VoIP spam

VoIP spam or SPIT (

voice over Internet Protocol (VoIP) technology.^[1]

VoIP systems, like

e-mail and other Internet applications, are susceptible to abuse by malicious parties who initiate unsolicited and unwanted communications, such as telemarketers and prank callers. VoIP calling rates are cheap, and the technology provides convenient, often free tools, such as Asterisk

and other applications.

The primary underlying technology driving this threat is the Session Initiation Protocol (SIP),^[2] which is a standard for VoIP telecommunications.

Various techniques have been devised to detect spam calls; some take effect even before the recipient has answered a call to disconnect it. These techniques rely on statistical analysis of the features of the call,^[3] such as the originating IP address, or features of the signalling and media messages.^[4]

Character

VoIP spam is characterized as unsolicited calls initiated by

Robocalls can be delivered automatically using telephony software, such as Asterisk

.

Mitigation

RFC 5039 [1] contains some basic methods for the mitigation of telephony spam over SIP:

Whitelists and blacklists
Consent-based communications
Reputation systems
Address obfuscation and limited-use addresses
Turing tests, CAPTCHAs, and computational puzzles
Payment
Legal actions

A strong identification of the caller, for example as described in RFC 4474,^[5] helps to mitigate SPIT. In a public switched telephone network (PSTN), the Caller ID permits caller identification, but at least the displayed caller ID can be spoofed.

Various SPIT mitigation methods and frameworks have been proposed. The vast amount of work on spam detection in emails does not directly apply here because of the real-time nature of the voice calls. A comprehensive survey of Voice over IP Security Research [1] (Chapter IV b) provides an overview. Many proposals focus on the reputation and the behavior of callers, while some focus on machine learning classifiers using features extracted from the control signals or the data of the call. A statistical analysis of the signaling traffic and in particular the call frequency can be used to detect anomalies, to observe and finally to black-list suspicious callers.^[3] A semi-supervised machine learning tool creates clusters of similar calls and a human operator can flag any given cluster as being spam. A Voice Spam Detector (VSD)^[6] is a multi-stage spam filter based on trust and reputation. The SPIDER project [2] proposes a SPIT mitigation architecture,^[7] which uses a detection layer consisting of various modules and a decision layer. The VoIP SEAL system^[8] uses different stages. After a signaling analysis in the first stage, the suspicious callers are subjected to tests (e.g. Audio-CAPTCHAs) and the callee is asked for feedback in later stages. SymRank^[9] adapts of the PageRank algorithm and computes the reputation of subscribers based on both incoming and outgoing calls. Furthermore, outliers in total talk duration and in repetitive and reciprocal calls can be used to detect suspicious callers.^[9]

SPIT detection can make use of sophisticated

semi-supervised machine learning algorithms. A protocol called pMPCK-Means^[4]

performs the detection as soon as the call is established providing the option of automatically hanging up a suspect call. It builds on the notion of clustering whereby calls with similar features are placed in a cluster for SPIT or legitimate calls and human input is used to mark which cluster corresponds to SPIT. Call features include those extracted directly from signaling traffic such as the source and destination addresses, extracted from media traffic, such as proportion of silence, and derived from calls, such as duration and frequency of calls.

SPIT detection and mitigation can also be based solely on the caller's audio data.

music identification) to detect calls with identical audio data including certain degradations (e.g., noise and different audio codecs). A robust Acoustic fingerprint (perceptual hashing) is derived from spectral parameters of the audio data and replayed calls are identified by a comparison of fingerprints.^[12] A prototype solution has been developed within the VIAT project

.

Researchers Azad and Morla (2013) conducted a study on detecting spam callers in a much accurate and secure approach. They invented a new scheme to detect spam calls without user interaction and prior reviewing the content of the message. The statistics from the several experiments showed this new system effectively detected spammers calling legitimate users without accessing the private information and user interaction.[13]

Implementation of mitigation

Little information is available about implementations of SPIT mitigation measures by telephone companies. Some recent smartphone vendors are incorporating notification of possible spam for incoming calls, such as Google in its Nexus Android devices^[14] and Apple in its iOS 10 release.^[15] SPIT is generally not yet considered to be a problem as critical as email spam. An automated analysis of the call signaling flow can help to discover SPIT. Commercial VoIP software for communication service providers may include a behavioral analysis, e.g. Acme Packet Palladion. Relevant parameters and indications of SPIT are, for example, a high call attempt frequency, concurrent calls, low call completion and low call duration average.

References

^
doi:10.17487/RFC5039
. Retrieved 14 October 2012.

doi:10.17487/RFC3261
. Retrieved 12 July 2010.

^ ^a ^b D. Shin, J. Ahn, and C. Shim, Progressive Multi Gray-Leveling: A Voice Spam Protection Algorithm, IEEE Network, vol. 20, pp. 18–24, 2006.

^
S2CID 7532017
.

doi:10.17487/RFC4474
. Retrieved 14 October 2012.

^ Dantu, Ram; Kolan, Prakash (July 2005). "Detecting Spam in VoIP Networks" (PDF). Proceedings of the USENIX Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI): 31–37 – via usenix.org.

^ Y. Rebahi, S. Dritsas, T. Golubenco, B. Pannier, and J. F. Juell, A Conceptual Architecture for SPIT Mitigation in SIP Handbook: Services, Technologies, and Security of Session Initiation Protocol, S. A. Ahson and M.Ilyas, Eds., CRCPress, Inc., 2009, ch. 23, pp. 563–582.

^ J. Seedorf, N. d’Heureuse, S. Niccolini, and T. Ewald, VoIP SEAL: A Research Prototype for Protecting Voice-over-IP Networks and Users, in Konferenzband der 4. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fu ̈r Informatik e.V.(GI), A. Alkassar and J. Siekmann, Eds., 2008.

^
S2CID 21432660
.

ISBN 978-963-9799-25-7
.

S2CID 24579647
.

^ Grutzek, G.; Strobl, J.; Mainka, B.; Kurth, F.; Pörschmann, C.; Knospe, H. (26 September 2012). "Perceptual Hashing for the Identification of Telephone Speech". Speech Communication; 10. ITG Symposium, 26-28 September 2012: 1–4.

doi:10.1016/j.cose.2013.07.006
.

^ "Use caller ID & spam protection - Nexus Help". support.google.com. Retrieved 22 January 2017.

^ "iOS 10's Phone app gains Voicemail Transcriptions, Spam Alerts, VoIP support". 13 June 2016. Retrieved 8 September 2016.

v
t
e
Unsolicited digital communication
Protocols
Email spam

Address munging

Bulk email software

Directory harvest attack

DNSBL

DNSWL

Email spoofing

Image spam

Joe job

Pink contract

Spambot

Other

Auto dialer

Cold calling

Flyposting

Junk fax

Messaging

Mobile phone

Newsgroup

Robocall

Spambot

Telemarketing

VoIP

Anti-spam

Client-side

Challenge–response spam filtering

Context filtering

Disposable email address

Distributed Checksum Clearinghouse

Email authentication

Greylisting

List poisoning

Naive Bayes spam filtering

Network Abuse Clearinghouse

SORBS

SpamCop

Spamhaus

Spamdexing

Blog spam

Cloaking

Doorway page

Forum spam

Google bombing

Keyword stuffing

Link farm

Referrer spam

Scraper site

Social spam

Spam blogs

Sping

URL redirection

Internet fraud

Advance-fee scam
Lottery scam

Make Money Fast

Phishing
Voice

Retrieved from "https://en.wikipedia.org/w/index.php?title=VoIP_spam&oldid=1166540631"

[rfc5039-1] 
doi:10.17487/RFC5039
. Retrieved 14 October 2012.

[rfc3261-2] :10.17487/RFC3261
. Retrieved 12 July 2010.

[:0-3] D. Shin, J. Ahn, and C. Shim, Progressive Multi Gray-Leveling: A Voice Spam Protection Algorithm, IEEE Network, vol. 20, pp. 18–24, 2006.

[:1-4] 
S2CID 7532017
.

[rfc4474-5] :10.17487/RFC4474
. Retrieved 14 October 2012.

[:2-6] Dantu, Ram; Kolan, Prakash (July 2005). "Detecting Spam in VoIP Networks" (PDF). Proceedings of the USENIX Workshop on Steps to Reducing Unwanted Traffic on the Internet (SRUTI): 31–37 – via usenix.org.

[7] Y. Rebahi, S. Dritsas, T. Golubenco, B. Pannier, and J. F. Juell, A Conceptual Architecture for SPIT Mitigation in SIP Handbook: Services, Technologies, and Security of Session Initiation Protocol, S. A. Ahson and M.Ilyas, Eds., CRCPress, Inc., 2009, ch. 23, pp. 563–582.

[8] J. Seedorf, N. d’Heureuse, S. Niccolini, and T. Ewald, VoIP SEAL: A Research Prototype for Protecting Voice-over-IP Networks and Users, in Konferenzband der 4. Jahrestagung des Fachbereichs Sicherheit der Gesellschaft fu ̈r Informatik e.V.(GI), A. Alkassar and J. Siekmann, Eds., 2008.

[Bokharaei-9] 
S2CID 21432660
.

[10] ISBN 978-963-9799-25-7
.

[11] S2CID 24579647
.

[12] Grutzek, G.; Strobl, J.; Mainka, B.; Kurth, F.; Pörschmann, C.; Knospe, H. (26 September 2012). "Perceptual Hashing for the Identification of Telephone Speech". Speech Communication; 10. ITG Symposium, 26-28 September 2012: 1–4.

[13] :10.1016/j.cose.2013.07.006
.

[14] "Use caller ID & spam protection - Nexus Help". support.google.com. Retrieved 22 January 2017.

[15] "iOS 10's Phone app gains Voicemail Transcriptions, Spam Alerts, VoIP support". 13 June 2016. Retrieved 8 September 2016.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[12]

[14]

[15]