A game-theoretic analysis of preventing spam over Internet Telephony via audio CAPTCHA-based authentication

Authors:
Yannis Soupionis;Remous-Aris Koutsiamanis;Pavlos Efraimidis;Dimitris Gritzalis
Affiliations:
Information Security and Critical Infrastructure Protection Research Laboratory, Department of Informatics, Athens University of Economics & Business, Athens, Greece. E-mails: {jsoup, dgrit}@aueb. ...;Department of Electrical and Computer Engineering, Democritus University of Thrace, Xanthi, Greece. E-mails: {akoutsia, pefraimi}@ee.duth.gr;Department of Electrical and Computer Engineering, Democritus University of Thrace, Xanthi, Greece. E-mails: {akoutsia, pefraimi}@ee.duth.gr;Information Security and Critical Infrastructure Protection Research Laboratory, Department of Informatics, Athens University of Economics & Business, Athens, Greece. E-mails: {jsoup, dgrit}@aueb. ...
Venue:
Journal of Computer Security
Year:
2014

Citing 19
Cited 0

Algorithms, games, and the internet

STOC '01 Proceedings of the thirty-third annual ACM symposium on Theory of computing
SIP: Understanding the Session Initiation Protocol, Second Edition

SIP: Understanding the Session Initiation Protocol, Second Edition
Challenges in Securing Voice over IP

IEEE Security and Privacy
Configuration of Detection Software: A Comparison of Decision and Game Theory Approaches

Decision Analysis
Algorithmic Game Theory

Algorithmic Game Theory
Exploring Anti-Spam Models in Large Scale VoIP Systems

ICDCS '08 Proceedings of the 2008 The 28th International Conference on Distributed Computing Systems
Spamalytics: an empirical analysis of spam marketing conversion

Proceedings of the 15th ACM conference on Computer and communications security
The complexity of computing a Nash equilibrium

Communications of the ACM - Inspiring Women in Computing
An Adaptive Policy-Based Approach to SPIT Management

ESORICS '08 Proceedings of the 13th European Symposium on Research in Computer Security: Computer Security
OntoSPIT: SPIT management through ontologies

Computer Communications
Voice-over-IP Security: Research and Practice

IEEE Security and Privacy
How Good Are Humans at Solving CAPTCHAs? A Large Scale Evaluation

SP '10 Proceedings of the 2010 IEEE Symposium on Security and Privacy
Are security experts useful? Bayesian Nash equilibria for network security games with limited information

ESORICS'10 Proceedings of the 15th European conference on Research in computer security
ASPF: Adaptive anti-SPIT Policy-based Framework

ARES '11 Proceedings of the 2011 Sixth International Conference on Availability, Reliability and Security
Internet Communications Using SIP: Delivering VoIP and Multimedia Services with Session Initiation Protocol

Internet Communications Using SIP: Delivering VoIP and Multimedia Services with Session Initiation Protocol
Formal analysis for robust anti-SPIT protection using model checking

International Journal of Information Security
Progressive multi gray-leveling: a voice spam protection algorithm

IEEE Network: The Magazine of Global Internetworking
Game theory meets network security and privacy

ACM Computing Surveys (CSUR)
SPIDER: A platform for managing SIP-based Spam over Internet Telephony SPIT

Journal of Computer Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

Spam over Internet Telephony SPIT is a potential source of disruption in Voice over IP VoIP systems. The use of anti-SPIT mechanisms, such as filters and audio CAPTCHA Completely Automated Public Turing Test to Tell Computer and Humans Apart can prevent unsolicited calls and lead to less unwanted traffic. In this paper, we present a game-theoretic model, in which the game is played between SPIT senders and internet telephony users. The game includes call filters and audio CAPTCHA, so as to classify incoming calls as legitimate or malicious. We show how the resulting model can be used to decide upon the trade-offs present in this problem and help us predict the SPIT sender's behavior. We also highlight the advantages in terms of SPIT call reduction of merely introducing CAPTCHA, and provide experimental verification of our results.