Spit ppt

29
On Spam over Internet Telephony (SPIT) Prevention

TAGS:

description

Spam over Internet Telephony A systematic classification and reference model for SPIT prevention building blocks Has a purpose of helping newcomers and practitioners in the area to improve their understanding, and better design and implement SPIT prevention systems

Transcript of Spit ppt

Page 1: Spit ppt

On Spam over Internet Telephony (SPIT)

Prevention

Page 2: Spit ppt

SPIT is defined as the transmission of unsolicited calls over Internet telephony

Using Internet telephony, these costs are substantially lower

presents a reference model for SPIT prevention systems and provides a classification for a large set of available prevention methods

Page 3: Spit ppt

minimize the probability of blocking legitimate call

maximize the probability of blocking SPIT calls.

minimize the interactions with the callee limit the inconvenience caused to the

caller that tries to place a legitimate call should be general should be flexible

Page 4: Spit ppt

No Interactions With Call

Caller-side Interactions

Callee Interrupted by Call

Callee Receives Call Feedback From

Callee After call

Page 5: Spit ppt

Lists simple mechanism white lists (identities allowed to call) black lists (identities that should be

rejected) members of white lists and black lists may

be configured

Page 6: Spit ppt

Circles of Trust

introducing trusted inter-domain connections

each domain controls its own users and the domains agree not to send SPIT to each other

can be implemented in SIP by using authenticated TLS connections between domains

Page 7: Spit ppt
Page 8: Spit ppt

Pattern/Anomaly Detection

detecting suspicious patterns in VoIP traffic to identify SPIT calls

very general

deciding, based on patterns and signatures whether the incoming call might be SPIT or not

Page 9: Spit ppt

Greylisting first call from an unknown user is

rejected

Page 10: Spit ppt

Computational Puzzle

giving the caller's terminal a resource consuming task to perform before establishing the call

attackers use botnets to distribute the cost of computing puzzles

limits the effectiveness of the solution

Page 11: Spit ppt

Sender Check

verify that a caller is a valid sender for the

domain from which he is calling.

Turing Test

conversational method to tell humans and computers

the judge is a human being

most CAPTCHAs are visual although audio CAPTCHAs exist as well

Page 12: Spit ppt

Consent-based Communication

user A authorize user B, the first time user B tries to contact user A

it solves the first-contact problem but introduces a delay until the first call can be placed

Page 13: Spit ppt
Page 14: Spit ppt

Content Filtering

blocking email spam is essentially based on content analysis

cannot be fully applied to prevent SPIT the receiver has been disturbed by a

ringing phone

Page 15: Spit ppt

Reputation System

attaching reputation score to a contact this score can be evaluated based on user feedback it could also be tied to other methods

Page 16: Spit ppt

Limited-Use Addresses

changing the address as soon as the first spam messages arrive at the address

new address has to be communicated to all contacts

new user has to be able to get the current address of a recipient

Page 17: Spit ppt

Payments At Risk

charging a fee for the first contact

refunding that fee if the call was not SPIT

Legal Action

introducing legislation in all countries to prohibit the distribution of spam over VoIP

there will always be countries where it is legal to send SPIT

Page 18: Spit ppt

First-Contact Feedback

the user can provide a feedback to the server

an unknown identity is allowed to call exactly once and then the callee has to provide a feedback

there is no first-contact problem

Page 19: Spit ppt
Page 20: Spit ppt

we used a modular design for our prevention system that flexibly allows linking stages and uses a modular approach for stages 1 and 2.

Page 21: Spit ppt
Page 22: Spit ppt

SPIT PREVENTION AT STAGE 1 All modules examine incoming call signaling

and produce a score compared to two threshold a low and a high below the lower threshold, the call is

forwarded to the calee between the lower and higher thresholds, call

is forwarded to the second stage modulesrejected or forwarded to a voicemail system

above the higher threshold, either the call is

Page 23: Spit ppt

SPIT PREVENTION AT STAGE 2 If the test is successfully passed ,the

dispatcher forwards the call to the original callee

stage 2 module belonging to the“Turing Test”

based on the assumption that human conversation follows certain activity patterns

sends a prerecorded greeting message

Page 24: Spit ppt
Page 25: Spit ppt
Page 26: Spit ppt

SPIT PREVENTION AT STAGE 5

Software client allows user to terminate the call

• time indicates to the SPIT prevention system that this was SPIT

white/black list module may add the caller identity to the black list.

Page 27: Spit ppt

A systematic classification and reference model for SPIT prevention building blocks

Has a purpose of helping newcomers and practitioners in the area to improve their understanding, and better design and implement SPIT prevention systems

Page 28: Spit ppt

Juergen Quittek & Savario Niccolini; On Spam over Internet Telephony(SPIT) Prevention, IEEE Communication magazine, August 2008

www.2dix.com

Page 29: Spit ppt

THANK YOU


Curonian Spit

Curonian Spit

Spit 201028

Spit 201028

Alyssa spit up stilettos

Alyssa spit up stilettos

Spit 201034

Spit 201034

The Spit Master Plan

The Spit Master Plan

Spit Tobacco

Spit Tobacco

Dungeness Spit Hospice Center

Dungeness Spit Hospice Center

Spit, bar or tombolo

Spit, bar or tombolo

Spit 201012

Spit 201012

Queen Bee Spit

Queen Bee Spit

Spit 201011

Spit 201011

201504 SPIT TARIFA 2015

201504 SPIT TARIFA 2015

SPIT - catalogo 2011

SPIT - catalogo 2011

Spit 201015

Spit 201015

FT Spit˜re - RERU

FT Spit˜re - RERU

GOVERNMENT OF MAHARASHTRA - SPIT

GOVERNMENT OF MAHARASHTRA - SPIT

Tarifa 2012 - Diansadiansa.com/pdfs/ferreteria-industrial/spit-tarifa2012.pdf · 2 NOVEDADES SPIT 2012 spit prolong inox spit multiclip spit 328 EVo + spit 332 spit discos xtrEmE

Tarifa 2012 - Diansadiansa.com/pdfs/ferreteria-industrial/spit-tarifa2012.pdf · 2 NOVEDADES SPIT 2012 spit prolong inox spit multiclip spit 328 EVo + spit 332 spit discos xtrEmE

3 Spit e hospitalismo

3 Spit e hospitalismo

Spit Master Plan: Moondarewa Spit Improvements Project€¦ · Spit Master Plan: Moondarewa Spit Improvements Project The Gold Coast Waterways Authority is improving recreational

Spit Master Plan: Moondarewa Spit Improvements Project€¦ · Spit Master Plan: Moondarewa Spit Improvements Project The Gold Coast Waterways Authority is improving recreational

Paradigm Spit: Creativity = 5

Paradigm Spit: Creativity = 5