Title of the deliverable : Spit detection and handling strategies for VoIP infrastructures

SIP provides new means for the establishing and maintaining multimedia, conference and voice sessions, as well as exchanging instance messages and presence information. On the other hand it suffices from several vulnerabilities that could be exploited by potential threats to contact SPam over Internet Telephony (SPIT) attacks, which generality are defined as the transmission of bulk unsolicited messages and calls. In this deliverable we have conducted a survey of the anti-spit mechanisms and frameworks that have been designed and implemented so far, followed by a theoretical evaluation framework, which is based on qualitative and quantitative criteria in terms of effectiveness. We have identified attack scenarios exploiting threats and vulnerabilities in order to understand how the attacks are likely to be delivered, in which portions of the network and in which phase of the call establishment. Additionally, we examine which of the SPIT identification criteria each framework fulfils. This document is intended to provide the basic requirements that should be encountered when a preventive, detecting and handling SPIT mechanism is under design and specification, as well as to identify the relative study contacted so far in this research and development area.

[1]  Dongwook Shin,et al.  Progressive multi gray-leveling: a voice spam protection algorithm , 2006, IEEE Network.

[2]  Giannis F. Marias,et al.  SIP Vulnerabilities and Anti-SPIT Mechanisms Assessment , 2007, 2007 16th International Conference on Computer Communications and Networks.

[3]  Jon Peterson,et al.  Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP) , 2006, RFC.

[4]  Jeff Hodges,et al.  Using SAML to protect the session initiation protocol (SIP) , 2006, IEEE Network.

[5]  S. Ventura,et al.  SIP intrusion detection and prevention: recommendations and prototype implementation , 2006, 1st IEEE Workshop on VoIP Management and Security, 2006..

[6]  Kumar Srivastava,et al.  Preventing Spam For SIP-based Instant Messages and Sessions , 2004 .

[7]  Kartik Gopalan,et al.  DMTP: Controlling Spam Through Message Delivery Differentiation , 2006, Networking.

[8]  Ram Dantu,et al.  Detecting Spam in VoIP Networks , 2005, SRUTI.

[9]  D. Sisalem,et al.  SIP Spam Detection , 2006, International Conference on Digital Telecommunications (ICDT'06).