Research Article
Call Behavioral Analysis to Thwart SPIT Attacks on VoIP Networks
@INPROCEEDINGS{10.1007/978-3-642-31909-9_31, author={Hemant Sengar and Xinyuan Wang and Arthur Nichols}, title={Call Behavioral Analysis to Thwart SPIT Attacks on VoIP Networks}, proceedings={Security and Privacy in Communication Networks. 7th International ICST Conference, SecureComm 2011, London, UK, September 7-9, 2011, Revised Selected Papers}, proceedings_a={SECURECOMM}, year={2012}, month={10}, keywords={Voice Spam SPIT VoIP Behavioral Analysis}, doi={10.1007/978-3-642-31909-9_31} }- Hemant Sengar
Xinyuan Wang
Arthur Nichols
Year: 2012
Call Behavioral Analysis to Thwart SPIT Attacks on VoIP Networks
SECURECOMM
Springer
DOI: 10.1007/978-3-642-31909-9_31
Abstract
The threat of voice spam, commonly known as Spam over Internet Telephony (SPIT) is a real and contemporary problem. If the problem remains unchecked then it may become as potent as email spam today. In this paper, we present two approaches to detect and prevent SPITting over the Internet. Both of our approaches are based on the anomaly detection of the distributions of selected call features (i.e., day and time of calling, call durations etc.). The first approach uses as a summarization tool and it is able to reliably detect individual spam VoIP calls at a microscopic level. The second approach is designed to detect groups of (potentially collaborating) VoIP spam calls at a macroscopic level. By computing of call durations of groups of calls, we are able to build profile of normal calls and reliably detect the deviation from normal human call behavior that are caused by bulk spam calls. We empirically validate our VoIP spam call detection approaches with real VoIP call traces obtained from a VoIP service provider network. Our experimental results show that call feature distributions can be used to build a fairly general and effective anomalous call behavior detection framework.
