Outbound SPIT Filter with Optimal Performance Guarantees

This paper presents a formal framework for identifying and filtering SPIT calls (SPam in Internet Telephony) in an outbound scenario with provable optimal performance. In so doing, our work is largely different from related previous work: our goal is to rigorously formalize the problem in terms of mathematical decision theory, find the optimal solution to the problem, and derive concrete bounds for its expected loss (number of mistakes the SPIT filter will make in the worst case). This goal is achieved by considering an abstracted scenario amenable to theoretical analysis, namely SPIT detection in an outbound scenario with pure sources. Our methodology is to first define the cost of making an error (false positive and false negative), apply Wald’s sequential probability ratio test to the individual sources, and then determine analytically error probabilities such that the resulting expected loss is minimized. The benefits of our approach are: (1) the method is optimal (in a sense defined in the paper); (2) the method does not rely on manual tuning and tweaking of parameters but is completely self-contained and mathematically justified; (3) the method is computationally simple and scalable. These are desirable features that would make our method a component of choice in larger, autonomic frameworks

Outbound SPIT Filter with Optimal Performance Guarantees

This paper presents a formal framework for identifying and filtering SPIT calls (SPam in Internet Telephony) in an outbound scenario with provable optimal performance. In so doing, our work is largely different from related previous work: our goal is to rigorously formalize the problem in terms of mathematical decision theory, find the optimal solution to the problem, and derive concrete bounds for its expected loss (number of mistakes the SPIT filter will make in the worst case). This goal is achieved by considering an abstracted scenario amenable to theoretical analysis, namely SPIT detection in an outbound scenario with pure sources. Our methodology is to first define the cost of making an error (false positive and false negative), apply Wald's sequential probability ratio test to the individual sources, and then determine analytically error probabilities such that the resulting expected loss is minimized. The benefits of our approach are: (1) the method is optimal (in a sense defined in the paper); (2) the method does not rely on manual tuning and tweaking of parameters but is completely self-contained and mathematically justified; (3) the method is computationally simple and scalable. These are desirable features that would make our method a component of choice in larger, autonomic frameworks.Comment: in submissio

Clustering VoIP caller for SPIT identification

The number of unsolicited and advertisement telephony calls over traditional and Internet telephony has rapidly increased over recent few years. Every year, the telecommunication regulators, law enforcement agencies and telecommunication operators receive a very large number of complaints against these unsolicited, unwanted calls. These unwanted calls not only bring financial loss to the users of the telephony but also annoy them with unwanted ringing alerts. Therefore, it is important for the operators to block telephony spammers at the edge of the network so to gain trust of their customers. In this paper, we propose a novel spam detection system by incorporating different social network features for combating unwanted callers at the edge of the network. To this extent the reputation of each caller is computed by processing call detailed records of user using three social network features that are the frequency of the calls between caller and the callee, the duration between caller and the callee and the number of outgoing partners associated with the caller. Once the reputation of the caller is computed, the caller is then places in a spam and non-spam clusters using unsupervised machine learning. The performance of the proposed approach is evaluated using a synthetic dataset generated by simulating the social behaviour of the spammers and the non-spammers. The evaluation results reveal that the proposed approach is highly effective in blocking spammer with 2% false positive rate under a large number of spammers. Moreover, the proposed approach does not require any change in the underlying VoIP network architecture, and also does not introduce any additional signalling delay in a call set-up phase

From Understanding Telephone Scams to Implementing Authenticated Caller ID Transmission

abstract: The telephone network is used by almost every person in the modern world. With the rise of Internet access to the PSTN, the telephone network today is rife with telephone spam and scams. Spam calls are significant annoyances for telephone users, unlike email spam, spam calls demand immediate attention. They are not only significant annoyances but also result in significant financial losses in the economy. According to complaint data from the FTC, complaints on illegal calls have made record numbers in recent years. Americans lose billions to fraud due to malicious telephone communication, despite various efforts to subdue telephone spam, scam, and robocalls. In this dissertation, a study of what causes the users to fall victim to telephone scams is presented, and it demonstrates that impersonation is at the heart of the problem. Most solutions today primarily rely on gathering offending caller IDs, however, they do not work effectively when the caller ID has been spoofed. Due to a lack of authentication in the PSTN caller ID transmission scheme, fraudsters can manipulate the caller ID to impersonate a trusted entity and further a variety of scams. To provide a solution to this fundamental problem, a novel architecture and method to authenticate the transmission of the caller ID is proposed. The solution enables the possibility of a security indicator which can provide an early warning to help users stay vigilant against telephone impersonation scams, as well as provide a foundation for existing and future defenses to stop unwanted telephone communication based on the caller ID information.Dissertation/ThesisDoctoral Dissertation Computer Science 201

Future benefits and applications of intelligent on-board processing to VSAT services

The trends and roles of VSAT services in the year 2010 time frame are examined based on an overall network and service model for that period. An estimate of the VSAT traffic is then made and the service and general network requirements are identified. In order to accommodate these traffic needs, four satellite VSAT architectures based on the use of fixed or scanning multibeam antennas in conjunction with IF switching or onboard regeneration and baseband processing are suggested. The performance of each of these architectures is assessed and the key enabling technologies are identified

A hybrid and cross-protocol architecture with semantics and syntax awareness to improve intrusion detection efficiency in Voice over IP environments

Includes abstract.Includes bibliographical references (leaves 134-140).Voice and data have been traditionally carried on different types of networks based on different technologies, namely, circuit switching and packet switching respectively. Convergence in networks enables carrying voice, video, and other data on the same packet-switched infrastructure, and provides various services related to these kinds of data in a unified way. Voice over Internet Protocol (VoIP) stands out as the standard that benefits from convergence by carrying voice calls over the packet-switched infrastructure of the Internet. Although sharing the same physical infrastructure with data networks makes convergence attractive in terms of cost and management, it also makes VoIP environments inherit all the security weaknesses of Internet Protocol (IP). In addition, VoIP networks come with their own set of security concerns. Voice traffic on converged networks is packet-switched and vulnerable to interception with the same techniques used to sniff other traffic on a Local Area Network (LAN) or Wide Area Network (WAN). Denial of Service attacks (DoS) are among the most critical threats to VoIP due to the disruption of service and loss of revenue they cause. VoIP systems are supposed to provide the same level of security provided by traditional Public Switched Telephone Networks (PSTNs), although more functionality and intelligence are distributed to the endpoints, and more protocols are involved to provide better service. A new design taking into consideration all the above factors with better techniques in Intrusion Detection are therefore needed. This thesis describes the design and implementation of a host-based Intrusion Detection System (IDS) that targets VoIP environments. Our intrusion detection system combines two types of modules for better detection capabilities, namely, a specification-based and a signaturebased module. Our specification-based module takes the specifications of VoIP applications and protocols as the detection baseline. Any deviation from the protocol’s proper behavior described by its specifications is considered anomaly. The Communicating Extended Finite State Machines model (CEFSMs) is used to trace the behavior of the protocols involved in VoIP, and to help exchange detection results among protocols in a stateful and cross-protocol manner. The signature-based module is built in part upon State Transition Analysis Techniques which are used to model and detect computer penetrations. Both detection modules allow for protocol-syntax and protocol-semantics awareness. Our intrusion detection uses the aforementioned techniques to cover the threats propagated via low-level protocols such as IP, ICMP, UDP, and TCP

Measuring Efficiency for Egyptian Textile and Apparel Industry Using Stochastic Frontier Analysis and Data Envelopment Analysis

This thesis gives an overall view of measuring efficiencies in the Egyptian textile and apparel industry via stochastic frontier analysis (SFA) and data envelopment analysis (DEA). Differences between the SFA and the DEA can lead to different estimates for some, or all of the units in an analysis. Measuring efficiency through production process, (inputs and outputs), lacking factors affecting supply chain operations and other key factors, such as value-adding capabilities, exchange rates, time, inventory turnover, quality, logistics, etc. can lead to inaccurate measures. Thus, to ensure accurate efficiency measures, these factors have to be considered. Techniques used are; SFA time-varying and metafrontier. Constructing a single production frontier based on all data points would cause an unfitting benchmark due to differences in production technologies, location, ownership type, etc. Hence, metafrontier allows grouping firms with similar characteristics into a separate group frontier for each region with single metafrontier applied to all groups. Empirical results show clear variability in efficiencies between private and public firms and shows that efficiency scores vary, when assessed against the metafrontier. The evidence also shows the major role of the supply chain factors in improving efficiencies for public firms

Graph databases and their application to the Italian Business Register for efficient search of relationships among companies

We studied and tested three of the major graph databases, and we compared them with a relational database. We worked on a dataset representing equity participations among companies, and we found out that the strong points of graph databases are: the purposely designed storage techniques; and their query languages. The main performance increments have been obtained when heavy graph situations are queried; for simpler situations and queries, a relational database performs equally wellope