Presentation is loading. Please wait.

Presentation is loading. Please wait.

Michael Hirschbichler © 2008 Institute of Broadband CommunicationsVienna University of Technology Unsolicited Calls in IMS Spam, Spit - will we be facing.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "Michael Hirschbichler © 2008 Institute of Broadband CommunicationsVienna University of Technology Unsolicited Calls in IMS Spam, Spit - will we be facing."— Presentation transcript:

1 Michael Hirschbichler © 2008 Institute of Broadband CommunicationsVienna University of Technology Unsolicited Calls in IMS Spam, Spit - will we be facing SpIMS too?

2 2 © 2008 Institute of Broadband CommunicationsVienna University of Technology Overview Introduction into Spit IMS - Overview Is there a Spit-Threat in IMS at all? Strategies to avoid Spit in IMS Summary and Outlook

3 3 © 2008 Institute of Broadband CommunicationsVienna University of Technology Overview Introduction into Spit IMS - Overview Is there a Spit-Threat in IMS at all? Strategies to avoid Spit in IMS Summary and Outlook

4 4 © 2008 Institute of Broadband CommunicationsVienna University of Technology Why creating unsolicited calls Is it worth creating Spam over Internet Telephony? classic call-centerVoIP-based call-center fix-costs500€ (E1 with 30 channels) 30€ (512 kbs, capable handling 30 bidirectional calls with G.723.1- Codec) cost per call0.02€ per billing unit0.02€ per billing unit (SIP2PSTN) 0€ (SIP2SIP),

5 5 © 2008 Institute of Broadband CommunicationsVienna University of Technology „Spam over SIP“ In general, three type of "Spam" (RFC5039) –SPIT (Spam over Internet-Telephony) –SPIM (Spam over Instant Messaging) –SPPP (Spam over Presence Protocol) Usually, term SPIT is used for all types © 2008 Institute of Broadband CommunicationsVienna University of TechnologyMichael Hirschbichler

6 6 © 2008 Institute of Broadband CommunicationsVienna University of Technology Variants of SPIT Instant Messaging SPIT –Very much like Email –but more intrusive than Email-Spam Instant Messages usually pop up –No need to be deployed in realtime Presence Spam –unsolicited SUBSCRIBE messages –window pops up to add this user –the From:-identity contains the spam-content –From: –low amount of information

7 7 © 2008 Institute of Broadband CommunicationsVienna University of Technology Variants of SPIT Call Spam Occurs also in existing telephone networks but not in the same kind of volume as email spam Why not before? –“Cold calls” are not allowed in Germany and Austria –Too expensive in PSTN

8 8 © 2008 Institute of Broadband CommunicationsVienna University of Technology Different way of creating an Internet- Telephony Voice-Spit-Call Creating a call by … 1... using the own proxy: improbable: usually authentication needed 2... directly addressing Bob‘s Proxy very probable: no authenticatio needed 3.… directly addressing Bob‘s Userequipment improbable: IP-address and Port needed

9 9 © 2008 Institute of Broadband CommunicationsVienna University of Technology An example for distributed SPIT deployment 1.spitter captures a large amount of hosts by installing trojans 2.Uses this ‚botnet‘-infrastructure for sending SPIT Spitter Botnet VoIP-enabled devices

10 10 © 2008 Institute of Broadband CommunicationsVienna University of Technology Building Blocks for SPIT Prevention Classification –no interactions with call participants –caller-side interactions –callee interrupted by call –callee receives call –feedback from callee after call (RFC5039)

11 11 © 2008 Institute of Broadband CommunicationsVienna University of Technology Overview Introduction into Spit IMS - Overview Is there a Spit-Threat in IMS at all? Strategies to avoid Spit in IMS Summary and Outlook

12 12 © 2008 Institute of Broadband CommunicationsVienna University of Technology The IP Multimedia Subsystem (IMS) Architectural framework for delivering IP multimedia Originally designed by 3rd Generation Partnership Project (3GPP) –extended by 3GPP2, TISPAN For ease of integration, IETF specified protocols are used –SIP, SDP, Diameter, etc. No standardisation of applications, it isolates the access network from the service layer –IMS is access-agnostic –from GPRS over UMTS to LTE IMS is a key part for seamless mobility and mobile-fixed convergence

13 13 © 2008 Institute of Broadband CommunicationsVienna University of Technology Overview Introduction into Spit IMS - Overview Is there a Spit-Threat in IMS at all? Strategies to avoid Spit in IMS Summary and Outlook

14 14 © 2008 Institute of Broadband CommunicationsVienna University of Technology But why should this happen in IMS? "There can't be a threat, because IMS is a closed system only using SIP for signalling Handheld phones are closed-down devices Every call is either authenticated by CSCF - component or is transfered from another trusted provider There is no anonymity in the IMS"

15 15 © 2008 Institute of Broadband CommunicationsVienna University of Technology Closed system with manipulatable user equipment IMS is a closed system only using SIP for signalling... but lot of signalling and intelligence is located at the client –providers outsource important signalling parts to a device, they cannot rule anymore when given to the clients –if you hack the SIP-stack on the mobile, you may can manipulate/irritate the core components

16 16 © 2008 Institute of Broadband CommunicationsVienna University of Technology Handheld phones are locked devices Really? Apples iPhone Symbian based mobiles all other kinds of smartphones They protect the stack against unwanted access, but it is just a question of time when the first trojan is dispatched Closed system with manipulatable user equipment (II)

17 17 © 2008 Institute of Broadband CommunicationsVienna University of Technology Closed system with manipulatable user equipment (III) Every call is either authenticated by CSCF - component or is transfered from another trusted provider Possible threat A trojan create calls using the owners credentials The SPIT-flood will be –initiated by the spitter, but –delivered by the trojan-infected mobiles –with the owners account data

18 18 © 2008 Institute of Broadband CommunicationsVienna University of Technology What are the results? Results in calls with a valid P-Asserted-Identity:-URI and reliable authenticated against the CSCF undistinguishable for the called party from a 'real' call annoying amount of automatically generated incoming calls inextpectable costs for the trojan-infected client both results in a loss of reliance against the own provider

19 19 © 2008 Institute of Broadband CommunicationsVienna University of Technology Overview Introduction into Spit IMS - Overview Is there a Spit-Threat in IMS at all? Strategies to avoid Spit in IMS Summary and Outlook

20 20 © 2008 Institute of Broadband CommunicationsVienna University of Technology Avoiding the Spit/SpIMS - Threat Strategies to protect...

21 21 © 2008 Institute of Broadband CommunicationsVienna University of Technology Overview Introduction into Spit IMS - Overview Is there a Spit-Threat in IMS at all? Strategies to avoid Spit in IMS Summary and Outlook

22 22 © 2008 Institute of Broadband CommunicationsVienna University of Technology Summary and Outlook Spam is here Spit will come Spit using IMS - who knows... Our research topics We developed a Spit-analysing toolkit implemented in a SIP Proxy We will integrate this solution into an IMS- capable Application Server and later in a SBC

23 23 © 2008 Institute of Broadband CommunicationsVienna University of Technology Questions? Thanks for your attention! Institute of Broadband Communications Favoritenstrasse 9-11/388 A 1040 Vienna tel: +43 1 58801 38846 michael.hirschbichler@tuwien.ac.at http://www.ibk.tuwien.ac.at Michael HIRSCHBICHLER

24 24 © 2008 Institute of Broadband CommunicationsVienna University of Technology References Saverio Niccolini - “SPIT prevention: state of the art and research challenges” J. Rosenberg, C.Jennings, "RFC5239 - The Session Initiation Protocol (SIP) and Spam" H. Tschofenig, H. Schulzrinne, et.al. "A Framework to tackle Spam and Unwanted Communication for Internet Telephony"

25 25 © 2008 Institute of Broadband CommunicationsVienna University of Technology Avoiding the Spit/SpIMS - Threat mechanisms needed to protect –the callee –the caller –the own infrastucture Callee protection

26 26 © 2008 Institute of Broadband CommunicationsVienna University of Technology Caller protection Caller needs to be protected from creating unconscious calls on his costs Possible solutions default user-profile to alert unusual call behaviour reliable cost-control

27 27 © 2008 Institute of Broadband CommunicationsVienna University of Technology Callee protection two categories: User

28 28 © 2008 Institute of Broadband CommunicationsVienna University of Technology Avoiding the Spit/SpIMS - Threat Strategies to protect...

29 29 © 2008 Institute of Broadband CommunicationsVienna University of Technology Spam over Internet Telephony Upcoming threat

Download ppt "Michael Hirschbichler © 2008 Institute of Broadband CommunicationsVienna University of Technology Unsolicited Calls in IMS Spam, Spit - will we be facing."

Similar presentations

Johan Garcia Karlstads Universitet Datavetenskap 1 Datakommunikation II Signaling/Voice over IP / SIP Based on material from Henning Schulzrinne, Columbia.

Johan Garcia Karlstads Universitet Datavetenskap 1 Datakommunikation II Signaling/Voice over IP / SIP Based on material from Henning Schulzrinne, Columbia.
SIP & SS7 (SIP-02) Monday - 09/10/07, 10:00-10:45am.

SIP & SS7 (SIP-02) Monday - 09/10/07, 10:00-10:45am.
Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.

Security in VoIP Networks Juan C Pelaez Florida Atlantic University Security in VoIP Networks Juan C Pelaez Florida Atlantic University.
Chapter 5 standards for multimedia communications

Chapter 5 standards for multimedia communications
Mike Pluke1 Universal Communications Identifier (UCI) and the power of profiles Mike Pluke Castle Consulting Ltd. ETSI TC HF & STF265.

Mike Pluke1 Universal Communications Identifier (UCI) and the power of profiles Mike Pluke Castle Consulting Ltd. ETSI TC HF & STF265.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.

Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.

SIP and IMS Enabled Residential Gateway Sergio Romero Telefónica I+D Jan Önnegren Ericsson AB Alex De Smedt Thomson Telecom.
SIP Simplified August 2010 By Dale Anderson. SIP Simplified Session Initiation Protocol Core of SIP specifications is documented in IETF RFC 3261 Many.

SIP Simplified August 2010 By Dale Anderson. SIP Simplified Session Initiation Protocol Core of SIP specifications is documented in IETF RFC 3261 Many.
1 © NOKIA IPv6 / June 2003 / Jari Hamalainen Nokia North American Global IPv6 Summit San Diego, CA, U.S.A. June 26th, 2003 IPv6 Enabling Peer-to-Peer IMS.

1 © NOKIA IPv6 / June 2003 / Jari Hamalainen Nokia North American Global IPv6 Summit San Diego, CA, U.S.A. June 26th, 2003 IPv6 Enabling Peer-to-Peer IMS.
6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.

6 The IP Multimedia Subsystem Selected Topics in Information Security – Bazara Barry.
SIP and the application of SIP as used in 3GPP Keith Drage - Lucent Technologies.

SIP and the application of SIP as used in 3GPP Keith Drage - Lucent Technologies.
Fixed Mobile Convergence T-109.7510 Research Seminar on Telecommunications Business Johanna Heinonen.

Fixed Mobile Convergence T Research Seminar on Telecommunications Business Johanna Heinonen.
Testing SIP Services Over IP. Agenda  SIP testing – advanced scenarios  SIP testing - Real Life Examples.

Testing SIP Services Over IP. Agenda  SIP testing – advanced scenarios  SIP testing - Real Life Examples.
VoIP Technology Developments and Trends Henning Schulzrinne Columbia University.

VoIP Technology Developments and Trends Henning Schulzrinne Columbia University.
 3G is the third generation of tele standards and technology for mobile networking, superseding 2.5G. It is based on the International Telecommunication.

 3G is the third generation of tele standards and technology for mobile networking, superseding 2.5G. It is based on the International Telecommunication.
SIP vs H323 Over Wireless networks Presented by Srikar Reddy Yeruva Instructor Chin Chin Chang.

SIP vs H323 Over Wireless networks Presented by Srikar Reddy Yeruva Instructor Chin Chin Chang.
Internet Telephony Helen J. Wang Network Reading Group, Jan 27, 99 Acknowledgement: Jimmy, Bhaskar.

Internet Telephony Helen J. Wang Network Reading Group, Jan 27, 99 Acknowledgement: Jimmy, Bhaskar.
Preventing Spam For SIP-based Sessions and Instant Messages Kumar Srivastava Henning Schulzrinne June 10, 2004.

Preventing Spam For SIP-based Sessions and Instant Messages Kumar Srivastava Henning Schulzrinne June 10, 2004.
1 Extending SIP Speaker: Hsuan-Ming Chen Adviser: Ho-Ting Wu Date: 2005/04/26.

1 Extending SIP Speaker: Hsuan-Ming Chen Adviser: Ho-Ting Wu Date: 2005/04/26.
A Gateway For SIP Event Interworking - Sasu Tarkoma & Thalainayar Balasubramanian Ramya.

A Gateway For SIP Event Interworking - Sasu Tarkoma & Thalainayar Balasubramanian Ramya.

Similar presentations

Ads by Google