ASPF: Adaptive anti-SPIT Policy-based Framework

SPam over Internet Telephony (SPIT) is a rising IP voice telephony threat. Voice over IP enables the transmission of telephone calls over the Internet, as opposed to plain old telephone service. Internet Telephony essentially means low-cost phone calls, i.e. a clear benefit for both consumers and businesses, which may also lead to cheap methods of mass advertising. Still, industry observers warn that VoIP´s low-cost and openness makes it relatively easy for spammers to send unsolicited audio-commercials to VoIP voice-mail inboxes, in much the same way they currently bombard e-mail inboxes. In this paper we set the foundations of an adaptive approach that handles SPIT through an adaptive anti-SPIT policy-based framework (ASPF). ASPF incorporates a set of rules for SPIT detection, together with appropriate actions and controls that should be enforced, so as to counter these attacks. ASPF is formally described through an XML schema. A working prototype is also demonstrated for evaluating ASPF. The prototype is able to make policy alterations, based on abnormal network events.