An Adaptive Policy-Based Approach to SPIT Management

Authors:
Yannis Soupionis;Stelios Dritsas;Dimitris Gritzalis
Affiliations:
Information Security and Critical Infrastructure Protection Research Group, Dept. of Informatics, Athens University of Economics and Business, Athens, Greece GR-10434;Information Security and Critical Infrastructure Protection Research Group, Dept. of Informatics, Athens University of Economics and Business, Athens, Greece GR-10434;Information Security and Critical Infrastructure Protection Research Group, Dept. of Informatics, Athens University of Economics and Business, Athens, Greece GR-10434
Venue:
ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
Year:
2008

Citing 5
Cited 2

On specifying security policies for web documents with an XML-based language

SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
SPIT Detection and Prevention Method in VoIP Environment

ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Ranking attack graphs

RAID'06 Proceedings of the 9th international conference on Recent Advances in Intrusion Detection
Attack modeling of SIP-Oriented SPIT

CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
Security and management policy specification

IEEE Network: The Magazine of Global Internetworking

A formally verified mechanism for countering SPIT

CRITIS'10 Proceedings of the 5th international conference on Critical Information Infrastructures Security
A game-theoretic analysis of preventing spam over Internet Telephony via audio CAPTCHA-based authentication

Journal of Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Voice over IP (VoIP) is a key enabling technology, which provides new ways of communication. VoIP technologies take advantage of existing data networks to provide inexpensive voice communications world-wide as a promising alternative to the traditional telephone service. At the same time, VoIP provides the means for transmitting bulk unsolicited calls, namely SPam over Internet Telephony (SPIT). SPIT is, up to a given extend, similar to email spam. However, it is expected to be more frustrating because of the real-time processing requirements of voice calls. In this paper we set the foundations of an adaptive approach that handles SPIT through a policy-based management approach (aSPM). aSPM incorporates a set of rules for SPIT attacks detections, together with appropriate actions and controls that should be enforced so as to counter these attacks. Furthermore, the policy is formally described through an XML schema, which refers to both, the attack detection rules, and the corresponding defense actions.