Abstract
Nowadays telephony has developed to an omnipresent service. Furthermore the Internet has emerged to an important communication medium. These facts and the raising availability of broadband internet access have led to the fusion of these two services. VoIP is the keyword that describes this combination.
Furthermore it is undeniable that one of the most annoying facets of the Internet nowadays is email spam, which is considered to be 80 to 90 percent of the email traffic produced.
The threat of so called voice spam or Spam over Internet Telephony is even more fatal than the threat that arose with email spam, for the annoyance and disturbance factor is much higher. From the providers point of view both email spam and voice spam produce unwanted traffic and loss of trust of customers into the service.
In this paper we discuss how SPIT attacks can be put into practice, than we point out advantages and disadvantages of state of the art anti voice spam solutions. With the knowledge provided in this paper and with our SPIT producing attack tool, it is possible for an administrator, to find out weak points of VoIP systems and for developers to rethink SPIT blocking techniques.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
J. Rosenberg, C. Jennings, RFC 5039 — The Session Initiation Protocol (SIP) and Spam, IETF, 2008.
M. Hansen, M. Hansen, J. Müller, T. Rohwer, C. Tolkmit and H. Waack, Developing a Legally Compliant Reachability Management System as a Countermeasure against SPIT, 2007.
S. Dritsas, J. Mallios, M. Theoharidou, G.F. Marias and D. Gritzalis, Threat Analysis of the Session Initiation Protocol Regarding Spam, IEEE, 2007.
H. Yany, K. Sripanidkulchaiz, H. Zhangy, Z. Shaez and D. Saha, Incorporating Active Fingerprinting into SPIT Prevention Systems, 2007.
M. Stiemerling S. Niccolini, S. Tartarelli, Requirements and methods for SPIT identification using feedbacks in SIP. Internet-draft, 2008.
F. Wang, Y. Mo, B. Huang, P2P-AVS: P2P Based Cooperative VoIP Spam Filtering, 2007.
C. Jennings, Computational Puzzles for SPAM Reduction in SIP. Internetdraft, 2008.
H. Tschofenig, E. Leppanen, S. Niccolini, M. Arumaithurai, Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) based Robot Challenges for SIP. Internet-draft, 2008.
S. Liske, K. Rebensburg, B. Schnor, SPIT-Erkennung, —Bekanntgabe und-Abwehr in SIP-Netzwerken, 2007.
M. Nassar, R. State, O. Festor, Intrusion detection mechanisms for VoIP applications, 2007.
M. Nassar, S. Niccolini, R. State, T. Ewald, Holistic VoIP Intrusion Detection and Prevention System, 2008.
SIPp at Sourceforge, http://sipp.sourceforge.net/index.html.
Two attacks against VoIP, http://www.securityfocus.com/infocus/1862.
Dellarocas, C., Immunizing Online Reputation Reporting Systems Against Unfair Ratings and Discriminatory Behavior, 2000
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2009 Vieweg+Teubner | GWV Fachverlage GmbH, Wiesbaden
About this chapter
Cite this chapter
Schmidt, A.U., Kuntze, N., Khayari, R.E. (2009). Evaluating Measures and Countermeasures for SPAM over Internet Telephony. In: Pohlmann, N., Reimer, H., Schneider, W. (eds) ISSE 2008 Securing Electronic Business Processes. Vieweg+Teubner. https://doi.org/10.1007/978-3-8348-9283-6_35
Download citation
DOI: https://doi.org/10.1007/978-3-8348-9283-6_35
Publisher Name: Vieweg+Teubner
Print ISBN: 978-3-8348-0660-4
Online ISBN: 978-3-8348-9283-6
eBook Packages: Computer ScienceComputer Science (R0)