Towards Standardized Prevention of Unsolicited Communications and Phishing Attacks

Authors

  • JaeSeung Song NEC Laboratories Europe
  • Andreas Kunz NEC Laboratories Europe

DOI:

https://doi.org/10.13052/jicts2245-800X.126

Keywords:

Spam, Unsolicited Communication, Voice Phishing, Call Id Spoofing

Abstract

The world of communication technology is changing fast and the means of communication are moving towards a packet switched transmission systems such as Voice over IP (VoIP). Formerly call identity spoofing of the displayed number in circuit switched (CS) networks was too difficult to perform so that people could be sure that when receiving a call on their mobile phone or at home, the displayed number is the one as it is supposed to be. Nowadays this is not the case anymore, voice communication from the internet with VoIP is cheap and spam calls can be easily realized without any costs, also it is getting easier to perform spoofed calls with wrong display name or number.

The mobile network operators have no mechanisms to tackle those threats, but standardization activities are already in place within the security group SA3 of 3GPP. This paper provides an overview of the current status of the standards activities and shows the most promising solutions that are proposed up to now. The proposed solutions detect unsolicited communications and spoofed calls by tracing back to the displayed number used in the attack.

Downloads

Download data is not yet available.

Author Biographies

JaeSeung Song, NEC Laboratories Europe

JaeSeung Song is currently working as a senior researcher and oneM2M standardization engineer at NEC Europe Ltd, Heidelberg, Germany.Previously, he worked for LG Electronics as a senior research engineerfrom 2002 to 2008. He received a PhD at Imperial College London in theDepartment of Computing, United Kingdom andBS and MS degrees fromSogang University.

Andreas Kunz, NEC Laboratories Europe

Andreas Kunz received his diploma degree and his Ph.D. in Electrical Engineering from the University of Siegen, Germany. He is working for NEC Laboratories Europe with focus on 3GPP standardization, mainly in the system architecture working group.

References

|3GPP TR 33.937 “Study of mechanisms for Protection against Unsolicited Communication for IMS (PUCI)”

|3GPP TR 33.838 “Study on Protection against Unsolicited Communication for IMS (PUCI)”

|3GPP S3-121245 “Security study on spoofed call detection and prevention;(Release 12)”

|3GPP TS 24.416 “TISPAN; PSTN/ISDN simulation services; Malicious Communication Identification (MCID); Protocol specification”

|ETSI TR 187 015 Ver. 3.1.1, “Telecommunications and Internet converged Services and Protocols for Advanced Networking (TISPAN); Prevention of Unsolicited Communication in the NGN”

|TR 187 009 Ver. 2.1.1 “Telecommunications and Internet Converged Services and Protocols for Advanced Networking (TISPAN); Feasibility study of prevention of unsolicited communication in the NGN”

Balasubramaniyan, V.A.|Poonawalla, A., Ahamad, M., Hunter, M.T., Traynor, P.: Pindr0p: using single-ended audio features to determine call provenance. In: Proceedings of the 17th ACM conference on Computer and communications security, CCS ‘10, pp. 109-120. ACM, New York, NY, USA (2010).

Rosenberg, J., Schulzrinne, H., Camarillo, G., Johnston, A., Peterson, J., Sparks, R., Handley, M., Schooler, E.|SIP: Session Initiation Protocol. RFC 3261 (Proposed Standard) (2002). URL http://www.ietf.org/rfc/rfc3261.txt

Chang, J.H., Lee, K.H.|Voice phishing detection technique based on minimum classification error method incorporating codec parameters. Signal Processing, IET 4(5), 502-509 (Oct.)

Kolan, P., Dantu, R.|Socio-technical defense against voice spamming. ACM Tranactions on Autonomous and Adaptive Systems (TAAS). 2(1) (2007)

Schmidt, A., Leicher, A., Shah, Y., Cha, I., Guccione, L.|Sender scorecards for the pre vention of unsolicited communication. In: Collaborative Security Technologies (CoSec), 2010 IEEE 2nd Workshop on, pp. 1-6 (2010)

|X.1231 Technical strategies for countering spam

|X.1242 Short message service (SMS) spam filtering system based on user-specified rules

|X.1243 Interactive gateway system for countering spam

|X.1244 Overall aspects of countering spam in IP-based multimedia applications

|X.1245 Framework for countering spam in IP-based multimedia applications

|3GPP TS 23.228 “IP Multimedia Subsystem (IMS); Stage 2”

Nico d’Heureuse, Jan Seedorf, Saverio Niccolini, Thilo Ewald|Protecting SIP-based Networks and Services from Unwanted Communications. IEEE “GLOBECOM” 2008

|3GPP TR 33.8de “Security study on spoofed call detection and prevention; (Release 12)”, S3-130242

Keromytis, A.|A survey of voice over ip security research. In: A. Prakash, I. Sen Gupta(eds.) Information Systems Security, Lecture Notes in Computer Science, vol. 5905, pp. 1 – 17. Springer Berlin Heidelberg (2009)

Quittek, J., Niccolini, S., Tartarelli, S., Schlegel, R.|On spam over internet telephony (SPIT) prevention. Communications Magazine, IEEE 46(8), 80 – 86 (2008)

Neumann, T., Tillwick, H., Olivier, M.|Information leakage in ubiquitous voice-over-ip communications. In Trust and Privacy in Digital Business, Lecture Notes in Computer Science, vol. 4083, pp. 233-242. (2006)

Nassar, M., Niccolini, S., State, R., Ewald, T.|Holistic voip intrusion detection and prevention system. In Proceedings of the 1st international conference on Principles, systems and applications of IP telecommunications, IPTComm ‘07, pp. 1-9 (2007)

J.Rosenberg and C. Jennings|“The Session Initiation Protocol (SIP) and Spam” IETF RFC 5039, jan. (2008)

Frost, N.|VoIP: VoIP threats – getting louder. Netw. Secur. 2006 (3), 16-18 (2006)

Downloads

Published

2021-05-02

Issue

Section

Articles

Most read articles by the same author(s)