Countermeasures of Spam over Internet Telephony in SIP.edu

Campuses with MySQL and LDAP Support

Speaker: Chang-Yu WuAdviser: Dr. Quincy WuSchool: National Chi Nan UniversityUnit: Graduate Institute of CSIEDate: 2007.10.24

2

Motivation

Session Initiation Protocol (SIP), is a signaling protocol for Internet conferencing, telephony, events notification and instant messaging.

What is VoIP Spam The VoIP Spam in the VoIP networks is also c

alled SPIT (Spam over Internet Telephony). It refers to unsolicited calls over VoIP network

s.

3

Related Work

Blacklists These are lists of e-mail or machine addresse

s from which are known to send spam mails. Whitelists

Lists of addresses from which all mails will be accepted.

Spam filtering tools SpamAssassin

http://spamassassin.apache.org/

4

SIP.edu

Build a community of Internet2 schools that is experimenting with enterprise SIP services.

Users should not be burdened with device

addresses. The initial SIP.edu architecture works by integ

rating the legacy campus PBX and person directory.

The SIP.edu becomes the effective tools which spammers use for sending SPIT.

5

SIP.edu Architecture

Alice

DNS SRV query _sip._udp.ncnu.edu.tw

INVITE

(sip:bob@ncnu.edu.tw)

INVITE

(sip:4762@gw.ncnu.edu.tw)

Telephone number where username=bob

Bob’ phone

Ncnu.edu.tw

6

SIP.edu Architecture (cont)

AliceDNS SRV query _sip._udp.ncnu.edu.tw

INVITE

(sip:bob@ncnu.edu.tw)

INVITE

(sip:Bob@163.22.21.83)

REGISTER

(Contact: 163.22.21.83)

Bob’ phone

Ncnu.edu.tw

7

SEMS

SEMS(SIP express media server) is an extensible media server which helps us adding voice services to our VoIP system。

IP Telephone

SEMS SMTP server

SIP server

INVITE INVITE

200 OK 200 OK

RTP

SMTP

mail

8

LDAP

Lightweight Directory Access Protocol (LDAP) is an application protocol for querying and modifying directory services running over TCP/IP. Optimized for lookups More easily extended

9

System Architecture

Use SIP.edu to be the basic environment of system. Support the function of the Voicemail in the system.

Use SIP.edu?Register? YES NO

YES SIP phone ringing SIP phone ringing

NO Campus phone ringing Voicemail

10

Flow chart Receive sip signal

Relay the call

Check request uri is

local?

Receive local request uri

SIP signal

YES

NO Request uri

YES

NO

YES Campus phone ringing

Call Database

Data

SIP phone ringing

YES

Use contact listService?

Register?

Register? NO

Voicemail

NO

YESNO

Data Database

SIP signal

Is Caller’s number on the contact list?

11

Automatically add callee into the contact list

Contactxxx xxxxxxxx xxxxx

Bob’ s contact list

BobAlice

SIP Proxy Server

(1) INVITE Alice

(2) Find Bob’ s Contact list

(6) INVITE Alice

(5) Update Acknowledged

(3) Save Alice’s data in Bob’ s contact list

(4) Update Acknowledged

12

Performance Measurement

Program codes MySQL modules in OpenSER MySQL commands from Unix shell scripts LDAP commands from Unix shell scripts

Stress-test Call setup scenario (powered by SIPp)

Max Allowed Rate: 10,000 calls Concurrent Calls: 0~8,000 calls (with interval 20

0) Total calls: 20,000 calls Duration time: 30 s

13

Call Failure Rate

0%

10%

20%

30%

40%

50%

60%

70%

80%

90%

100%

0 1000 2000 3000 4000 5000 6000 7000 8000

Concurrent calls

Faile

d ca

lls (p

erce

nt)

Pure SIPconfiguration

Mysql modules inOpenSER

Mysql commandsfrom Unix shellscriptsLDAP commandsfrom Unix shellscripts

14

Future work

Information transmission Improve call method of storing and searching

data.

Add data into contact list Design an interface that allows users to revise

the contact list by themselves.

15

Q&A

Thanks for your coming!