nach oben

International Journal of Information Security

Erschienen in:

01.04.2016 | Regular Contribution

Behavior-based approach to detect spam over IP telephony attacks

verfasst von: Randa Jabeur Ben Chikha, Tarek Abbes, Wassim Ben Chikha, Adel Bouhoula

Erschienen in: International Journal of Information Security | Ausgabe 2/2016

Einloggen

Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.

search-config

KI-gestützte Suche

Aus

Abstract

Spam over IP telephony (SPIT) is expected to become a serious problem as the use of voice over IP grows. This kind of spam is appreciated by spammers due to its effectiveness and low cost. Many anti-SPIT solutions are applied to resolve this problem but there are still limited in some cases. Thus, in this paper, we propose a system to detect SPIT attacks through behavior-based approach. Our framework operates in three steps: (1) collecting significant calls attributes by exploring and analyzing network traces using OPNET environment; (2) applying sliding windows strategy to properly maintain the callers profiles; and (3) classifying caller (i.e., legitimate or SPITter) using ten supervised learning methods: NaïveBayes, BayesNet, SMO RBFKernel, SMO PolyKernel, MultiLayerPerceptron with two and three layers, NBTree, J48, Bagging and AdaBoostM1. The results of our experiments demonstrate the great performance of these methods. Our study, based on receiver operating characteristics curves, shows that the AdaBoostM1 classifier is more efficient than the other methods and achieve an almost perfect detection rate with acceptable training time.

Vorheriger Artikel Link-time smart card code hardening

Nächster Artikel A uniform approach for access control and business models with explicit rule realization

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 390 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Maschinenbau + Werkstoffe

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

über 102.000 Bücher
über 537 Zeitschriften

aus folgenden Fachgebieten:

Automobil + Motoren
Bauwesen + Immobilien
Business IT + Informatik
Elektrotechnik + Elektronik
Energie + Nachhaltigkeit
Finance + Banking
Management + Führung
Marketing + Vertrieb
Maschinenbau + Werkstoffe
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

über 67.000 Bücher
über 340 Zeitschriften

aus folgenden Fachgebieten:

Bauwesen + Immobilien
Business IT + Informatik
Finance + Banking
Management + Führung
Marketing + Vertrieb
Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

Jetzt informieren

Kolan, P., Dantu, R.: Socio-technical defense against voice spamming. ACM Trans. Auton. Adapt. Syst. (TAAS) 2(1), 2 (2007)CrossRef

Shin, D., Ahn, J., Shim, C.: Progressive multi gray-leveling: a voice spam protection algorithm. IEEE Netw. 20(5), 18–24 (2006)CrossRef

Yan, H., Sripanidkulchai, K., Zhang, H., Shae, Z.Y., Saha, D.: Incorporating active fingerprinting into spit prevention systems. In: Third Annual Security Workshop (VSW), 2006

Schlegel, R., Niccolini, S., Tartarelli, S., Brunner, M.: Spit prevention framework. In: Proceedings of IEEE GLOBECOM, pp. 1–6, Dec. 2006

Nassar, M., Dabbebi, O., Badonnel, R., Festor, O.: Risk management in voip infrastructure using support vector machines. In: Proceedings of International Conference on Network and Service Management (CNSM), pp. 48–55, Oct. 2010

Nassar, M., State, R., Festor, O.: Monitoring sip traffic using support vector machines. In: Proceedings of the International Symposium on Recent Advances in Intrusion Detection (RAID), pp. 311–330, 2008

Wu, Y.S., Bagchi, S., Singh, N., Wita, R.: Spam detection in voice-over-ip calls through semi-supervised clustering. In: Proceedings of Dependable Systems Networks, pp. 307–316, 2009

Keromytis, A.D.: A comprehensive survey of voice over ip security research. IEEE Commun. Surv. Tutor. 14(2), 514–537 (2012)CrossRef

Bai, Y., Su, X., Bhargava, B.: Adaptive voice spam control with user behavior analysis. In: Proceedings of IEEE International Conference on High Performance Computing and Communications (HPCC), pp. 354–361, Jun. 2009

10.

Rosenberg, J., Jennnings, C.: The session initiation protocol and spam. In: IETF Draft, Feb. 2007

11.

Hasen, M., Hansen, M., Moller, J., Rohwer, T., Tolkmit, C., Waack, H.: Developing a legally compliant reachability management system as a countermeasure against spit. In: VoIP Security Workshop, Berlin, Jun. 2006

12.

Dantu, R., Kolan, P.: Detecting spam in voip networks. In: Proceedings of the Steps to Reducing Unwanted Traffic On the Internet Workshop, Cambridge, pp. 31–37, Jul. 2005

13.

Radermacher, T.A.: Spam Prevention in Voice over IP Networks. Master’s thesis, University of Slazburg, Nov. 2005

14.

Mathieu, B., Niccolini, S., Sisalem, D.: Sdrs: a voice-over-ip spam detection and reaction system. IEEE Secur. Priv. 6, 52–59 (2008)CrossRef

15.

Levine, B.N., Shields, C., Margolin, N.B.: A survey of solutions to the sybil attack. In: Technical Report 2006–052, University of Massachusetts Amherst, MA, Oct. 2006

16.

Rebahi, Y., Sisalem, D.: Sip service providers and the spam problem. In: Workshop on Securing Voice over IP, Washington, DC, Jun. 2005

17.

Patankar, P., Nam, G., Kesidisand, G., Das, C.: Exploring anti-spam models in large scale voip systems. In: Proceedings of International Conference on Distributed Computing Systems, China, Jun. 2008

18.

Balasubramaniyan, V.A., Ahamad, M., Park, H.: Callrank: Combating spit using call duration, social networks and global reputation. In: Proceedings of Conference on Email and Anti-Spam, USA, Aug. 2007

19.

Soupionis, Y., Gritzalis, D.: Aspf: Adaptive anti-spit policy-based framework. In: Proceedings of International Conference on Availability, Reliability and Security (ARES), Aug. 2011

20.

Johansen, A.J.: Improvement of Spit Prevention Technique Based on Turing Test. PhD thesis, Mahanakorn University of Technology, 2010

21.

Quittek, J., Niccolini, S., Tartarelli, S., Stiemerling, M., Brunner, M., Ewald, T.: Detecting spit calls by checking human communication patterns. In: Proceedings of IEEE International Conference on Communications (ICC), pp. 1979–1984, 2007

22.

Kusumoto, T., Chen, E.Y., Itoh, M.: Using call patterns to detect unwanted communication callers. In: Proceedings of International Symposium on Applications and the Internet (SAINT), 2009

23.

Jabeur Ben Chikha, R., Abbes, T., Bouhoula, A.: A spit detection algorithm based on user’s call behavior. In: 21st International Conference on Software, Telecommunications and Computer Networks (SoftCOM), Sept. 2013

24.

Datar, M., Gionis, A., Indyk, P., Motwani, R.: Maintaining stream statistics over sliding windows. In: Proceedings of 13th Annual ACM-SIAM Symposium on Discrete Algorithms (SODA), pp. 635–644, Jan. 2002

25.

Golab, L., Garg, S., Ozsu, M.T.: On indexing sliding windows over on-line data streams. In: Proceedings of International Conference on Extending Database Technology (EDBT), pp. 712–729, 2004

26.

Bouckaert, R.: Bayesian Network Classifiers in Weka. Technical Report, Department of Computer Science, Waikato University, Hamilton, 2005

27.

John, G.H., Langley, P.: Estimating continuous distributions in bayesian classifiers. In: Proceedings of 11th Conference on Uncertainty in Artificial Intelligence, pp. 338–345. Morgan Kaufman, San Mateo (1995)

28.

Bishop, C.: Neural Networks for Pattern Recognition. Oxford University Press, Oxford (1995)MATH

29.

Kohavi, R., Quinlan, J.R.: Decision-tree discovery. In: Klosgen, W., Zytkow, J.M. (eds.) Handbook of Data Mining and Knowledge Discovery, Chap. 16.1.3. pp. 267–276. Oxford University Press (2002)

30.

Kohavi, R.: Scaling up the accuracy of naive-bayes classifiers: a decision-tree hybrid. In: Proceedings of 2nd International Conference on Knowledge Discovery and Data Mining (KDD), 1996

31.

Vapnik, V.N.: The Nature of Statistical Learning Theory, 2nd edn. Springer, New York (1999)MATH

32.

Cristianini, N., Shawe-Taylor, N.J.: An introduction to support vector machines. Cambridge University Press, Cambridge (2000)MATH

33.

Vapnik, V.N.: Statistical Learning Theory. Wiley, New York (1998)MATH

34.

Joachims, T.: Making large-scale svm learning practical. In: Schokopf, B., et al. (eds.) Advances in Kernel Methods-Support Vector Learning. MIT Press, Cambridge (1999)

35.

Platt, J.C.: Fast training of support vector machines using sequential minimal optimization. In: Schokopf, B., et al. (eds.) Advances in Kernel Methods: Support Vector Machines. MIT Press, Cambridge (1998)

36.

Scholkopf, B., Smola, A.: Learning with Kernels: Support Vector Machines, Regularization, Optimization and Beyond. The MIT Press, Cambridge (2002)

37.

Scholkopf, B., Kah-Kay, S., Burges, C., Girosi, F., Niyogi, P., Poggio, T., Vapnik, V.: Comparing support vector machines with gaussian kernels to radial basis function classifiers. In: Proceedings of Signal Processing, pp. 2758–2765, 1997

38.

Kumar, R., Indrayan, A.: Receiver operating characteristic (roc) curve for medical researchers. Indian Pediatr. 48(4), 277–287 (2011)CrossRef

39.

Breiman, L.: Arcing classifiers. Ann. Stat. 26(3), 801–849 (1998)MathSciNetCrossRefMATH

40.

Saber, E., Tekalp, A.M., Eschbach, R., Knox, K.: Automatic image annotation using adaptive color classification. Graphical Models Image Process. 58, 115–126 (1996)CrossRef

41.

Nori, F., Deypir, M., Sadreddini, M.H.: A sliding window based algorithm for frequent closed itemset mining over data streams. J. Syst. Softw. 86(3), 615–623 (2013)

42.

OPNET Technologies Inc. 2012. URL: http://www.opnet.com/

43.

Weka, Machine Learning Group at the University of Waikato. URL: http://www.cs.waikato.ac.nz/ml/weka/

44.

Fawcett, T.: An introduction to roc analysis. Pattern Recogn. Lett. 27, 861–874 (2006)CrossRef

45.

Bradley, A.P.: The use of the area under the ROC curve in the evaluation of machine learning algorithms. Pattern Recogn. 30, 1145–1159 (1997)CrossRef

46.

Wright, D.B.: Receiver operating characteristics curves. Encycl. Stat. Behav. Sci. 4, 1718–1721 (2005)

Titel: Behavior-based approach to detect spam over IP telephony attacks
verfasst von: Randa Jabeur Ben Chikha
Tarek Abbes
Wassim Ben Chikha
Adel Bouhoula
Publikationsdatum: 01.04.2016
Verlag: Springer Berlin Heidelberg
Erschienen in: International Journal of Information Security / Ausgabe 2/2016
Print ISSN: 1615-5262
Elektronische ISSN: 1615-5270
DOI: https://doi.org/10.1007/s10207-015-0281-1

Springer Professional

Abstract

Bitte loggen Sie sich ein, um Zugang zu Ihrer Lizenz zu erhalten.

Sie haben noch keine Lizenz? Dann Informieren Sie sich jetzt über unsere Produkte:

Springer Professional "Technik"

Springer Professional "Wirtschaft+Technik"

Springer Professional "Wirtschaft"

Weitere Artikel der Ausgabe 2/2016

Message from the Guest Editors

Link-time smart card code hardening

A hybrid approach to vector-based homomorphic tallying remote voting

A uniform approach for access control and business models with explicit rule realization

Preventing sensitive relationships disclosure for better social media preservation

Resolving privacy-preserving relationships over outsourced encrypted data storages

Premium Partner