Abstract
The threat of voice spam, commonly known as Spam over Internet Telephony (SPIT) is a real and contemporary problem. If the problem remains unchecked then it may become as potent as email spam today. In this paper, we present two approaches to detect and prevent SPITting over the Internet. Both of our approaches are based on the anomaly detection of the distributions of selected call features (i.e., day and time of calling, call durations etc.). The first approach uses Mahalanobis Distance as a summarization tool and it is able to reliably detect individual spam VoIP calls at a microscopic level. The second approach is designed to detect groups of (potentially collaborating) VoIP spam calls at a macroscopic level. By computing entropy of call durations of groups of calls, we are able to build profile of normal calls and reliably detect the deviation from normal human call behavior that are caused by bulk spam calls. We empirically validate our VoIP spam call detection approaches with real VoIP call traces obtained from a VoIP service provider network. Our experimental results show that call feature distributions can be used to build a fairly general and effective anomalous call behavior detection framework.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Balasubramaniyan, V., Ahamad, M., Park, H.: CallRank: Combating SPIT Using Call Duration, Social Networks and Global Reputation. In: The Fourth Conference on Email and Anti-Spam (2007)
Dantu, R., Kolan, P.: Detecting spam in voip networks. In: Proceedings of the Steps to Reducing Unwanted Traffic on the Internet on Steps to Reducing Unwanted Traffic on the Internet Workshop (2005)
Graham-Rowe, D.: A Sentinel to Screen Phone Calls (2006), http://www.technologyreview.com/communications/17300/?a=f
Kayote Networks. The Threat of SPIT (2007), http://www.kayote.com/
Niccolini, S., Tartarelli, S., Stiemerling, M., Srivastava, S.: SIP Extensions for SPIT identification. draft-niccolini-sipping-feedback-spit-03, IETF Network Working Group (2007) (work in progress)
NuVox Communications. Service Provider (2009), http://www.nuvox.com
Rosenberg, J., Jennings, C.: The Session Initiation Protocol (SIP) and Spam. RFC 5039, IETF Network Working Group (2008)
SIPERA. Sipera IPCS: Products to Address VoIP Vulnerabilities (April 2007), http://www.sipera.com/index.php?action=products,default
VOIPSA. Confirmed cases of SPIT. Mailing list (2006), http://www.voipsa.org/pipermail/voipsec_voipsa.org/2006-March/001326.html
VOIPSA. VoIP Attacks in the News (2007), http://voipsa.org/blog/category/voip-attacks-in-the-news/
Wikipedia. Turing test (2009), http://en.wikipedia.org/wiki/Turing_test
Wikipedia. Mahalanobis distance (2010), http://en.wikipedia.org/wiki/Mahalanobis_distance
Wu, Y.-S., Bagchi, S., Singh, N., Wita, R.: Spam Detection in Voice-Over-IP Calls through Semi-Supervised Clustering. In: IEEE Dependable Systems and Networks Conference (DSN 2009) (June-July 2009)
Rebahi, Y., Al-Hezmi, A.: Spam Prevention for Voice over IP. Technical report (2007), http://colleges.ksu.edu.sa/ComputerSciences/Documents/NITS/ID143.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Sengar, H., Wang, X., Nichols, A. (2012). Call Behavioral Analysis to Thwart SPIT Attacks on VoIP Networks. In: Rajarajan, M., Piper, F., Wang, H., Kesidis, G. (eds) Security and Privacy in Communication Networks. SecureComm 2011. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 96. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31909-9_31
Download citation
DOI: https://doi.org/10.1007/978-3-642-31909-9_31
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-31908-2
Online ISBN: 978-3-642-31909-9
eBook Packages: Computer ScienceComputer Science (R0)