Searching for just a few words should be enough to get started. If you need to make more complex queries, use the tips below to guide you.
Article type: Research Article
Authors: Gritzalis, Dimitrisa; * | Marias, Giannisa | Rebahi, Yacineb | Soupionis, Yannisa | Ehlert, Svenb
Affiliations: [a] Information Security and Critical Infrastructure Protection Research Group, Department of Informatics, Athens University of Economics and Business, Athens, Greece. E-mails: dgrit@aueb.gr, marias@aueb.gr, jsoup@aueb.gr | [b] Competence Center for Next Generation Network Infrastructures, Fraunhofer FOKUS, Berlin, Germany. E-mails: yacine.rebahi@focus.fraunhofer.de, sven.ehlert@focus.fraunhofer.de
Correspondence: [*] Corresponding author: Dimitris Gritzalis, Information Security and Critical Infrastructure Protection Research Group, Department of Informatics, Athens University of Economics and Business, Patission Str. 76, GR10434, Athens, Greece. Tel.: +30 210 8203505; Fax: +30 210 8203507; E-mail: dgrit@aueb.gr.
Abstract: The Session Initiation Protocol (SIP) has become the first widely adopted protocol for managing IP-based telephony, video, and multimedia sessions. SIP advertises a contact point of an individual to the Web. This contact point, similar to an e-mail address, can be exploited for spam purposes. Spam over Internet Telephony, also called SPIT, in general denotes any bulk unsolicited information sent to any potential calling-end of a VoIP infrastructure. Even though SPIT is a new concept, it is more reasonable to address this problem right now, rather than waiting until the problem prevails. To mitigate SPIT, adequate technical countermeasures are required. The solution space may expand to nontechnical ones, as well. In this paper, we propose the SPIDER (SPam over Internet telephony Detection sERvice) platform, a modular and efficient system for fighting SPIT. SPIDER orchestrates several discrete modules that parse, analyze, process, and classify incoming SIP call requests. We discuss technical design details of the individual modules, that this platform consists of; then, we present how these modules are combined to support accurate decisions for any incoming SIP call being legitimate or not. Furthermore, we include a comprehensive evaluation scenario, which refers to the tests performed on the individual modules and on the integrated platform. Evaluation results indicate that the overall architecture manages to identify SPIT calls with low false ratio by using reasonable processing resources and tolerable decision time.
Keywords: VoIP, Spam over Internet Telephony (SPIT), SIP, security, CAPTCHA, spam
DOI: 10.3233/JCS-2010-0419
Journal: Journal of Computer Security, vol. 19, no. 5, pp. 835-867, 2011
IOS Press, Inc.
6751 Tepper Drive
Clifton, VA 20124
USA
Tel: +1 703 830 6300
Fax: +1 703 830 2300
sales@iospress.com
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
IOS Press
Nieuwe Hemweg 6B
1013 BG Amsterdam
The Netherlands
Tel: +31 20 688 3355
Fax: +31 20 687 0091
info@iospress.nl
For editorial issues, permissions, book requests, submissions and proceedings, contact the Amsterdam office info@iospress.nl
Inspirees International (China Office)
Ciyunsi Beili 207(CapitaLand), Bld 1, 7-901
100025, Beijing
China
Free service line: 400 661 8717
Fax: +86 10 8446 7947
china@iospress.cn
For editorial issues, like the status of your submitted paper or proposals, write to editorial@iospress.nl
如果您在出版方面需要帮助或有任何建, 件至: editorial@iospress.nl