Spam over Internet Telephony

from Wikipedia, the free encyclopedia

Spam over Internet Telephony (SPIT) is telephone spam that is transmitted over the Internet protocol with the help of IP telephony (Voice over IP). Telephone spam is the term used to describe unwanted telephone calls that are automated and imported in large numbers. Telephone spam is comparable to e-mail spam , but is currently less widespread and requires different protective measures due to the synchronous communication .

IP telephony , like e-mail and other Internet applications, is susceptible to abuse from unwanted messages and connections. Call machines can be used for telephone sales , telemarketing , for alleged profit announcements or as lure calls . In particular, IP telephony offers freely available software (such as Asterisk or SIPp) and inexpensive options for automatically placing a large number of calls. IP telephony is often based on the Session Initiation Protocol (SIP) for establishing, controlling and clearing telephone connections. After a SIP session has been set up and the called party has accepted the call, a pre-recorded spam message can be played. No audio data is transmitted for pure lock or ping calls.

SPIT is characterized by a large number of undesired and automatically generated telephone calls that are transmitted using the Internet Protocol. The caller (spammer) tries to set up a large number of connections with the help of suitable software and plays a recorded message as soon as the person called accepts the call. When using the widely used Session Initiation Protocol (SIP), the connections are initiated with INVITE messages, and then configured and established with further messages; the audio data are then transmitted via the Real-time Transport Protocol (RTP). The spammer can use telephony software such as B. Use Asterisk. The spam calls can also be transferred to the conventional telephone network ( PSTN ) via the telecommunications network operator's gateways .

Countermeasures

The Internet RFC 5039 contains a number of basic suggestions for protection against SPIT:

  • Black Lists and White Lists
  • Consent-Based Communications
  • Reputation Systems
  • Address Obfuscation and Limited-Use Addresses
  • Turing tests, captchas, computational puzzles
  • Payment
  • Legal Actions
  • Circles of Trust
  • Centralized SIP Providers

The reliable authentication of the caller, such as B. described in RFC 4474 , enables the identification of spammers and supports the defense against SPIT. The falsification of the sender's identity, which is common with e-mail spam, is more difficult in public telephone networks ( call ID spoofing ), since the telephone companies usually check the identity of the caller from their own network or determine it themselves.

Various protection mechanisms and architectures have been investigated and proposed as part of research activities. A comprehensive survey of Voice over IP Security Research (Chapter IV b) contains an overview. Many suggestions are based on the reputation and behavior of the caller. A statistical analysis of the signaling traffic and in particular the call frequency can be used to identify anomalies. The suspicious callers can be observed and finally blocked via a blacklist. The Voice Spam Detector (VSD) is a spam filter based on the reputation of the participants. The SPIDER project proposes an architecture on two levels. The detection layer consists of several modules for the detection of SPIT and the decision layer combines and classifies the results. The VoIP SEAL system consists of several stages. After the signaling analysis in the first step, the suspicious callers are subjected to tests in the second step (eg audio CAPTCHAs ). The called subscriber is then asked for consent and feedback. The authors of SymRank have evaluated anonymized data from a telephone company and propose several algorithms for SPIT detection. Callers with weak ties (weak ties), so lower cumulative talk time to many participants are considered to be conspicuous. They adapt the PageRank algorithm to incoming and outgoing calls and calculate a reputation measure. In addition, reciprocal connections can be classified as regular calls.

The detection and defense of SPIT can also be based on an analysis of the audio data. This approach uses audio identification methods (similar to music recognition) to identify calls with identical or similar audio data (e.g. in the event of noise, different audio codecs, temporal shifts and excerpts). A robust and compact acoustic fingerprint (audio hash) is determined from the spectral parameters of the audio data and repeated calls can be identified by comparing the audio hashes.

Implementation of the measures

Little information is currently available on the type and scope of the protective measures used by the telecommunications network operators . SPIT does not yet have a comparable meaning to e-mail spam and, in principle, spam calls also generate income for the operators.

An analysis of the signaling data can support the detection of SPIT. Commercial Voice-over-IP software for the providers of telephony services partly includes the possibility of a behavioral analysis of the SIP data, e.g. B.Acme Packet Palladion. Relevant parameters that provide information on SPIT are, for example, a high call frequency, a low proportion of successful (accepted) calls, a short connection duration and many simultaneous calls. Another option is to provide caller ID service providers with a broad database with black and white lists to protect against spam calls.

Legal position

Legal situation in Germany

Telephone advertising using call machines is illegal in Germany without prior express consent. The identity of the sender (caller) must not be concealed or manipulated. Details are regulated in the law against unfair competition and in the telecommunications law. Fines of between EUR 50,000 and EUR 300,000 are envisaged. The Federal Network Agency pursues unauthorized telephone advertising and affected consumers can inform them about unsolicited advertising professions. The Federal Network Agency has appropriate forms available on its website.

Individual evidence

  1. ^ SIP: Session Initiation Protocol (RFC 3261) . Internet Engineering Task Force . Retrieved July 12, 2010.
  2. ^ The Session Initiation Protocol (SIP) and Spam (RFC 5039) . Internet Engineering Task Force . Retrieved October 14, 2012.
  3. ^ Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP) (RFC 4474) . Internet Engineering Task Force . Retrieved October 14, 2012.
  4. A comprehensive survey of Voice over IP Security Research
  5. D. Shin, J. Ahn, C. Shim, Progressive Multi Gray-Leveling: A Voice Spam Protection Algorithm , IEEE Network, Vol. 20, pp. 18-24, 2006.
  6. R. Dantu and P. Kolan, Detecting Spam in VoIP Networks, in Proceedings of the USENIX Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI), pp. 31-37, July 2005.
  7. [1]
  8. Y. Rebahi et al. A Conceptual Architecture for SPIT Mitigation in SIP Handbook: Services, Technologies, and Security of Session Initiation Protocol, SA Ahson and M.Ilyas, Eds., CRCPress, Inc., 2009, chap. 23, pp. 563-582.
  9. J. Seedorf, N. d'Heureuse, S. Niccolini, T. Ewald, VoIP SEAL: A Research Prototype for Protecting Voice-over-IP Networks and Users, in: A. Alkassar and J. Siekmann, (Eds.) : Conference proceedings of the 4th annual conference of the security department of the Gesellschaft für Informatik e. V. 2008.
  10. HK Bokharaei et al .: You can SPIT, but you can't hide: Spammer identification in telephony networks, 2011 Proceedings IEEE INFOCOM, pp. 41-45, 2011.
  11. Y. Rebahi, S. Ehlert, A. Bergmann, A SPIT detection mechanism based on audio analysis, in Proceedings of 4th International Mobile Multimedia Communications Conference MobiMedia 2008 July 7-8 2008, Oulu, Finland. ICST; ACM, 2008.
  12. ^ D. Lentzen et al .: Content-based Detection and Prevention of Spam over IP Telephony - System Design, Prototype and First Results, IEEE International Communications Conference (ICC) 2011.
  13. G. grits et al .: Perceptual hashing for the Identification of Telephone Speech, Speech Communication; 10th ITG Symposium; Proceedings of, vol., No., Pp. 1-4, 26-28 Sept 2012.
  14. tellows - The community for telephone numbers and telephone spam - reverse search / inverse search. Retrieved July 11, 2018 .
  15. Unauthorized telephone advertising (cold calls) on the website of the Federal Network Agency http://www.bundesnetzagentur.de/DE/Sachgebiete/Telekommunikation/Verbrauch/UnerlaubteTelefonwerbung/unerlaubtetelefonwerbung-node.html visited on June 11, 2016