VoIP spam

Spam over Internet Telephony ( SPIT ) is phone spam, which is transmitted over the Internet Protocol using the IP - telephony ( Voice over IP). As telephone - Spam is unwanted phone calls that are automated and performed in large numbers. Phone spam is comparable to e- mail spam, but currently less common and requires due to synchronous communication, other protective measures.

IP telephony as well as e-mail and other Internet applications vulnerable to abuse by unwanted messages and connections. Call machines can be used for telesales, telemarketing, for alleged profit communications or as Lockanrufe. In particular, the IP telephony offers this free software like Asterisk or SIPp ) and affordable options to a large number of calls automatically discontinued. IP telephony is often based on the Session Initiation Protocol (SIP) to set up, control and reduction of the telephone connections. After establishing a SIP session and answer the call by the called party a pre-recorded spam message can be recorded. For pure attractiveness or Pinganrufen no audio data is transmitted.

Introduction

SPIT is characterized by a large number of unwanted and created automated phone calls that are transferred using the Internet Protocol. The caller ( spammers ) tried using appropriate software to build up a large number of compounds and plays a recorded message when the called party answers the call. When using the widespread Session Initiation Protocol ( SIP) connections with INVITE messages are initiated, and then configured and built with more messages; the audio data is then transmitted over the Real-time Transport Protocol (RTP). The spammer can this telephony software such as Use Asterisk. The spam calls can be transferred via gateways telecommunications network operator in the conventional telephone network (PSTN).

Countermeasures

The Internet RFC 5039 contains a number of basic suggestions to protect against SPIT:

• Blacklists and whitelists
• Consent -Based Communications
• Reputation Systems
• Address Obfuscation and Limited -Use Addresses
• Turing tests, spelling, computational puzzles
• Payment
• Legal actions
• Circles of Trust
• Centralized SIP provider

The reliable authentication of the caller, such as described in RFC 4474, allows the identification of spammers and support the defense of SPIT. The usual case of e- mail spam fake the sender's identity is more difficult in public telephone networks (Call ID spoofing ), because the phone companies usually verify the identity of the caller from its own network or specify.

As part of research activities of protective mechanisms and architectures have been studied and proposed. A comprehensive survey of Voice over IP Security Research ( Chapter IV b) provides an overview. Many proposals are based on the reputation and behavior of the caller. A statistical analysis of the call and, in particular Signalierungsverkehrs frequency can be used to identify anomalies. The eye-catching callers can be observed and eventually locked on a blacklist. The Voice Spam Detector (VSD ) is a spam filter that based on the reputation of the participants. The SPIDER project proposes an architecture in two layers. The detection layer consists of several modules combined for detecting SPIT and the Decision Layer and classifies the results. The VoIP SEAL system consists of several stages ( Stages ). After the signaling analysis in the first step, the eye-catching callers are in the second step tests subjected (eg audio CAPTCHAs ). Then the called party is asked to consent and feedback. The authors of SymRank have evaluated anonymized data of a telephone company and propose several algorithms for SPIT detection ago. Callers with weak ties ( weak ties ), i.e., less accumulated talk time to number of participants ) are considered to be conspicuous. Adjust the PageRank algorithm on incoming and outgoing calls and calculate a Reputationsmaß. Also reciprocal connections can be classified as regular calls.

The detection and prevention of SPIT can also be based on an analysis of audio data. This approach uses methods of audio - identification (similar to music identification ) to identify calls with identical or similar audio data (eg, noise, various audio codecs, temporal shifts, and cut-outs ). A robust and compact acoustic fingerprint (audio hash ) is determined from the spectral parameters of the audio data and repeatedly rehearsed calls can be identified by comparing the audio hashes. A prototypical solution was developed within the framework of the research project VIAT.

Implementation of the measures

There are currently little information available about the nature and extent of the measures used by telecom operators. SPIT has not yet comparable to e- mail spam importance and basically generate spam calls revenue for operators.

An analysis of the signaling data may support the recognition of SPIT. Commercial Voice-over- IP software for providers of telephony services includes partially the possibility of a behavior-based analysis ( Behavioral Analysis ) of the SIP data, eg Acme Packet Palladium. Relevant parameters that provide evidence of SPIT, for example, a high call rate, a low proportion of successful (assumed ) calls, low call duration and number of simultaneous calls.

Legal

Legal situation in Germany

Telephone advertising using call machines is illegal in Germany without the prior express consent. The identity of the sender ( caller ) can not be concealed or manipulated. Details are set out in the Act against Unfair Competition ( UWG) and the Telecommunications Act ( TKG). There are fines provided to 50,000 EUR. The Federal Network Agency pursues unauthorized telephone advertising and affected consumers can inform them of sending unsolicited calls. The Federal Network Agency on their websites already have the relevant forms.