Presentation is loading. Please wait.

Presentation is loading. Please wait.

Preventing Spam For SIP-based Sessions and Instant Messages Kumar Srivastava Henning Schulzrinne June 10, 2004.

Similar presentations


Presentation on theme: "Preventing Spam For SIP-based Sessions and Instant Messages Kumar Srivastava Henning Schulzrinne June 10, 2004."— Presentation transcript:

1 Preventing Spam For SIP-based Sessions and Instant Messages Kumar Srivastava Henning Schulzrinne June 10, 2004

2 2 The Presentation… Overview of the problem of spam in SIP-based sessions Introduction to DAPES (Domain Authentication and Policy Enforcement for SIP) Introduction to “Bonded Domains” Future work and conclusion

3 3 Spam.. Formally, Spam can be defined as Unsolicited Bulk Communications (UBC) “Internet email” sent to a group of recipients who have not requested it The definition remains the same for SIP, but now we are talking in terms of SIP calls and instant messages

4 4 DAPES Supports communication with previously known and unknown entities Real-time and automated detection and classification of calls and instant messages as “spam” Prevents spoofing of domains, user identities Can be extended to ascertain trustworthiness of unknown entities

5 5 Domain Classification Classification of domains based on their identity instantiation and maintenance procedures plus other domain policies. Admission controlled domains Strict identity instantiation with long term relationships Example: Employees, students, bank customers Bonded domains Membership possible only through posting of bonds tied to a expected behavior Membership domains No personal verification of new members but verifiable identification required such as a valid credit card and/or payment Example: E-bay, phone and data carriers Open domains No limit or background check on identity creation and usage Example: Hotmail Open, rate limited domains Open but limits the number of messages per time unit and prevents account creation by bots Example: Yahoo

6 6 Authentication and Verification Verification of caller in two stages Verifying local user identities DIGEST authentication on INVITE and REGISTER Verifying outbound SIP proxies of incoming calls TLS Authentication and DNS SRV verification Reputation Information for determining trustworthiness of unknown caller Social Networks Problem can be reduced to “path existence” Does a friend I trust, trust this person Orkut, Friendster.. Reputation Systems Maintain records for domains and users and their reputation information and classification for domains. Support reputation queries and reputation updates by authenticated, valid and trustworthy users.

7 7 DAPES Architecture of DAPES

8 8 Bonded Domains Introduced in DAPES Spamming motivated by financial gains Imposes financial restrictions on potential spammers Idea is to ask users to post bonds against sending spam Have to ensure optimal bond amount and correct channeling of bond proceeds for successful working of the system

9 9 Reputation in social networks There are several types of social networks providing a rich source of reputation information Study aims to analyze relevant social networks and isolate features necessary for extracting correct reputation information

10 10 Conclusion As IP telephony becomes more popular, spammers will target SIP-based communication for sending spam It is necessary to build in features into SIP-domains to ensure that SIP-based communications do not fall prey to spam like in the case of e-mail


Download ppt "Preventing Spam For SIP-based Sessions and Instant Messages Kumar Srivastava Henning Schulzrinne June 10, 2004."

Similar presentations


Ads by Google