Correspondence:
[*]
Corresponding author: Dimitris Gritzalis, Information Security and Critical Infrastructure Protection Research Group, Department of Informatics, Athens University of Economics and Business, Patission Str. 76, GR10434, Athens, Greece. Tel.: +30 210 8203505; Fax: +30 210 8203507; E-mail: dgrit@aueb.gr.
Abstract: The Session Initiation Protocol (SIP) has become the first widely adopted protocol for managing IP-based telephony, video, and multimedia sessions. SIP advertises a contact point of an individual to the Web. This contact point, similar to an e-mail address, can be exploited for spam purposes. Spam over Internet Telephony, also called SPIT, in general denotes any bulk unsolicited information sent to any potential calling-end of a VoIP infrastructure. Even though SPIT is a new concept, it is more reasonable to address this problem right now, rather than waiting until the problem prevails. To mitigate SPIT, adequate technical countermeasures are required. The solution space may expand to nontechnical ones, as well. In this paper, we propose the SPIDER (SPam over Internet telephony Detection sERvice) platform, a modular and efficient system for fighting SPIT. SPIDER orchestrates several discrete modules that parse, analyze, process, and classify incoming SIP call requests. We discuss technical design details of the individual modules, that this platform consists of; then, we present how these modules are combined to support accurate decisions for any incoming SIP call being legitimate or not. Furthermore, we include a comprehensive evaluation scenario, which refers to the tests performed on the individual modules and on the integrated platform. Evaluation results indicate that the overall architecture manages to identify SPIT calls with low false ratio by using reasonable processing resources and tolerable decision time.
Keywords: VoIP, Spam over Internet Telephony (SPIT), SIP, security, CAPTCHA, spam
