|
NEC Detects SPIT |
|
|
|
Written by Adam Gosling
|
|
Monday, 29 January 2007 |
NEC Corporation has announced a new
technology designed to identify and prevent VoIP SPAM (SPam over
Internet Telephony) commmonly called SPIT.
We already have a
system to determine if a VoIP caller is lying , now we have a system to
determine if the caller is a person.
Dubbed VoIP SEAL the system
intercepts the caller to test whether a real person is on the line or
if there is simply a machine placing the call. The technology applies
what is know as a Turing Test which was a method actually first
described by Alan Turing in 1950. The test is designed to determine if
a conversation is being carried out by a machine of a real live person.
The SEAL technology will be at next month's 3GSM World Congress 2007 in Barcelona, Spain.
The idea is to identify the difference between calls arising from
spam-generating-software and calls from real individuals sop that the
real people can be connected through while the machine's are blocked.
The system is modular in design to allow for it to be adapted to new
kinds of SPIT attacks, without adjusting the system, by adding and
updating modules.
The module structure also allows the technology
to be adapted for deployment in a broad range of applications such as
SIP servers, home network equipment and terminal equipment.
NEC
used its own SPIT simulators to test the system which was shown to be
effective in detecting and blocking 99% of SPIT saving users the hassle
of unwanted automated calls.
NEC's SPIT attack simulation project
used calls taken at NEC's Network Laboratories (Heidelberg, Germany)
were used as samples in the SPIT attack simulation project. SPIT were
imitated from botnet calls.
The characteristics of botnets and the
content of calls originating from botnets are well known in the
industry. NEC employed botnets that have already been recorded in
literary documents. The SPIT detection rate was measured during the
project as 99%.
Effective SPIT protection could become a key
element in the VoIP security arsenal. The low-cost of VoIP calling has
raised fears the technology will lead to an explosion in promotional,
sales and even phishing SPIT.
NEC claims the cost of generating a
spam call over the Internet is cheaper than in a traditional network by
a factor of 1000. "As a result, the existing infrastructure for
producing spam e-mails (so called "botnets") can easily be modified to
also produce spam telephone calls," says the company.
"Today, the
number of spam emails is higher than the number of regular emails
produced jointly by all of the users in the Internet. If unsolicited
marketing and spam calls become as frequent as spam email,
constantly-ringing VoIP phones may hinder the spread of their use."
www.nec.com
Related news items Newer news items
Older news items
|
|
|
|
