| VoIP, which is a brand new voice communication technology, has changed the way how people communicate in the era of PSTN and pulled close the distance between person and person. However, due to the complexity and openness characteristics of Internet, VoIP is suffering with threats caused by various factors. Spam over Internet Telephony (SPIT), which is a serious threat to VoIP application, consumes more network bandwidth than spam email dose and harasses end users more. Spam email has been effectively prevented and controlled, while the prevention and defense against SPIT is still in its early age and therefore it is necessary to study this anti-SPIT topic. SPIT attack has various forms and means, nonetheless, existing researches on anti-SPIT are limited to specific forms and means of SPIT. What’s more, existing system and architecture of anti-SPIT suffers from the evolution of SPIT attack techniques.This paper carries out the research in two aspects of technique and system on anti-SPIT. As a result of technique research, three key techniques has been applied and integrated into an anti-SPIT system implementation to ensure the effectiveness. The innovation achievements in this paper are as follows:(1) A method of SPIT level calculation is proposed based on the parameters of VoIP end user behaviors, so as to audit the suspicious level of SPIT user precisely. This SPIT level calculation method makes use of five behavior parameters, which are the number of callee, call duration, call rate, call rejection ratio and call interval. Each parameter is used to give a SPIT level respectively, then these SPTI levels are combined by a weight cumulative method to obtain the final score. The weights of parameters in combination are determined based on AHP(Analytic Hierarchy Process). The proposed calculation method combines a variety of user behavior parameters to quantify the extent of the suspicious user behavior accurately and prevent attackers from hiding. Experiments indicated that the SPIT level is a good measurement of the degree of user suspiciousness.(2) A conversation pattern based SPIT identification method is proposed. Based on conversation pattern, the features for SPIT identification, the time ratios of each conversation state and the state transform ratios in the whole conversation, are generated from a call. Then, by using a naive Bayesian classifier, the SPIT call is finally identified. Experiment results showed the identification of SPIT call is accurate, of which identification accuracy is96.4%and the false positive rate is1.395%, therefore it is confident with the effectiveness of this method.(3) In order to complement the collaboration among different anti-SPIT systems, a D-S evidence theory based reputation system is proposed in this paper. First of all, the local reputation is calculated based on user feedback and results of detection. Secondly, the local reputations are combined with the D-S evidence theory. Meanwhile, due to the distributed characteristic of this reputation model, we introduced a publish-subscribe mechanism to locate, query and update a reputation value quickly. In addition, the punishment mechanism and evidence distance based conflict resolution mechanism are introduced in the reputation model for anti-fraud to ensure the reliability and robustness of the reputation system. Simulation results showed that the use of the reputation model in SPIT prevention system can filter SPIT calls accurately, and prevent the SPIT threat effectively.These three key technologies are used to design a two-stage and multiple modules prevention system. Various aspects are considered during the system design, which include maximization of detection rate, minimization of false positive rate, decreasement of user involvement, reducing the inconvenience to the users, scalability and extensibility of the system and so on.This dissertation has proposed a complete SPIT prevention and treatment solution which is valuable to related theoretical and practical. |
PDF Full Text Request