Countermeasures of Spam over Internet Telephony in SIP Campuses with MySQL and LDAP Support
description
Transcript of Countermeasures of Spam over Internet Telephony in SIP Campuses with MySQL and LDAP Support
Countermeasures of Spam over Internet Telephony in SIP.edu
Campuses with MySQL and LDAP Support
Speaker: Chang-Yu WuAdviser: Dr. Quincy WuSchool: National Chi Nan UniversityUnit: Graduate Institute of CSIEDate: 2007.10.24
2
Motivation
Session Initiation Protocol (SIP), is a signaling protocol for Internet conferencing, telephony, events notification and instant messaging.
What is VoIP Spam The VoIP Spam in the VoIP networks is also c
alled SPIT (Spam over Internet Telephony). It refers to unsolicited calls over VoIP network
s.
3
Related Work
Blacklists These are lists of e-mail or machine addresse
s from which are known to send spam mails. Whitelists
Lists of addresses from which all mails will be accepted.
Spam filtering tools SpamAssassin
http://spamassassin.apache.org/
4
SIP.edu
Build a community of Internet2 schools that is experimenting with enterprise SIP services.
Users should not be burdened with device
addresses. The initial SIP.edu architecture works by integ
rating the legacy campus PBX and person directory.
The SIP.edu becomes the effective tools which spammers use for sending SPIT.
5
SIP.edu Architecture
Alice
DNS SRV query _sip._udp.ncnu.edu.tw
INVITE
(sip:[email protected])
INVITE
(sip:[email protected])
Telephone number where username=bob
Bob’ phone
Ncnu.edu.tw
6
SIP.edu Architecture (cont)
AliceDNS SRV query _sip._udp.ncnu.edu.tw
INVITE
(sip:[email protected])
INVITE
(sip:[email protected])
REGISTER
(Contact: 163.22.21.83)
Bob’ phone
Ncnu.edu.tw
7
SEMS
SEMS(SIP express media server) is an extensible media server which helps us adding voice services to our VoIP system。
IP Telephone
SEMS SMTP server
SIP server
INVITE INVITE
200 OK 200 OK
RTP
SMTP
8
LDAP
Lightweight Directory Access Protocol (LDAP) is an application protocol for querying and modifying directory services running over TCP/IP. Optimized for lookups More easily extended
9
System Architecture
Use SIP.edu to be the basic environment of system. Support the function of the Voicemail in the system.
Use SIP.edu?Register? YES NO
YES SIP phone ringing SIP phone ringing
NO Campus phone ringing Voicemail
10
Flow chart Receive sip signal
Relay the call
Check request uri is
local?
Receive local request uri
SIP signal
YES
NO Request uri
YES
NO
YES Campus phone ringing
Call Database
Data
SIP phone ringing
YES
Use contact listService?
Register?
Register? NO
Voicemail
NO
YESNO
Data Database
SIP signal
Is Caller’s number on the contact list?
11
Automatically add callee into the contact list
Contactxxx xxxxxxxx xxxxx
Bob’ s contact list
BobAlice
SIP Proxy Server
(1) INVITE Alice
(2) Find Bob’ s Contact list
(6) INVITE Alice
(5) Update Acknowledged
(3) Save Alice’s data in Bob’ s contact list
(4) Update Acknowledged
12
Performance Measurement
Program codes MySQL modules in OpenSER MySQL commands from Unix shell scripts LDAP commands from Unix shell scripts
Stress-test Call setup scenario (powered by SIPp)
Max Allowed Rate: 10,000 calls Concurrent Calls: 0~8,000 calls (with interval 20
0) Total calls: 20,000 calls Duration time: 30 s
13
Call Failure Rate
0%
10%
20%
30%
40%
50%
60%
70%
80%
90%
100%
0 1000 2000 3000 4000 5000 6000 7000 8000
Concurrent calls
Faile
d ca
lls (p
erce
nt)
Pure SIPconfiguration
Mysql modules inOpenSER
Mysql commandsfrom Unix shellscriptsLDAP commandsfrom Unix shellscripts
14
Future work
Information transmission Improve call method of storing and searching
data.
Add data into contact list Design an interface that allows users to revise
the contact list by themselves.
15
Q&A
Thanks for your coming!