spit ppt
DESCRIPTION
Spam over Internet Telephony A systematic classification and reference model for SPIT prevention building blocks Has a purpose of helping newcomers and practitioners in the area to improve their understanding, and better design and implement SPIT prevention systemsTRANSCRIPT
![Page 1: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/1.jpg)
On Spam over Internet Telephony (SPIT)
Prevention
![Page 2: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/2.jpg)
SPIT is defined as the transmission of unsolicited calls over Internet telephony
Using Internet telephony, these costs are substantially lower
presents a reference model for SPIT prevention systems and provides a classification for a large set of available prevention methods
![Page 3: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/3.jpg)
minimize the probability of blocking legitimate call
maximize the probability of blocking SPIT calls.
minimize the interactions with the callee limit the inconvenience caused to the
caller that tries to place a legitimate call should be general should be flexible
![Page 4: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/4.jpg)
No Interactions With Call
Caller-side Interactions
Callee Interrupted by Call
Callee Receives Call Feedback From
Callee After call
![Page 5: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/5.jpg)
Lists simple mechanism white lists (identities allowed to call) black lists (identities that should be
rejected) members of white lists and black lists may
be configured
![Page 6: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/6.jpg)
Circles of Trust
introducing trusted inter-domain connections
each domain controls its own users and the domains agree not to send SPIT to each other
can be implemented in SIP by using authenticated TLS connections between domains
![Page 7: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/7.jpg)
![Page 8: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/8.jpg)
Pattern/Anomaly Detection
detecting suspicious patterns in VoIP traffic to identify SPIT calls
very general
deciding, based on patterns and signatures whether the incoming call might be SPIT or not
![Page 9: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/9.jpg)
Greylisting first call from an unknown user is
rejected
![Page 10: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/10.jpg)
Computational Puzzle
giving the caller's terminal a resource consuming task to perform before establishing the call
attackers use botnets to distribute the cost of computing puzzles
limits the effectiveness of the solution
![Page 11: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/11.jpg)
Sender Check
verify that a caller is a valid sender for the
domain from which he is calling.
Turing Test
conversational method to tell humans and computers
the judge is a human being
most CAPTCHAs are visual although audio CAPTCHAs exist as well
![Page 12: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/12.jpg)
Consent-based Communication
user A authorize user B, the first time user B tries to contact user A
it solves the first-contact problem but introduces a delay until the first call can be placed
![Page 13: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/13.jpg)
![Page 14: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/14.jpg)
Content Filtering
blocking email spam is essentially based on content analysis
cannot be fully applied to prevent SPIT the receiver has been disturbed by a
ringing phone
![Page 15: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/15.jpg)
Reputation System
attaching reputation score to a contact this score can be evaluated based on user feedback it could also be tied to other methods
![Page 16: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/16.jpg)
Limited-Use Addresses
changing the address as soon as the first spam messages arrive at the address
new address has to be communicated to all contacts
new user has to be able to get the current address of a recipient
![Page 17: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/17.jpg)
Payments At Risk
charging a fee for the first contact
refunding that fee if the call was not SPIT
Legal Action
introducing legislation in all countries to prohibit the distribution of spam over VoIP
there will always be countries where it is legal to send SPIT
![Page 18: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/18.jpg)
First-Contact Feedback
the user can provide a feedback to the server
an unknown identity is allowed to call exactly once and then the callee has to provide a feedback
there is no first-contact problem
![Page 19: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/19.jpg)
![Page 20: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/20.jpg)
we used a modular design for our prevention system that flexibly allows linking stages and uses a modular approach for stages 1 and 2.
![Page 21: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/21.jpg)
![Page 22: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/22.jpg)
SPIT PREVENTION AT STAGE 1 All modules examine incoming call signaling
and produce a score compared to two threshold a low and a high below the lower threshold, the call is
forwarded to the calee between the lower and higher thresholds, call
is forwarded to the second stage modulesrejected or forwarded to a voicemail system
above the higher threshold, either the call is
![Page 23: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/23.jpg)
SPIT PREVENTION AT STAGE 2 If the test is successfully passed ,the
dispatcher forwards the call to the original callee
stage 2 module belonging to the“Turing Test”
based on the assumption that human conversation follows certain activity patterns
sends a prerecorded greeting message
![Page 24: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/24.jpg)
![Page 25: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/25.jpg)
![Page 26: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/26.jpg)
SPIT PREVENTION AT STAGE 5
Software client allows user to terminate the call
• time indicates to the SPIT prevention system that this was SPIT
white/black list module may add the caller identity to the black list.
![Page 27: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/27.jpg)
A systematic classification and reference model for SPIT prevention building blocks
Has a purpose of helping newcomers and practitioners in the area to improve their understanding, and better design and implement SPIT prevention systems
![Page 28: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/28.jpg)
Juergen Quittek & Savario Niccolini; On Spam over Internet Telephony(SPIT) Prevention, IEEE Communication magazine, August 2008
www.2dix.com
![Page 29: Spit ppt](https://reader033.vdocuments.us/reader033/viewer/2022061202/547baa7eb4af9f12078b45b6/html5/thumbnails/29.jpg)
THANK YOU