Problems of VOIP and Spam over Internet Telephony

Article Sidebar

JIST Vol2. No1.
pdf
Published: Jun 27, 2011
DOI: https://doi.org/10.14456/jist.2011.3
Keywords:
SIP VoIP SPIT Anti-SPIT

Main Article Content

วรพล ลีลาเกียรติสกุล
Faculty of Information Science and Technology Mahanakorn University of Technology

Abstract

- VoIP has been widely used for years, because of its lower service cost than the traditional telephone call. However, people or users need to be aware of security on VoIP system because the voice data has to traverse on public networks and vulnerabilities on VoIP system itself. Therefore, this article presents how VoIP system works including supported protocols. Additionally, security analysis is also provided to show vulnerabilities and threats on VoIP system. Finally, SPIT (SPam over Internet Telephony) and Anti-SPIT frameworks are explained since SPIT is currently one of the most recognized problems on VoIP system.

Article Details

How to Cite
[1]
ลีลาเกียรติสกุล ว., “Problems of VOIP and Spam over Internet Telephony”, JIST, vol. 2, no. 1, pp. 21–30, Jun. 2011.
Issue
Vol. 2 No. 1 (2011): Journal of Information Science and Technology (JIST) [Jan. 2011 - Jun. 2011]
Section
Research Article: Soft Computing (Detail in Scope of Journal)

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License.

I/we certify that I/we have participated sufficiently in the intellectual content, conception and design of this work or the analysis and interpretation of the data (when applicable), as well as the writing of the manuscript, to take public responsibility for it and have agreed to have my/our name listed as a contributor. I/we believe the manuscript represents valid work. Neither this manuscript nor one with substantially similar content under my/our authorship has been published or is being considered for publication elsewhere, except as described in the covering letter. I/we certify that all the data collected during the study is presented in this manuscript and no data from the study has been or will be published separately. I/we attest that, if requested by the editors, I/we will provide the data/information or will cooperate fully in obtaining and providing the data/information on which the manuscript is based, for examination by the editors or their assignees. Financial interests, direct or indirect, that exist or may be perceived to exist for individual contributors in connection with the content of this paper have been disclosed in the cover letter. Sources of outside support of the project are named in the cover letter.
I/We hereby transfer(s), assign(s), or otherwise convey(s) all copyright ownership, including any and all rights incidental thereto, exclusively to the Journal, in the event that such work is published by the Journal. The Journal shall own the work, including 1) copyright; 2) the right to grant permission to republish the article in whole or in part, with or without fee; 3) the right to produce preprints or reprints and translate into languages other than English for sale or free distribution; and 4) the right to republish the work in a collection of articles in any other mechanical or electronic format.
We give the rights to the corresponding author to make necessary changes as per the request of the journal, do the rest of the correspondence on our behalf and he/she will act as the guarantor for the manuscript on our behalf.
All persons who have made substantial contributions to the work reported in the manuscript, but who are not contributors, are named in the Acknowledgment and have given me/us their written permission to be named. If I/we do not include an Acknowledgment that means I/we have not received substantial contributions from non-contributors and no contributor has been omitted.

References

1. M. Gori and F. Scarselli, “Are Multilayer Perceptron Adequate for Pattern Recognition and Verification?”, IEEE Transactions onPattern 11, November 1998. pp. 1121-1132.

2. http://www.totnetcall.com

3. http://www.truenettalk.com/th/products/international_rate.html

4. http://www.contactcenter.cattelecom.com/thai/oversea/cat009_info.asp

5. http://www.tot.co.th/index.php?option=com_linkcontent&categoryid=89&Itemid=127&lang=th

6. J. Rosenberg, et al., ”Session Initiation Protocol”, RFC 3261, June 2002.

7. Schulzrinne, H., Casner, S., Frederick, R. and V. Jacobson, "RTP: A Transport Protocol for Real- Time Applications", RFC 1889, January 1996.

8. Schulzrinne, H., Rao, R. and R. Lanphier, "Real Time Streaming Protocol (RTSP)", RFC 2326, April 1998.

9. The vishing guide, IBM Global Technology Services, May 2007.

10. Keromytis, A. “A Comprehensive Survey of Voice over IP SecurityResearch”,IEEE COMMUNICATIONS SURVEYS & TUTORIALS Journal

11. Dr. Andreas U. Schmidt1, Nicolai Kuntze1, Rachid El Khayar, “SPAM OVER INTERNET TELEPHONY AND HOWTO DEAL WITH IT” ,7th annual Conference Information Security South Africa (ISSA 2008), South Africa, 7 -9 July 2008.

12. H. Yany, K. Sripanidkulchaiz, H. Zhangy, Z. Shaez and D. Saha,” Incor-porating Active Fingerprinting into SPIT Prevention Systems”, 2007.

13. M. Hansen, M. Hansen, J. M?? oller, T. Rohwer, C. Tolkmit and H. Waack, “Developing a Legally Compliant Reachability Management System as a Countermeasure against SPIT”, 2007.

14. J. Rosenberg, C. Jennings, RFC 5039 - The Session Initiation Protocol(SIP) and Spam, IETF, 2008.

15. Juergen Quittek, Saverio Niccolini, Sandra Tartarelli, and Roman Schlegel, NEC Europe Ltd.”On Spam over Internet Telephony (SPIT) Prevention”,IEEE Communication Magazine, 2008,pp.80-86

16. Roman Schlegel, Saverio Niccolini, Sandra Tartarelli and Marcus Brunner, “SPam over Internet Telephony (SPIT) Prevention Framework”, IEEE GLOBECOM 2006

17. G. F. Marias S. Dritsas M. Theoharidou J. Mallios D. Gritzalis, “ SIP Vulnerabilities and Anti-SPIT Mechanisms Assessment”, ICCCN 2007. Proceedings of 16th International Conference on Computer Communications and Networks, 2007.pp 597-604.

18. N. Croft, M. Olivier, "A Model for Spam Prevention in Voice over IP Networks using Anonymous Verifying Authorities," in Proc. of the 5th Annual Information SecuritySouth Africa Conference (ISSA 2005), South Africa, July 2005.

19. J. Peterson, and C. Jennings, “Enhancements for Authenticated Identity Management in the Session Initiation Protocol”, RFC4474, August 2006.

20. H. Tschofenig, R Falk, J. Peterson, et al., “Using SAML to Protect the Session Initiation Protocol”, IEEE Network, 20 (5), pp. 14-17 September/October 2006.

21. R. Baumann, S. Cavin, S. Schmid, “Voice Over IP – Security and SPIT”, Swiss Army, FU Br 41, KryptDet Report, Univ. of Berne, September 2006.

22. S.Wiwatpinyo, W.lilakiatsakun, “Enhanced VOIP ANTI-SPIT Mechanism Based on Modular Design, in Proc.of the 3rd ECTICARD2011,Thailand, pp 232-237.

23. M. Stiemerling S. Niccolini, S. Tartarelli, “Requirements and methods for SPIT identification using feedbacks in SIP”, Internetdraft, 2008.

24. F. Wang, Y. Mo, B. Huang, “P2P-AVS: P2P Based Cooperative VoIP Spam Filtering”, 2007.

25. H. Tschofenig, E. Leppanen, S. Niccolini, M. Arumaithurai, “Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) based Robot Challenges for SIP”. Internet-draft, 2008.

26. Alexander Johanson, W.lilakiatsakun, “A VOIP anti-Spam System based on Audio Turing Test Server”,in Proc.of the 2rd ECTICARD2010, Thailand, pp 406-410.

27. C. Jennings, “Computational Puzzles for SPAM Reduction in SIP”, Internet-draft, 2008.