SPIDER:

SPam over Internet telephony Detection sERvice

SPIDER is a two-years co-operative research project together with the European Union, started in October 2007, aiming at endowing the SME partners with an anti-spit framework to enhance their VoIP infrastructures and protect their customers from abuse.

The SPIDER objectives are:

• Design and implement a framework for secure VoIP calls to avoid misuse of VoIP for spam delivery
• Specify and develop tools for spam detection and suppression
• Support different means for detection that can be added based on user and provider specific needs
• Integration and testing of developed tools and solutions in a provider's VoIP infrastructure

SPIT as a future threat

Interest in Voice over IP (VoIP) has risen substantially in recent times, both from service providers and from consumers' point of view. While the concept of transferring Voice over data networks like the Internet is known already for a long time, only now this technology has become a major counterpart to the classic Public Switched Telephone Network (PSTN).

With Voice over IP calls being offered for free or for a flat rate, Spam over Internet Telephony (SPIT) has at least the same potential to become a major annoyance for users worldwide, as it is the current situation with e-mail spam. From a technological point of view, both communication methods have many similarities. For example, calling a huge user-base through a VoIP solution can be very cost effective for any sender; it can also be easily personalised. While such a development would naturally be annoying to individual users, a large spread of SPIT would reduce the attractiveness of VoIP in general and slow down its further commercial development.

The design of the SPIDER SPIT prevention framework is based on the following aspects,

• Benefiting from well known SPAM prevention technologies, such as white and black lists, filtering algorithms, User puzzles and charging techniques, by investigating them to assess their suitability for VoIP and adjusting them to take into account the characteristics of the VoIP technologies and systems.
• Investigating novel approaches, which are derived from the VoIP technology itself, such as audio analysis, inter-provider peering mechanisms or security enhancements for the used signaling protocols.
• The knowledge and tools used by current and innovative schemes are implemented as separate modules that are combined in a more general anti-SPIT solution
• Offering a customizable and configurable plat form that takes into account both, the needs and capabilities of large service providers, as well as single users.