Abstract
Spam over Internet Telephony (SPIT) is a threat to the use of Voice of IP (VoIP) systems. One kind of SPIT can make unsolicited bulk calls to victims’ voice mailboxes and then send them a prepared audio message. We detect this threat within a collaborative detection framework by comparing unknown VoIP flows with known SPIT samples since the same audio message generates VoIP flows with the same flow patterns (e.g., the sequence of packet sizes). In practice, however, these patterns are not exactly identical: (1) a VoIP flow may be unexpectedly altered by network impairments (e.g., delay jitter and packet loss); and (2) a sophisticated SPITer may dynamically generate each flow. For example, the SPITer employs a Text-To-Speech (TTS) synthesis engine to generate a speech audio instead of using a pre-recorded one. Thus, we measure the similarity among flows using local-sensitive hash algorithms. A close distance between the hash digest of flow x and a known SPIT suggests that flow x probably belongs the same bulk of the known SPIT. Finally, we also experimentally study the detection performance of the hash algorithms.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
SPIT on VoIP. Communications News (January 2005), http://findarticles.com/p/articles/mi_m0CMN/is_1_42/ai_n27865818/?tag=mantle_skin;content (visited at May16, 2011)
Balasubramaniyan, V.A., Ahamad, M., Park, H.: Callrank: Using call duration, social networks and pagerank to combat SPIT. In: Proceedings of CEAS 2007. ACM, New York (2007)
Bai, Y., Su, X., Bhargava, B.: Adaptive voice spam control with user behavior analysis. In: Proceedings of HPCC 2009. IEEE Computer Society, Los Alamitos (2009)
Quittek, J., Niccolini, S., Tartarelli, S., Stiemerling, M., Brunner, M., Ewald, T.: Detecting SPIT calls by checking human communication patterns. In: Proceedings of ICC 2007. IEEE Communication Society, Los Alamitos (2007)
Sarafijanovic, S., Perez, S., Boudec, J.L.: Improving digest-based collaborative spam detection. In: Proceedings of MIT Spam Conference 2008 (2008)
Damiani, E., Vimercati, S.D.C., Paraboschi, S., Samarati, P.: An open digest-based technique for spam detection. In: Proceedings of ISCA PDCCS 2004. ISCA (2004)
Wright, C., Ballard, L., Coull, S., Monrose, F., Masson, G.: Spot me if you can: Uncovering spoken phrases in encrypted VoIP conversations. In: Proceedings of S&P 2008. IEEE Computer Society, Los Alamitos (2008)
White, A.M., Matthews, A.R., Snow, K.Z., Monrose, F.: Phonotactic reconstruction of encrypted VoIP conversations: Hookt on fon-iks. In: Proceedings of S&P 2011. IEEE Computer Society, Los Alamitos (2011)
Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.: SIP: Session Initiation Protocol, RFC 3261 (2002)
Schulzrinne, H., Casner, S., Frederick, R., Jacobson, V.: RTP: A transport protocol for real-time applications, RFC 3550 (2003)
G.711, http://www.itu.int/rec/T-REC-G.711/e (visited at May 15, 2011)
Speex, http://www.speex.org/ (visited at May 15, 2011)
Schroeder, M., Atal, B.: Code-excited linear prediction (CELP): High-quality speech at very low bit rates. In: Proceedings of ICASSP 1985. IEEE Signaling Proceesing Society (1985)
Skype, www.Skype.com (visited at May 15th, 2011)
Festival, http://www.cstr.ed.ac.uk/projects/festival/ (visited at May 16, 2011)
Coskun, B., Memon, N.: Tracking encrypted VoIP calls via robust hashing of network flows. In: Proceedings of ICASSP 2010. IEEE Signaling Proceesing Society (2010)
Nilsimsa, http://ixazon.dynip.com/~cmeclax/nilsimsa.html (visited at May 16th, 2011)
Spamassassin, http://spamassassin.apache.org/ (visited at May 16, 2011)
SMS spam corpus, http://www.dt.fee.unicamp.br/~tiago/smsspamcollection/ (visited at May 16, 2011)
Rosenberg, J., Jennings, C.: The Session Initiation Protocol (SIP) and Spam, RFC 5039 (2008)
Shin, D., Ahn, J., Shim, C.: Progressive multi gray-leveling: a voice spam protection algorithm. IEEE Networks 20(5), 18–24 (2006)
Zhang, R., Gurtov, A.: Collaborative reputation-based voice spam filtering. In: Proceedings of DEXA Workshop 2009. IEEE Computer Society, Los Alamitos (2009)
Markkola, A., Lindqvist, J.: Accessible voice CAPTCHAs for internet telephony. In: Proceedings of SOAPS 2008. ACM, New York (2008)
Soupionis, Y., Gritzalis, D.: Audio CAPTCHA: Existing solutions assessment and a new implementation for VoIP telephony. Computers & Security 29(5), 603–618 (2010)
Salehin, S.M.A., Ventura, N.: Blocking unsolicited voice calls using decoys for the IMS. In: Proceedings of ICC 2007. IEEE Communication Society (2007)
Mehta, B., Nangia, S., Gupta, M., Nejdl, W.: Detecting image spam using visual features and near duplicate detection. In: Proceeding of WWW 2008. ACM, New York (2008)
Yeh, C., Lin, C.: Near-duplicate mail detection based on URL information for spam filtering. In: Chong, I., Kawahara, K. (eds.) ICOIN 2006. LNCS, vol. 3961, pp. 842–851. Springer, Heidelberg (2006)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2011 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zhang, G., Fischer-Hübner, S. (2011). Detecting Near-Duplicate SPITs in Voice Mailboxes Using Hashes. In: Lai, X., Zhou, J., Li, H. (eds) Information Security. ISC 2011. Lecture Notes in Computer Science, vol 7001. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-24861-0_11
Download citation
DOI: https://doi.org/10.1007/978-3-642-24861-0_11
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-24860-3
Online ISBN: 978-3-642-24861-0
eBook Packages: Computer ScienceComputer Science (R0)