of the security threats that face SIP based VoIP and other real-time applications

MDaemon configuration recommendations for dealing with spam related issues

BARRACUDA. N e t w o r k s SPAM FIREWALL 600

Security and Risk Analysis of VoIP Networks

Threats to be considered (1) ERSTE GROUP

University of Mary s Spam Solution

PROTECTING YOUR MAILBOXES. Features SECURITY OF INFORMATION TECHNOLOGIES

CONFIGURING FUS ANTI-SPAM

CE Advanced Network Security VoIP Security

SIP and VoIP 1 / 44. SIP and VoIP

How To Configure Forefront Threat Management Gateway (Forefront) For An Server

A Phased Framework for Countering VoIP SPAM

Kaspersky DDoS Prevention

Prevention of Spam over IP Telephony (SPIT)

Guardian Digital Secure Mail Suite Quick Start Guide

Security. on your terms SOFTSCAN

Voice over IP Security

Feature Comparison Guide

Recommended IP Telephony Architecture

Ingate Firewall/SIParator SIP Security for the Enterprise

White Paper. avaya.com 1. Table of Contents. Starting Points

Introduction: 1. Daily 360 Website Scanning for Malware

Savita Teli 1, Santoshkumar Biradar 2

Using Security to Protect Against Phishing, Spam, and Targeted Attacks: Combining Features for Higher Education

Securing SIP Trunks APPLICATION NOTE.

HPL Barracuda Spam/Virus Firewall

Government of Canada Managed Security Service (GCMSS) Annex A-5: Statement of Work - Antispam

A Novel Approach for Evaluating and Detecting Low Rate SIP Flooding Attack

Blackbaud Communication Services Overview of Delivery and FAQs

INSTANT MESSAGING SECURITY

EasyMail Setup. User Guide. Issue 3 September Welcome to AT&T Website Solutions

FILTERING FAQ

Comprehensive Anti-Spam Service

Lync SHIELD Product Suite

Spam DNA Filtering System

SPAMfighter Exchange Module

FastNetSecurity SpamGuard Spam Filter How-To

10135A: Configuring, Managing, and Troubleshooting Microsoft Exchange Server 2010

More Details About Your Spam Digest & Dashboard

Apps4Rent Hosted Exchange Spam Management Interface Guide.

RAS Associates, Inc. Systems Development Proposal. Scott Klarman. March 15, 2009

Quarantined Messages 5 What are quarantined messages? 5 What username and password do I use to access my quarantined messages? 5

6 Steps to SIP trunking security. How securing your network secures your phone lines.

Technology Blueprint. Protect Your VoIP/SIP Servers. Insulating your voice network and its servers from attacks and disruption

YSU Spam Solution Guide to Using Proofpoint

The Network Box Anti-Spam Solution

STPIC/Admin/002/ / Date: Sub: Quotation for purchase/renewal of Anti Virus Software Reg.

HGC SUPERHUB HOSTED EXCHANGE / 2007 SMART PANEL USER GUIDE

Best Practices for Securing IP Telephony

Is Your Network Ready for VoIP?

C I S C O E M A I L S E C U R I T Y A P P L I A N C E

Do you need to... Do you need to...

SPAM FILTER Service Data Sheet

Release the full potential of your Cisco Call Manager with Ingate Systems

Grandstream Networks, Inc. UCM6100 Security Manual

Cox Business Fax-to- User Guide

Load Balancing for Microsoft Office Communication Server 2007 Release 2

When Reputation is Not Enough: Barracuda Spam Firewall Predictive Sender Profiling. White Paper

Enterprise Edge Communications Manager. Data Capabilities

ASAV Configuration Advanced Spam Filtering

Complete Protection against Evolving DDoS Threats

SIP Trunking Configuration with

HOW TO: Use the UWITC Barracuda Spam Filter System

Cybersecurity Health Check At A Glance

Using the Barracuda Spam Firewall to Filter Your s

Deployment of Snort IDS in SIP based VoIP environments

SIP Trunking The Provider s Perspective

Vulnerabilities in SOHO VoIP Gateways

Transcription:

Detecting Spam in VoIP networks Ram Dantu, Prakash Kolan Dept. of Computer Science and Engineering University of North Texas, Denton Presentation: Heikki Ollikainen /53089D

Presentation Introduction Architecture Experimental setup Results Conclusions

INTRODUCTION VoIP is aggressively deployed in current networks IPPBX > traditional PBX deployments (2006) Very little reported security analysis against threats like DOS, session hijack, termination, monitoring, eavesdropping etc. Impact of vulnerabilities is not understood All the threats need to be addressed before VoIP is deployed in mass scale. While there are many techniques to avoid email spam, such techniques can be of limited application to avoid the problem of voice spam. The problem of spam in VoIP networks has to e solved in real time compared to email systems.

INTRODUCTION Email Spam filters based on content analysis Content filtering is not useful for VoIP spam analysis as media flows in after the two participating entities have agreed upon to start the communication Too late to filter the call VOIP: to realize the objective of receiving a call from a person anywhere in the world, a static junk call filtering mechanism must have to be replaced with adaptive learning system. Voice Spam Detector (VSD) running along with the domain proxy and processes incoming call and inform proxy about the spam nature of the call based on the feedback from the end-user in its domain.

Architecture The architecture behind the spam detection process takes into account all the user preferences of wanted and unwanted people, his or her presence of mind, the reputation and trust of calling party.

Architecture Presence Depends on individuals state of mind to pick up the call. Step: synchronize individuals calendar with the system Filtering process: based on static/dynamic rules e.g. firewall rules. Rate limiting Based on known traffic patterns, signatures can be used to detect the rate of incoming calls. Velocity and acceleration values of the number of arriving calls from given user/host/domain can be used as a detection mechanism. When the velocity and acceleration reaches certain threshold value, the drop rate can be updated through feedback control. Once the spam is detected, PID (Proportional Integral Control) feedback control can be used to reduce the velocity of spreading.

Architecture Black and white list Most spam detection is done using a set of valid and invalid signatures. These signatures would tell detection server know which calls the server has to forward and which calls to block. Whitelist: allowed calls Blacklist: blocked calls Black and whitelists are constructed using user feedback to the VSD Bayesian learning The process of observing the calling party s behavior over period of time is termed as Learning. The spam probability can be calculated using Bayesian inference techniques. VSD filters out the calls, if the spam probability of the call would be greater than the permissible limit of tolerance level. Otherwise the call is forwarded to actual recipient of the call.

Architecture Social networks and reputation User s social network can be used to infer the associated relations between social elements. In VoIP social network represents the associated and trusted neighbors from which the user is willing to receive calls.

Experimental environment

Results (Fig 5, 6, 7, 8)

Conclusion VoIP technology is replacing PSTN rapidly. The problem of VoIP spam has to be resolved in real time compared to email spam techniques. Email spam detection rely on content analysis Five stage process for analyzing whether VoIP call is valid or spam Combination of black/whitelist, trusted calling parties can be used accurately to identify if the call is spam or not. Learning process takes average 3 spam calls to confirm the call is spam. Filtering mechanism verified working with experimental test environment (large number of domains included).

Thank You!

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information