• Embed Doc
  • Copy Link
  • Readcast
  • Collections
  • CommentGo Back
Download
 
USING CAPTCHAs TO MITIGATE THEVoIP SPAM PROBLEM

 
ABSTRACT 
Voice over Internet Protocol (VoIP) is one of the emerging technologies today. This application offers the user a service by which one can call another person at a low cost as compare with traditional phone services. One drawback to the Internet is spam, which are unsolicited or unwanted objects which often appear as unwanted messages in various email applications. For VoIP, spam refers to unsolicited and unwanted calls by the VoIP user. In this paper, we have purposed a solution to prevent the spam in VoIP. The CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Human Apart) method aims to determine whether the call is coming from a human or a machine. The key contribution of this paper is a proof-of-concept implementation of a CAPTCHA mechanism to prevent VoIP Spam.
Keywords: CAPTCHA, VoIP, SPAM, VoIP user, integrate, VoIP client software 
1.0 INTRODUCTION
Voice over Internet Protocol (VoIP) is a technology which uses packet switched networks to transmit real voices viathe Internet. This technology also can be referred as IP telephony, Voice over broadband or Internet Telephony. Thetraditional telephony service which is PSTN (Public Switched Telephone Network) is circuit-switched, but VoIP usespacket networks since it uses Internet Protocol (IP) to transmit the voice packet. The VoIP application uses theSession Initiation Protocol (SIP) to establish calls between two VoIP users. Spam or unsolicited messages is one ofthe major problems for e-mail services. Since e-mail uses the Internet as a medium for communication, the problemof spam can be a major problem for VoIP as well since it is provides a similar service to e-mail.
1.1 Background Problem
VoIP offers a low cost beneficial on telephony services [1]. This advantage attracts the spammer to send spammessage using VoIP application since it offers a cheaper services rather than tradition telephony services. As far aswe are concerned, the spam message in VoIP can be annoying the VoIP user since the message is playingautomatically by itself. There are different types of VoIP spam [2]:i.
Call Spam
: Number of calls to attempt user VoIP. If user answers the call, the user hears a recordedmessage and the call ends when the message finishes. This type is used by spammers on PSTN formarketing and is used widely by telemarketers as well. This type of spam is also known as Spam overInternet Telephony (SPIT).ii.
IM Spam
: This type, which is similar to email spam, describes the bulk of unsolicited messages where thespammer uses Instant Messaging (IM) to send spam to the VoIP user. This type of spam is also known asSpam over Instant Messaging (SPIM)iii.
Presence Spam
: This is similar to IM Spam since it consists of a large number of unsolicited set ofpresence requests. It means that the message is trying to get authenticated or ‘white listed’ by the VoIPuser. This is also known as Spam over Presence Protocol (SPPP).In this paper, we are focusing on the call spam or SPIT problem in VoIP applications. As we know, most of spam inVoIP is in the form of automatic voice play which is a SPIT. SPIT is sending to the large number of user and whenuser accepts the call from the machine that sends the SPIT, the voice message is automatically play. The scenario isquite different with the email spam since the VoIP application is
synchronous
communication and email applicationis
asynchronous
. VoIP is
synchronous
since the communication initiates at the same time when the sender wantsto communicate with the receiver. The receiver and sender must be connected at the same time. In contrast, email is
asynchronous
since the receiver does not have to be connected with the sender to establish communication. Whenthe sender sends a message, the message is stored on a specific server and is unveiled by the receiver at a time ofhis choosing. Hence, this communication is asynchronous since the receiver does not connect with the sender at thesame time.Next section will describe on the Session Initiation Protocol (SIP) environment. Later on, the framework of theproposed method will be shown.
1.2 Session Initiation Protocol
SIP is one of the protocols for the VoIP application which has been standardized by the Internet Engineering TaskForce (IETF) [3]. It is used for the signalling process in the telephony application to initiate, establish and terminate
©Informatics '09, UM 2009
 
 RDT6 -
 
235
 Proceeding of the 3rd International Conference on Informatics and Technology, 2009
 
 
calls. There are two general components for SIP in the VoIP application environment: User Agent (UA) and SIPproxy. UA acts as a VoIP client while UA can be referred to as a client in SIP architecture. The call establishmentstarts on the UA side before it through to the other user. The SIP proxy is responsible to establish calls when a callrequest has been made by the UA. According to [3], there are four logical components which make up the basic SIParchitecture: UAs, registrars, proxy and redirect servers. UA acts as a client basis where it is responsible to initiatethe SIP request to another UA which is also a client. The registrars are responsible to manage all the UAs in thesame domain so it knows the SIP domain to which each client belongs. The proxy server acts as a router to forwardthe SIP request from UA to the UA destination. Redirect servers are responsible to redirect the SIP request toanother SIP network where the destination UA might be.
2.0 RELATED WORKS
There are number of method which has been implemented to prevent the VoIP spam problem. In method [8], theauthor uses a decoying system to block the SPIT senders. To block these unwanted calls, the author suggests adecoy be used to detect legitimate calls to the user. The decoy should be a non-existing user in the same proxy. Thisdecoy should have an address and the address should be posted on the Internet where the address can be detectedas a decoy by humans but not by machines. When the caller attempts to send to the decoys address two or moretimes, the user is automatically blocked. When the decoy receives or is hit by spammers, it automatically stores theinformation regarding the spammers and informs all other users about this sender’s information. The users can putthe sender information received from the decoys into their black lists account. Unfortunately, this technique is notfoolproof as it is dependent on the decoy’s address. If the spammer learns that a decoy has been set up, thespammer can change his information each time he sends spam.Signal analysis method has been suggested by [9] where it uses a signal in the voice message to detect all SPITmessages coming through the Gateway or SIP. The problem addressed here is that the caller recipient does notknow the caller’s identity and, of course, the caller could be a spammer. The author shows three ways to detect apattern from spammers. One of the detection methods used to identify the majority of spammers sending SPIT overthe network employs a unidirectional process [9]. The spammers use the FROM: header field which targets the VoIPnetwork proxy. As usual, all users are registered in the SIP proxy. From the SIP proxy, the message can be spreadinside the proxy or to another proxy. This technique is not applicable to the VoIP spam problem since the specifictechnique involves observation of the SPIT attack pattern. It also requires the VoIP user to observe all calls from anycaller, which makes the technique quite inefficient and inconvenient for the user.In research paper [10], the author used a ‘grey’ level as a threshold to determine whether the caller is a spammer ornot. The term ‘grey’ indicates its position on a level between the white and black lists [10]. The white and black listsare commonly used in the email system to prevent spam in email applications. All calls are analysed by the PMGalgorithm to determine whether they are VoIP spam or not. The result has a grey level value to be determined at acertain threshold. If the grey level value is higher than the threshold value, the call is identified as spam and blocked.The grey level of the caller is not permanent which means that it can change anytime regardless of the analysis of thecalls. The black list approach dictates that the caller is permanently blocked as the caller is unable to remove himselffrom the user black lists. PMG analyses call patterns when a user intends to establish calls. The grey level of thecaller is determined by analysing the way users make the calls over time [10]. The user’s calls are blocked when thegrey level reaches the limits of the given threshold. As previously mentioned, the PMG method is not permanent likethe black list approach, as the caller stops sending spam within a certain time [10]. This scenario makes the greylevel decrease and the caller is permitted to make calls again.
3.0 CAPTCHA METHOD
CAPTCHA (Completely Automated Public Turing Test to Tell Computers and Human Apart) uses the Turing Testapproach to determine whether the user or caller is human or machine [4]. Email is one application that uses theCAPTCHA method to prevent spam entering the user’s mailbox. The strength of this method and its success inpreventing spam in email made it appealing as a means of preventing spam in VoIP applications. Figure 1 shows anexample of CAPTCHA image.Fig. 1: Example of CAPTCHA image
©Informatics '09, UM 2009
 
 RDT6 -
 
236
 Proceeding of the 3rd International Conference on Informatics and Technology, 2009
 
 
The basic idea of this method is to implement a challenge-response application for call establishment in VoIPapplication. As shown on figure 2, Alice is trying to establish a call with Bob and Bob challenge Alice with CAPTCHAimages to prove Alice is a human rather than a machine. Alice needs to response with the correct answer of theCAPTCHA in order to establish calls with Bob.The main purpose of using the challenge-response is to prevent the spammer from establishing call with the VoIPusers. In order to implement this approach, the CAPTCHA application needs to be integrates with the existing UAclients. The CAPTCHA application has been implemented as a pop-up application in the existing UA client.In the next section, the implementation on this method will be described.Fig. 2: Challenge-Response Scenario for CAPTCHA Method
4.0 IMPLEMENTATION
Basically, the UA functionality is to establish a call between the UA and another UA. All the processes for establishinga call, initiating a call, and sending the SIP message request and response are done in the UA client software. Theapproach solution using a single
 
independent window program 
to shows a CAPTCHA image and to receive aninput which is the answer from the user. The window program has been implemented as a
pop-up window 
 application in the UA client where the pop-up window only executes when the UA intends to initiate a call withanother UA. The pop-up window is not executed if the UA receives a call from the other UA. The preliminary researchon this approach is to find a suitable way to fit the pop-up window program into the existing UA client to ensure all theprocesses mentioned above execute correctly.While most CAPTCHA applications are used in an Internet based environments, the proposed solution has beenimplemented in the UA client applications. This application has used only one CAPTCHA image which is shown inthe CAPTCHA window application. This image is identified by a URL (Uniform Resource Locator). For example, theURL for the CAPTCHA image is “http://10.1.1.2/try/images/captcha1.jpg” where this URL points to the location of theCAPTCHA image.In order to send the URL to the CAPTCHA pop-up window application, the TCP connection has been used for thispurpose. The TCP port is open when the user starts the call establishment process. When the user starts the call, therecipient is acknowledge it with the URL message of the CAPTCHA. Once the user has answered the CAPTCHAcorrectly, the call is established.As mentioned before, the integration of the CAPTCHA method with the existing UA client needs to be done. First ofall, the selection of suitable UA client has been made for this purpose.
4.1 MjUA SIP UA
Most VoIP applications are open source at the present time. As mentioned before, the approach for spam solution inVoIP is to be used in the VoIP client application software. One of the open source has been selected to implementthis research to see whether this approach is suitable on each open source VoIP client. For this research, we haveselected MjUA [11] from MjSIP application as a VoIP client for implementing the approach and integrate it.The main outcome of this project research is: the program is able to block spam calls without user interference. Theprogram automatically blocks any attempted call that is suspected to be spam with a challenge program embedded inthe VoIP client. Each call that attempts the VoIP client is not permitted to establish or request a call unless the senderprovides the correct CAPTCHA answer when challenged.Figure 3 shows the connection to Alice finally established after Bob answer the CAPTCHA correctly. In contrast toFigure 3, Figure 4 shows the VoIP client is blocked from establishing a call with Alice because the answer to theCAPTCHA is not correct. A pop-up window has appeared to alert the user that the call is not authorized.
©Informatics '09, UM 2009
 
 RDT6 -
 
237
 Proceeding of the 3rd International Conference on Informatics and Technology, 2009
 
of 00

Leave a Comment

You must be to leave a comment.
Submit
Characters: ...
You must be to leave a comment.
Submit
Characters: ...