The Spam over Internet Telephony Era. Stelios Dritsas

Transcript

1 The Spam over Internet Telephony Era Stelios Dritsas September 2008

2 ΟΙΚΟΝΟΜΙΚΟ ΠΑΝΕΠΙΣΤΗΜΙΟ ΑΘΗΝΩΝ ΤΜΗΜΑ ΠΛΗΡΟΦΟΡΙΚΗΣ ΔΙΑΤΡΙΒΗ για την απόκτηση Διδακτορικού Διπλώματος του Τμήματος Πληροφορικής Στέλιου Δρίτσα Ασφάλεια στη Διαδικτυακή Τηλεφωνία: Διαχείριση Περιστατικών SPIT (Spam over Internet Telephony) Εξεταστική Επιτροπή: Συμβουλευτική Επιτροπή: Επιβλέπων: Δημήτρης Γκρίτζαλης, Αναπληρωτής Καθηγητής Οικονομικό Πανεπιστήμιο Αθηνών Μέλη: Σωκράτης Κάτσικας, Καθηγητής Πανεπιστήμιο Πειραιώς Κώστας Λαμπρινουδάκης, Επίκουρος Καθηγητής Πανεπιστήμιο Αιγαίου Δημήτρης Γκρίτζαλης, Αναπληρωτής Καθηγητής, Πρόεδρος Οικονομικό Πανεπιστήμιο Αθηνών Θεόδωρος Αποστολόπουλος, Καθηγητής Οικονομικό Πανεπιστήμιο Αθηνών Σωκράτης Κάτσικας, Καθηγητής Πανεπιστήμιο Πειραιώς Πάνος Κωνσταντόπουλος, Καθηγητής Οικονομικό Πανεπιστήμιο Αθηνών Νικόλαος Μήτρου, Καθηγητής Εθνικό Μετσόβειο Πολυτεχνείο Αθηνών Ίων Ανδρουτσόπουλος, Επίκουρος Καθηγητής Οικονομικό Πανεπιστήμιο Αθηνών Αθήνα, Σεπτέμβριος 2008 Κώστας Λαμπρινουδάκης, Επίκουρος Καθηγητής Πανεπιστήμιο Αιγαίου

3 "Η έγκριση διδακτορικής διατριβής υπό του Τμήματος Πληροφορικής του Οικονομικού Πανεπιστημίου Αθηνών δεν υποδηλοί αποδοχή των γνωμών του συγγραφέως". (Ν. 5343/ 1932, αρθρ. 202) Οικονομικό Πανεπιστήμιο Αθηνών 3

4 ΠΡΟΛΟΓΟΣ ΕΥΧΑΡΙΣΤΙΕΣ Με το πέρας μιας ερευνητικής προσπάθειας, της οποία η συγγραφή αποτελεί το επιστέγασμα της όλης πορείας, ολοκληρώνεται, συνήθως, ένα μακρύ, επίπονο, και θέλω να ελπίζω δημιουργικό ταξίδι. Σε αυτό το μακρύ δρόμο οι εμπειρίες που αποκομίστηκαν ήταν ιδιαίτερα σημαντικές - άλλοτε θετικές και άλλοτε αρνητικές. Στο πλαίσιο αυτό, θα ήθελα να ευχαριστήσω τους συναδέλφους και φίλους, που υποστήριξαν, βοήθησαν και συμμετείχαν ο καθένας με τον τρόπο του στην όλη προσπάθεια. Πρώτα και κύρια, εκφράζω τις θερμές ευχαριστίες μου στον επιβλέποντα καθηγητή μου κ. Δημήτρη Γκρίτζαλη για την εμπιστοσύνη και τη συνεχή του στήριξή του όλα αυτά τα χρόνια. Πέρα από τις πολύτιμες γνώσεις και εμπειρίες, σχετικά με τα ζητήματα Ασφάλειας των Πληροφοριακών και Επικοινωνιακών Συστημάτων, το σημαντικότερο στοιχείο που αποκόμισα, όλα τα χρόνια της συνεργασίας, μας είναι ότι με έμαθε να βλέπω τη ζωή υπό διαφορετικό πρίσμα, να σκέφτομαι πάντα θετικά και το κυριότερο να στηρίζομαι στις δυνάμεις μου αυτενεργώντας και παίρνοντας πρωτοβουλίες, έστω και αν κάποιες από αυτές είχαν ιδιαίτερο ρίσκο. Στη μεταξύ μας σχέση, ειλικρινά με εκφράζει το εξής απόσπασμα: What the teacher is, is more important than what he teaches (Κ. Menninger). Η διακριτική στήριξη των μελών της Τριμελούς Επιτροπής παρακολούθησης της διατριβής, του Καθηγητή κ. Σωκράτη Κάτσικα και του Επίκουρου Καθηγητή κ. Κώστα Λαμπρινουδάκη, κυρίως, σε θέματα ερευνητικών κατευθύνσεων της διατριβής ήταν πολύτιμη και διαρκής. Επιπρόσθετα, θα ήθελα να ευχαριστήσω τον καθηγητή κ. Πάνο Κωνσταντόπουλο, για την ουσιαστική του βοήθεια σε ένα σημαντικό κομμάτι της παρούσας διατριβής. Από τον μακρύ κατάλογο των συναδέλφων και φίλων, που επηρέασαν την έκβαση της εργασίας αυτής δε θα μπορούσα να εξαιρέσω τα μέλη της ερευνητικής ομάδας της Ασφάλειας Πληροφοριών και Προστασίας Κρίσιμων Υποδομών του Οικονομικού Πανεπιστημίου. Ειδική μνεία γίνεται στους Βασίλη Τσούμα, Γιάννη Μάλλιο Βίκη Ντρίτσου Μαριάνθη Θεοχαρίδου και Γιάννη Σουπιώνη με τους οποίους η συνεργασία μας, όλα αυτά τα χρόνια, με επηρέασαν βαθιά, τόσο σε ερευνητικό και συνεργατικό όσο και φιλικό επίπεδο. Οι συζητήσεις μας ήταν πλούσιες και εποικοδομητικές, ενισχύοντας σε μεγάλο βαθμό τη μεταξύ μας συνέργεια. Περαιτέρω, θα ήθελα να ευχαριστήσω τους μεταπτυχιακούς και προπτυχιακούς φοιτητές με τους οποίους συνεργάστηκα και αρκετά τμήματα της διατριβής συν-υλοποιήθηκαν. Παράλληλα, θα ήθελα να ευχαριστήσω την οικογένειά μου για τα όσα μου έχουν προσφέρει μέχρι σήμερα, ο καθένας από τη δική του πλευρά και με τις δικές του δυνατότητες καθώς και τη σύντροφό μου, Φαλιά, για την αγάπη, και, κυρίως, την υπομονή και ανοχή της καθ όλη τη διάρκεια της ερευνητικής μου προσπάθειας. Τέλος, θα ήθελα να ευχαριστήσω το φίλο Χρήστο Μ., κυρίως λόγω του ότι μέσω των μεταξύ μας συζητήσεων, Οικονομικό Πανεπιστήμιο Αθηνών 4

5 διαφωνιών και αστείων αλληλο-βοηθηθήκαμε σε διάφορους τομείς της ζωής και καθημερινότητάς μας. Οικονομικό Πανεπιστήμιο Αθηνών 5

6 Στην οικογένεια μου. Life does not put things in front of you that you are unable to handle Anonymous Οικονομικό Πανεπιστήμιο Αθηνών 6

7 References 1. Abdul-Rahman A., Hailes S., Supporting Trust in Virtual Communities, in the Proc. of the 33rd Hawaii International Conference on System Sciences, Agrawal D., Giles J., Lee K.-W., Lobo J., Policy Ratification. In Proc. of 6th IEEE International Workshop on Policies for Distributed Systems and Networks, Stockholm, Sweden, IEEE, June von Ahn L., Blum M., Hopper N., Langford J., CAPTCHA: Using hard AI problems for security, in Proc. Of 22nd Annual International Conference on the Theory and Applications of Cryptographic Techniques (EuroCrypt03), pp , Warsaw, Poland, May von Ahn L., Blum M,, Langford J., Telling Humans and Computers Apart Automatically in the Communications of the ACM, V.47, No. 2, pp , February aicaptcha, Using AI to beat CAPTCHA and post comment spam, Retrieved on December Amaral F., Bazilio C., da Silva G., Rademaker A., Haeusler E. H., An Ontology-based Approach to the Formalization of Information Security Policies, in the Proc. of the 10th International Enterprise Distributed Object Computing Conference Workshops (EDOCW06), pp. 1, IEEE Computer Society, Hong Kong, China, Androutsopoulos I., Paliouras G., Karkaletsis V., Sakkis G., Spyropoulos C.D., Stamatopoulos P., Learning to filter spam A comparison of a naive bayesian and a memory based approach, in Proc. of the Workshop on Machine Learning and Textual Information Access, 4th European Conference on Principles and Practice of Knowledge Discovery in Databases (PKDD 2000), pp. 1 13, Arboi M, The Nessus Attack Scripting Language Reference Guide, Baird H. S., Bentley J. L., "Implicit CAPTCHAs," in the Proc. of the Conference on Document Recognition and Retrieval XII (DR&R2005), pp , San Jose, CA, Balopoulos T., Dritsas S., Gymnopoulos L., Karyda M., Kokolakis S., Gritzalis S., "Incorporating Security Requirements into the Software Development Process", in Proc. of the ECIW th European Conference on Information Warfare and Security, A. Jone, B. Hutchinson (Eds.), United Kingdom, July V.A. Balasubramaniyan, M. Ahamad, H. Park, CallRank: Combating SPIT Using Call Duration, Social Networks and Global Reputation, in Proc. Of Fourth Conference on and Anti-Spam, August 2007, California, USA. 12. R. Baumann, S. Cavin, S. Schmid, Voice Over IP - Security and Spit, Swiss Army, FU Br 41, KryptDet Report, Univ. of Berne, September Bemmel J., Dockhorn P., Widya I., Paradigm: Event-driven Computing, White paper, Lucent Technologies, CTIT, December Berners-Lee T., Hendler J., Lassila O., The Semantic Web, In Scientific American. Available at : , (Accessed May 2008) Οικονομικό Πανεπιστήμιο Αθηνών 7

8 15. Berndtsson M., Calestam B., Graphical notations for active rules in UML and UML-A, in the ACM SIGSOFT Software Engineering Notes, Vol. 28,Issue 2, pp.2, ACM, Black U., Voice Over IP, Prentice Hall, Blum M. et al, The CAPTCHA Project, "Completely Automatic Public Turing Test to tell Computers and Humans Apart," Department of Computer Science, Carnegie-Mellon University, November 2000, Brewer, D., Thirumalai, S., Gomadam, K., Li, K. Towards an Ontology Driven Spam Filter. In Proc. of the 22nd IEEE International Conference on Data Engineering Workshops (ICDEW 06), pp. 79, Atlanta, GA, USA, 2006,. 19. Brickley D., Guha R., Resource Description Framework (RDF) Schema Specification 1.0, W3C Recommendation, December Burgess M., A Site Configuration Engine. USENIX Computing systems 8(3), Camarillo G., SIP Demystified, Mc Graw Hill, Secure Networks: Custom Attack Simulation Language (CASL), January Chan T.Y., "Using a text-to-speech synthesizer to generate a reverse Turing test" in the Proc. of the 15th IEEE International Conference on Tools with Artificial Intelligence, pp , Sacramento, USA, Chew M., Tygar J.D., Image Recognition CAPTCHAs, in the Proc. of the 7th Annual Information Security Conference (ISC 04), pp , Palo Alto, CA, September Chellapilla K., Simard P., Using machine learning to break visual human interaction proofs, in Proc. of the Advances in Neural Information Processing Systems (NIPS) Conference, pp , MIT Press, Canada, Chellapilla K., Simard P., Czerwinski M., Computers beat humans at single character recognition in reading-based human interaction proofs (HIPs), in Proc. of the Second Conference on and Anti-Spam (CEAS), pp. XXX-XXX, Palo Alto, CA, July Chellapilla K., Larson K., Simard P., Czerwinski M., Building Segmentation Based Human friendly Human Interaction Proofs (HIPs), in Proc. of the Second International Workshop on Human Interactive Proofs (HIP2005), Lecture Notes in Computer Science 3517, pp. 1-26, Springer Verlag, Bethlehem PA, USA, May Chen S., Tung B., Schnackenberg D., The Common Intrusion Detection Framework (CIDF), Position paper accepted to the Information Survivability Workshop, Orlando, Florida USA, October Jaeduck Choi, Souhwan Jung, Yujung Jang, Yoojae Won, Youngduk Cho, Experiments on SPIT in the Commercial VoIP Services, Internet Draft, Network Working Group, 2007, draft-choi-sipping-experiments-spit Clark, J., Koprinska, I. Poon J., A neural network based approach to automated classification, in. Proc. of the IEEE/WIC International Conference on Web Intelligence (WI03), pp , Coates A. L., Baird H. S., Fateman R., Pessimal Print: a Reverse Turing Test" in the Proc. of the 6th International Conference on Document Analysis and Recognition, pp , Seattle, WA, September Οικονομικό Πανεπιστήμιο Αθηνών 8

9 32. Cohen, W., Carvalbo, V., Mitchell, T. Learning to Classify into Speech Acts, in Proc. of the Empirical Methods in Natural Language Processing (EMNLP 2004), pp , Barcelona, Spain, Cortes C., Vapnik V., Support-vector networks, in Machine Learning, Vol. 20 (3), pp , Costales B., Flynt M., sendmail Milters A Guide for Fighting Spam, Addison Wesley Professional, Cristiatnini N, Shawe-Taylor J, An introduction to Support Vector Machines and Other Kernel-Based Learning Methods, Technical Report, Cambridge University Press, D. Crocker, V. Schryver, J. Levine, Technical Considerations for Spam Control Mechanisms, Internet Draft, Network Working Group, 2003, draft-crocker-spamtechconsider N. Croft, M. Olivier, "A Model for Spam Prevention in Voice over IP Networks using Anonymous Verifying Authorities," in Proc. of the 5th Annual Information Security South Africa Conference, South Africa, July Cuppens F., Ortalo R., LAMBDA: A Language to Model a Database for Detection of Attacks:, in: Proc. of the Third International Workshop on Recent Advances in Intrusion Detection, LNCS 1907, pp. 1, Springer, Toulouse, France, Damianou N., A Policy Framework for Management of Distributed Systems. Doctoral Thesis, Imperial College of Science, Technology and Medicine, University of London, London, DAML, The DARPA Agent Markup Language Homepage, Dantu R., Loper K., Kolan P., "Risk Management Using Behavior Based Attack Graphs", in Proc. of the IEEE International Conference on Information Technology (ITCC04), pp , IEEE Press, Las Vegas, USA, April R. Dantu, P. Kolan, Detecting Spam in VoIP Networks, in Proc. of Steps to Reducing Unwanted Traffic on the Internet Workshop, July 2005, USA. 43. Davis, R., Shrobe, H., Szolovits P, What is in a Knowledge Representation?, in the AI Magazine, pp , G. Dawirs, T. Froment, H. Tschofenig, Authorization Policies for Preventing SPIT, Internet-Draft, Network Working Group, 2007, draft-froment-sipping-spit-authzpolicies Dean M., et al., OWL Web Ontology Language Reference, W3C Recommendation, Decker S., et al., Ontobroker: Ontology based access to distributed and semistructured information, iin R. Meersman et al. (Eds.), DS-8: Semantic Issues in Multimedia Systems, Kluwer Academic Publishers, Devlic A., Extending CPL with context ontology, in the Proc. of the Innovative Mobile Applications of Context Workshop (IMAC06), pp. xxx-xxx, Espoo, Finland, Dhamija R., Tygar J.D., Phish and HIPs: Human Interactive Proofs to Detect Phising Attacks, in the Proc. of the 2 nd International Workshop on Human Interactive Proofs (HIP 05), eds. H. Baird, D. Lopresti, pp , May Οικονομικό Πανεπιστήμιο Αθηνών 9

10 49. Ding L., Kolari P., Ding Z., Avancha S., Finin T., Joshi A., "Using Ontologies in the Semantic Web: A Survey", Technical Report TR-CS-05-07, UMBC, July D. Malas, SIP End-to-End Performance Metrics, Internet Draft, Network Working Group, 2007, draft-malas-performance-metrics-07.txt 51. Internet Protocol Telephony and Voice Over Internet Protocol, Security Technical Implementation Guide, Report Developed by DISA for DoD, Ver. 2, Rel. 2, April S. Dongwook, A. Jinyoung, S. Choon, Progressive Multi Gray-Leveling: A Voice Spam Protection Algorithm, IEEE Network, 20(5), pp , Sept./Oct Dritsas S., Gymnopoulos L., Karyda M., Balopoulos T., Kokolakis S., Lambrinoudakis C., Gritzalis S., "Employing Ontologies for the Development of Security Critical Applications: The Secure e-poll Paradigm", in Proc. of the IFIP I3E International Conference on ebusiness, ecommerce, and egovernemnt, Funabashi M., Grzech A. (Eds.), pp , Springer, Poland, October Dritsas S., Mallios J., Gritzalis D., Labrinoudakis C., "Applicability of Privacy Enhancing Technologies in Ubiquitous Computing environments", in Proc. of the IEEE Workshop on Security, Privacy and Trust in Ubiquitous Computing (SecPerU-2005), pp , IEEE Press, Greece, August Dritsas S., Gritzalis D., Lambrinoudakis C., "Protecting privacy and anonymity in pervasive computing trends and perspectives", Telematics and Informatics Journal, Special Issue on Privacy and Anonymity in the Global Village, Vol. 23, No. 3, pp , Elsevier Science, Dritsas S., Tsaparas J., Gritzalis D., "A Generic Privacy Enhancing Technology for Pervasive Computing Environments", in Proc. of the 3 rd International Conference on Trust, Privacy and Security in Digital Business (TrustBus 2006/DEXA 2006), Furnell S., et al. (Eds.), pp , Lecture Notes in Computer Science (LNCS 4083), Springer, Poland, September Dritsas S., Mallios J., Theoharidou M., Marias G., Gritzalis D., "Threat analysis of the Session Initiation Protocol regarding spam", in Proc. of the 3 rd IEEE International Workshop on Information Assurance (in conjunction with the 26 th IEEE International Performance Computing and Communications Conference (IPCCC-2007), pp , IEEE Press, New Orleans, April S. Dritsas, J. Soupionis, M. Theoharidou, J. Mallios, D. Gritzalis, "SPIT Identification Criteria Implementations: Effectiveness and Lessons Learned", in Proc. of the 23rd International Information Security Conference (SEC-2008), Samarati P.,et al. (Eds.), Springer, Milan, September 2008 (to appear) 59. S. Dritsas, V. Dritsou, B. Tsoumas, P. Constantopoulos, D. Gritzalis, OntoSPIT: SPIT management through ontologies, Computer Communications, March Duan Z., Dong Y., Gopalan K., DMTP: Controlling spam through message delivery differentiation, in the Proc. of the 5th International IFIP-TC6 Networking Conference (Networking 06), Boavida, F.; Plagemann, Th.; Stiller, B.; Westphal, C.; Monteiro, E. (Eds.), Lecture Notes in Computer Science, Vol. 3976, Portugal, May Οικονομικό Πανεπιστήμιο Αθηνών 10

11 61. Duan Z., Gopalan K., Yuan X., Behavioral Characteristics of Spammers and Their Network Reachability Properties, in the Proc. of the IEEE International Conference on Communications (ICC '07), pp , June Dwork C., Naor M., Pricing via Processing or Combating Junk Mail, in the Proc. of the 22nd International Conference on cryptology (Crypto02), pp , Santa Barbara, California, USA, Eckmann St. T.; Vigna, G.; Kemmerer, R. A.: STATL: an Attack Language for Statebased Intrusion Detection, in Proc. of the ACM Workshop on Intrusion Detection, pp. 2, Athens, Greece, November Emigh A., Online Identity Theft: Phishing Technology, Chokepoints and Countermeasures, ITTC Report on Online Identity Theft Technology and Countermeasures, October Feiertag R., Kahn C., Porras P., Schnackenberg D.,Chen S.S., Tung B.(Eds), A Common Intrusion Specification Language (CISL), available at Gambetta D., Trust: Making and Breaking Cooperative Relations, Oxford: Basil Blackwell, Geneiatakis, D., Lambrinoudakis, C. An ontology description for SIP security flows. In Computer Communications, 2007, 30 (6) pp Gehani N.H., Jagadish H. V., Shmueli O., Event specification in an active objectoriented database, in Proc. of the International Conference on Management of Data (SIGMOD), pp , San Diego, California, Glasmann J, Kellerer W., Müller H, Service Architectures in H.323 and SIP: A Comparison, in IEEE Communications Surveys and Tutorials, Vol. 5, No.2, 4 th Quarter Gómez J.M., Bringas G., Sánz E. P., Content Based SMS Spam Filtering, in the Proc. of the ACM Symposium on Document Engineering (DocEng'06), Amsterdam, The Netherlands, October Goodman J., Rounthwaite R, Stopping Outgoing Spam, in the Proc. of the ACM Conference on Electronic Commerce (EC'04), New York, USa, May Gritzalis D., Mallios Y., "A SIP-based SPIT management framework", Computers & Security, 2008 (to appear). 73. Gruber T., Toward principles for the design of ontologies used for knowledge sharing, in Formal Ontology in Conceptual Analysis and Knowledge Representation, Kluwer Academic Publishers, Guarino N, Formal ontology, conceptual analysis and knowledge representation, in the International Journal of Human-Computer Studies, Vol 43, pp , Guarino N. Understanding, building and using ontologies, in the International Journal Of Human- Computer Studies, 46, (2-3), pp , Guha, R., Kumar R., Raghavan P., and Tomkins A., Propagation of trust and distrust. in the Proc. of the Thirteenth International World Wide Web Conference (WWW04), pp , New York, USA, Οικονομικό Πανεπιστήμιο Αθηνών 11

12 77. Packet-Based Multimedia Communications Systems, ITU-T Recommendation H.323, Hall R.V, CAPTCHA as a Web Security Control, Technical Report ( ), University of Houston-Victoria, Published at December 17, M. Hansen, M. Hansen, J. Moller, Developing a Legally Compliant Reachability Management System as a Countermeasure against SPIT, in Proc. Of the Third Annual VoIP Security Workshop, June 2006, Berlin, Germany. 80. Haskins R., Nielsen D., Slamming Spam: A Guide for System Administrators, Addison Wesley Professional, Hayton R. J., Bacon J. M., Moody, K., Access Control in an Open Distributed Environment, In Proc. of the IEEE Symposium on Security and Privacy, Oakland, California, U.S.A., May Heflin, J. (Editor), OWL Web Ontology Language Use Cases and Requirements, Web Ontology Working Group, W3C Recommendation, February Heflin, J. (Editor), Web Ontology Working Group. (2004). OWL Web Ontology Language Use Cases and Requirements, W3C Recommendation 10 February Available at (Σεπτέμβριος 2006). 84. Helmer G., Wong J., Slagell M., Honavar V., Miller L., A Software Fault Tree Approach to Requirements Analysis of an Intrusion Detection System, in Proc. of the ACM Symposium on Requirements Engineering for Information Security, USA, Holsapple C., Joshi K., A collaborative approach to ontology design, in Com. Of the ACM, 45(2):42-47, Horrocks I., Patel-Schneider P., Boley H., Tabet S., Grosof B., Dean M., SWRL: A Semantic Web Rule Language Combining OWL and RuleML, The DARPA Agent Markup Language Homepage, November Horrocks I., Patel-Schneider P. F., Boley H., Tabet S., Grosof B., Dean M., SWRL: A Semantic Web Rule Language Combining OWL and RuleML. W3C Recommendation, Jaebum L., Policy Considerations of VOIP, Working Party on Telecommunication and Information Services Policies, ICCP Committee, March Jajodia S., Samarati P., Sapino M. L., Subrahmanian, V. S., Flexible Support for Multiple Access Control Policies, ACM Transactions on Database Systems, 26(2), pp , C. Jennings, K. Ono, Example call flows using Session Initiation Protocol (SIP) security mechanisms, Internet Draft, Network Working Group, 2006, draft-ietf-sip-sec-flows C. Jennings, Computational Puzzles for SPAM Reduction in SIP, Internet Drafts, Network Working Group, 2007, draft-jennings-sip-hashcash Jha S., Sheyner O., Wing J., Two Formal Analyses of Attack Graphs, in Proc. of the 15th IEEE Computer Security Foundations Workshop, pp , IEEE Press, Canada, June Johnston A., SIP: Understanding the Session Initiation Protocol, 2nd edition, Artech House, Οικονομικό Πανεπιστήμιο Αθηνών 12

13 94. Jøsang A., Ismail R., Boyd C., A Survey of Trust and Reputation Systems for Online Service Provision, in Decision Support Systems, Kagal L., Finin T., Joshi, A., A policy language for a pervasive computing environment, In Proc. of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks. 96. KHASNABISH B., Implementing Voice over IP, Wiley InterScience, A. Khorsi, Djillali Liabes, An Overview of Content-Based Spam Filtering Techniques, in the Informatica Journal, Vol. 31, pp , (2007) 98. Kim, J., Dou, D., Liu, H., Kwak, D. Constructing A User Preference Ontology for Anti- Spam Mail Systems, in Proc. of the 20th Conference of the Canadian Society for Computational Studies of Intelligence, Canadian AI 2007, pp , Montreal, Canada, Konar A., Artificial Intelligence and Soft Computing: Behavioral and Congnitive Modeling of the Human Brain, CRC Press, Kotapati K., Liu P., LaPorta T., CAT - A Practical Graph and SDL Based Toolkit for Vulnerability Assessment of 3G Networks, in Proc. of the 21st IFIP International Information Security Conference (SEC 2006), pp , Springer, Sweden, May Lan M., Zhou W., Spam Filtering Based on Preference Ranking, in the Proc. of the 5th International Conference on Computer and Information Technology (CIT 05), pp , Dallas, USA, December Lassila O.,Swick R, Resource Description Framework (RDF) Model and Syntax Specification, W3C Recommendation, Technical report, World Wide Web Consortium, Lindqvist U., Porras P.A., Detecting computer and network misuse through the production-based expert system toolset (P-BEST), in Proc. of the IEEE Symposium on Security and Privacy, pp 2-4, Oakland, California Lobo J., Bhatia R., Naqvi, S., A Policy Description Language, In Proc. of 16th National Conf. on Artificial Intelligence, Orlando, Florida, USA, July B. Madhosingh, The Design of a Differentiated SIP to Control VoIP Spam, Technical Report, Computer Science Department, Florida State University, Mallios J., Dritsas S., Tsoumas B., Gritzalis D., "Attack modeling of SIP-oriented SPIT", in Proc. of the 2 nd IEEE-IFIP International Workshop on Critical Information Infrastructures Security (CRITIS '07), Spain, October Mandujano S., Galvan A., Nolazco J.A., An Ontology-based Multiagent Architecture for Outbound Intrusion Detection, in Proc. of the 3rd ACS/IEEE International Conference on Computer Systems and Applications (AICCSA-05), pp , Cairo, Egypt, January Marias G., Dritsas S., Theoharidou M., Mallios J., Gritzalis D., "SIP vulnerabilities and antispit mechanisms assessment", in Proc. of the 16 th IEEE International Conference on Computer Communications and Networks (ICCCN '07), pp , IEEE Press, Hawaii, August Οικονομικό Πανεπιστήμιο Αθηνών 13

14 109. B. Mathieu, et al., Spit Mitigation by a Network-Level Anti-Spit Entity, in Proc. of the 3rd Annual VoIP Security Workshop, June 2006, Germany Mauw S., Oostdijk M., Foundations of attack trees, in the Proc. of the 8th Annual International Conference on Information Security and Cryptology (ICISC 05), LNCS 3935, pp , Korea, McTaggart C., Kelly T., Reguraltory Aspects of IP Telephony, IP Telephony Workshop (IPTEL/03), ITU New Initiatives Programme, Strategies and Policy Unit (SPU), May Mehta V., Bartzis C., Zhu H., Clarke E., Wing J., Ranking Attack Graphs, in Proc. of Recent Advances in Intrusion Detection, pp , Springer, Germany, September Meier, M.; Bischof N.; Holz T, SHEDEL - A Simple Hierarchical Event Description Language for Specifying Attack Signatures,in Proc. of the 17th International Conference on Information Security, pp. 6-7, Kluwer, Seoul, South Korea, Michel, C.; Me L., ADeLe: an Attack Description Language for Knowledge-based Intrusion Detection, in Proc. of the International Conference on Information Security,pp. 2-3, Kluwer, Seoul, South Korea, June Middleton S. E.; Alani H.; Shadbolt N.; Roure D. D., Exploiting synergy between ontologies and recommender systems, in the Proc. of the International Workshop on the Semantic Web (WWW02), Frank, M.; Noy, N.; and Staab, S., eds., Vol. 55 of CEUR Workshop Proceedings, Hawaii, May, Mori G., Malik J., Recognizing objects in adversarial clutter: Breaking a visual captcha, in the Proc. of the IEEE Computer Society Conference on. Computer Vision and Pattern Recognition (CVPR03), pp , Madison Wisconsin, June Montaner M., López B., de la Rosa J. Ll., Developing Trust in Recommender Agents. In the Proc. of the First International Joint Conference on Autonomous Agents and Multiagent Systems Systems (AAMAS'02), Cristiano Castelfranchi and W., Lewis Johnson (Eds), ACM Press., Vol. 1, pp , Bologna, Italy, July, Montaner M., Lopez B., De La Rosa J. L., A taxonomy of recommender agents on the internet, in the Artificial Intelligence, Vol. 19, N. 4, pp , Kluwer, Moore A., Ellison R., Linger R., Attack modeling for information security and survivability, Software Engineering Institute Technical Report, CMU/SEI-2001, Mori G., Malik J., Recognizing Objects in Adversarial Clutter: Breaking a Visual CAPTCHA, in the Proc. of the IEEE Computer Society Conference on Computer Vision and Pattern Recognition, IEEE Computer Society TCPAM, Madison, Mui L., Mohtashemi M., Halberstad A., Notions of Reputation in Multi-Agents Systems: A Review, in the Proc. of the First International Joint Conference on Autonomous Agents and Multiagent Systems, pp , Naor M., Verification of a human in the loop or identification via the Turing test, Unpublished notes, September S. Niccolini, S. Tartarelli, M. Stiemerling, Requirements and methods for SPIT identification using feedbacks in SIP, Internet-Draft, Network Working Group, 2006, draft-niccolini-sipping-feedback-spit-00 Οικονομικό Πανεπιστήμιο Αθηνών 14

15 124. S. Niccolini, S. Tartarelli, M. Stiemerling, S. Srivastava, SIP Extensions for SPIT Identification, Internet Draft, Network Working Group, 2007, draft-niccolini-sippingfeedback-spit S. Niccolini, J. Quittek, Signaling To Prevent SPIT (SPITSTOP) Reference Scenario, Internet Draft, Network Working Group, 2007, draft-niccolini-sipping-spitstop S. Niccolini, Spit prevention: State of the art and research challenges, Network Laboratories, NEC Europe, Germany Ning P., Xu D., Learning attack strategies from intrusion alerts, in Proc. of the 10th ACM Conference on Computer and Communication Security, pp , ACM Press, USA, October D. Kuhn D., Walsh T., Fries S., Security Considerations for Voice Over IP Systems, Special Publication No , NIST, USA, January Noy, N. and Fergerson, R., Musen, M. The knowledge model of Protégé-2000: Combining interoperability and flexibility, in Proc. of the 12th International Conference on Knowledge Engineering and Knowledge Management (EKAW 2000), Juan-les-Pins, France, Noy, N. and McGuiness, D.L. Ontology development 101: A guide to creating your first ontology (2001). Technical Report SMI , Stanford Medical Informatics, Stanford University, Stanford, CA 94305, Oda T., White T., Developing an immunity to spam, in Proc. of the Genetic and Evolutionary Computation Conference (GECCO-2003), pp , OECD, Report of the the OECD Task Force on SPAM, Anti-SPAM toolkit of Recommended Policies and Measures, Task force Report on SPAM, April DAML+OIL, Reference Description W3C Note 18, December K. Ono, S. Tachimoto, End-to-middle Security in the Session Initiation Protocol (SIP), Internet Draft, Network Working Group, 2007, draft-ietf-sip-e2m-sec Opel A., Design and Implementation of a Support Tool for Attack Trees, Internship Thesis, Otto-von-Guericke University Magdeburg, March W3C Recommendation, The Ontology Web Language OWL. W3C Recommendation. (2004). The Ontology Web Language. Available at (August 2006) 138. W3C. (2004). W3C Recommendation ( ) OWL Guide. Available at (August 2006) 139. Palau J, Montaner M, Lpez B, de la Rosa J, Collaboration Analysis in Recommender Systems Using Social Networks, in the Proc. of the Eighth International Workshop on Cooperative Information Agents (CIA 2004), Lecture Notes in Computer Science, LNCS 3191, pp , Erfurt, Germany, September Park S., Kim J., Kang S., Analysis of applicability of traditional spam regulations to VoIP spam, in the Proc. of the 8th International Conference on Advanced Communication Technology (ICACT 06), Vol. 3, pp , Korea, February J. Peterson, C. Jennings, Enhancements for Authenticated Identity Management in the Session Initiation Protocol, RFC 4474, August Οικονομικό Πανεπιστήμιο Αθηνών 15

16 142. J. Peterson, C. Jennings, Enhancements for Authenticated Identity Management in the Session Initiation Protocol, RFC 4474, Network Working Group, August Pitsilis C., Marshall L., A Proposal for Trust-enabled P2P Recommendation Systems, Technical Report Series (CS-TR-910), University of Newcastle upon Tyne, Porter T. et al, Practical VoIP Security, Syngress, Prince M.B., Holloway L., Keller A.M., Understanding How Spammers Steal Your E- Mail Address: An Analysis of the First Six Months of Data from Project Honey, in the Proc. of the Second Conference on and Anti-Spam (CEAS05), California, USA. July Protégé Ontology Development Environment. (2005). Available at (Accessed April 2008) 147. PWNtcha Decoder, PWNtcha CAPTCHA decoder, Retrieved on October J. Quittek, S. Niccolini, S. Tartarelli, R. Schlegel, Prevention of Spam over IP Telephony (SPIT), NEC Technical Journal, Vol.1, No. 2, pp , May J. Quittek, S. Niccolini, S. Tartarelli, M. Stiemerling, M. Brunner, T. Ewald, Detecting SPIT Calls by Checking Human Communication Patterns, in Proc. of the IEEE International Conference on Communications, pp , IEEE Press, June RACER reasoner. Available at April 2008) 151. Ramachandran A., Feamster N. Understanding the Network-Level Behavior of Spammers, in the Proc. of the International Conference on the Special Interest Group on Data Communication (SIGCOMM 06), ACM Press, Vol. 36 Italy, Ranum M.J., Landeld K., Stolarchuck M., Sienkiewicz M., Lambeth A., Wall E., Implementing a Generalized Tool for Network Monitoring, in the Proc. of the Eleventh Systems Administration Conference (LISA 97), pp. 5, San Diego Mounji A., Languages and Tools for Rule-Based Distributed Intrusion Detection, PhD thesis, Facultes Universitaires Notre-Dame de la Paix Namur, Belgium, September Raskin V., Hempelmann C, Triezenberg K., Nirenburg S., Ontology in Information Security: A Useful Theoretical Foundation and Methodological Tool, In V. Raskin, et al. (Eds.), Proc. of the New Security Paradigms Workshop, ACM, New York, Y. Rebahi, D. Sisalem, T. Magedanz,, SIP Spam Detection, in Proc. of the International Conference on Digital Telecommunications, pp , August 2006, France Resnick P., Zeckhauser R., Trust among strangers in internet transactions: Empirical analysis of ebay s reputation system, Working Paper for the NBER workshop on empirical studies of electronic commerce, S. Kent, R. Atkinson, Security Architecture for the Internet Protocol, Network Working Group, November G. Lindberg, Anti-Spam Recommendations for SMTP MTAs, RFC 2505, Network Working Group, February J. Rosenberg, et al., SIP: Session Initiation Protocol, RFC 3261, Network Working Group, June Οικονομικό Πανεπιστήμιο Αθηνών 16

17 160. J. Rosenberg, H. Schulzrinne, Session Initiation Protocol (SIP): Locating SIP Servers, RFC 3263, Network Working Group, June T. Dierks, E. Rescorla, The TLS Protocol, Version 1.1, Network Working Group, April J. Rosenberg, G. Camarillo, Requirements for Consent-Based Communications in SIP, RFC 4453, Network Working Group, April J. Peterson, C. Jennings, Enhancements for Authenticated Identity Management in the Session Initiation Protocol (SIP), RFC 4474, Network Working Group, August Debar H., Curry D., Feinstein B., The Intrusion Detection Message Exchange Format (IDMEF), RFC 4765, Network Working Group, March J. Elwell, Connected Identity in the Session Initiation Protocol (SIP), RFC 4916, Network Working Group, June J. Rosenberg, C. Jennings, The Session Initiation Protocol (SIP) and Spam, RFC 5039, Network Working Group, January J. Rosenberg, Rejecting Anonymous Requests in the Session Initiation Protocol (SIP), Internet Draft, Network Working Group, 2006, draft-ietf-sip-acr-code J. Rosenberg, G. Camarillo, Ed. Ericsson, D. Willis, A Framework for Consent-Based Communications in the Session Initiation Protocol (SIP), Internet Draft, Network Working Group, 2006, draft-ietf-sip-consent-framework J. Rosenberg, J. Peterson, The Session Initiation Protocol (SIP) and Spam, Internet Draft, Network Working Group, 2007, draft-ietf-sipping-spam J. Rosenberg, A Hitchhiker's Guide to the Session Initiation Protocol (SIP), Internet Draft, Network Working Group, 2007, draft-ietf-sip-hitchhikers-guide J. Rosenberg, Identification of Communications Services in the Session Initiation Protocol (SIP), Internet Draft, Network Working Group, 2007, draft-ietf-sippingservice-identification Sakkis G., Androutsopoulos I., Paliouras G., Karkaletsis V., Spyropoulos C.D., Stamatopoulos P., A memory-based approach to antispam filtering for mailing lists, In Information Retrieval, Vol. 6, pp , El Sawda S., Urien P., SIP Security Attacks and Solutions: A state-of-the-art review, in Proc. of IEEE International Conference on Information & Communication Technologies:From Theory to Applications (ICTTA 06), Vol. 2, pp , Syria, April Schumacher M., Security Engineering with Patterns, PhD Thesis, in the Lecture Notes in Computer Science, LNCS 2754, Springer, Schwartz A., SpamAssassin, O'Reilly, D. Schwartz, B. Sterman,E. Katz, H. Tschofenig, SPAM for Internet Telephony (SPIT) Prevention using the Security Assertion Markup Language (SAML), Internet-Draft, Network Working Group, 2006, draft-schwartz-sipping-spit-saml Schneier B., Attack Trees, in the Dr. Dobbs Journal, December Schulzrinne H., Rosenberg J., Internet Telephony: Architecture and Protocols an IETF Perspective, in Computer Networks, Vol. 31, Issue 3, , Feb Οικονομικό Πανεπιστήμιο Αθηνών 17

18 179. Secker A., Freitas A., Timmis J., Aisec: An artificial immune system for classification, in Proc. of the Congress on Evolutionary Computation, pp , December Sheyner O., Wing J., "Tools for Generating and Analyzing Attack Graphs", in Proc. of the Workshop on Formal Methods for Components and Objects, pp , LNCS, Springer, The Netherlands, Shirali-Shahreza M.H., Shirali-Shahreza M., Persian/Arabic Baffletext CAPTCHA, in the Journal of Universal, Computer Science (J.UCS), Vol. 12, N.12, pp , December Shiping C. S., Wang X., Jajodia S., On the anonymity and traceability of peer-to-peer VoIP calls, in the IEEE Network, Vol 20, Iss. 5, pp , September/ October Sinnreich H., Johnston B. A., Internet Communications Using SIP: Delivering VoIP and Multimedia Services with Session, Second Edition, Wiley Publishing Inc., Sisalem D., Areas for SIP Enhancements, Next-GEN open Service Solution over IP (N- GOSSIP), Project Report, June Sisalem D., Kuthan J., Ehlert S., Denial of Service Attacks Targeting a SIP VoIP Infrastructure: Attack Scenarios and Prevention Mechanisms, IEEE Network Journal, Vol. 20, No. 5, pp , September-October Sloman M. S., "Policy Driven Management for Distributed Systems.", in Journal of Network and Systems Management 2(4), pp , Smartfrog, Available at (August 2006) 188. Smith B., Ontology, in the Blackwell guide to philosophy, information and computers, L. Floridi (ed.), pp , Oxford Blackwell, Soupionis Y., Dritsas S., Gritzalis D., "An adaptive policy-based approach to SPIT management", in Proc. of the 13th European Symposium on Research in Computer Security (ESORICS 2008), Lopez J., Jajodia S. (Eds.), Springer, Malaga, October Spammer X., Inside the SPAM Cartel: Trade Secrets From the Dark Side, Syngress Publishing, K. Srivastava, H. Schulzrinne, Preventing Spam For SIP-based Instant Messages and Sessions, Technical Report, University of Columbia, Steffan J., Schumacher M., Collaborative Attack Modeling, in Proc. of the 2002 ACM Symposium on Applied Computing, pp , ACM Press, Spain, March Studer R., Benjamins V. R., Fensel D., Knowledge engineering, principles and methods, in the Data and Knowledge Engineering, Vol 25, (1-2), pp , Sure Y. (ed.), Gmez-Prez, A.; Daelemans, W.; Reinberger M.; Guarino, N.; Noy, N., Why Evaluate Ontology Technologies? Because It Works!,in IEEE Intelligent Systems 19 (4), pp , Taghva, K., Borsack, J., Coombs, J., Condit, A., Lumos, S., Nartker, T. Ontology-based Classification of (2003), in IEEE International Conference on Information Technology: Coding and Computing [Computers and Communications] (ITCC 2003), Las Vegas, NV, USA, pp , Theoharidou M., Marias G., Dritsas S., Gritzalis D., "The Ambient Intelligence Paradigm: A review of security and privacy strategies in leading economies", in Proc. Οικονομικό Πανεπιστήμιο Αθηνών 18

19 of the 2 nd IET International Conference on Intelligent Environments (IE '06), Kameas A., Papalexopoulos D. (Eds.), Vol. 2, pp , July 2006, Athens H. Tschofenig, et al., Using SAML to Protect the Session Initiation Protocol, IEEE Network, 20 (5), pp September/October H. Tschofenig, J. Hodges, J. Peterson, J. Polk, D. Sicker, SIP SAML Profile and Binding, Internet-Draft, Network Working Group, 2007, draft-ietf-sip-saml H. Tschofenig, D. Wing, H. Schulzrinne, T. Froment, G. Dawirs, Anti-SPIT: A Document Format for Expressing Authorization Policies, Internet-Draft, Network Working Group, 2007, draft-tschofenig-sipping-spit-policy H. Tschofenig, H. Schulzrinne, D. Wing, J. Rosenberg, D. Schwartz, A Framework for Reducing Spam for Internet Telephony, Internet Draft, Network Working Group, 2007, draft-tschofenig-sipping-framework-spit-reduction H. Tschofenig, E. Leppanen, Completely Automated Public Turing Test to Tell Computers and Humans Apart (CAPTCHA) based Robot Challenges for the Session Initiation Protocol (SIP), Internet Draft, Network Working Group, 2007, drafttschofenig-sipping-captcha H. Tschofenig, G. Dawirs, T. Froment, D. Wing, H. Schulzrinne, Requirements for Authorization Policies to tackle Spam for Internet Telephony and Unwanted Traffic, Internet Draft, Network Working Group, 2007, draft-froment-sipping-spitrequirements Tsoumas V., Dritsas S., Gritzalis D., "An ontology-based approach to information system security management", in Proc. of the 3rd International Conference on Mathematical Models, Methods and Architectures for Computer Network Security (MMM-2005), Gorodetsky V., et al. (Eds.), pp , Springer, Russia, September Tsoumas V., Papagiannakopoulos P., Dritsas S., Gritzalis D., "Security-by-Ontology: A knowledge-centric approach", in Proc. of the 21 st International Information Security Conference (SEC-2006), Runnenberg K., et al. (Eds.), pp , Sweden, May Undercoffer J, Joshi A, Pinkston J, Modeling Computer Attacks: An Ontology for Intrusion Detection, in Proc. of the Recent Advances in Intrusion Detection (RAID03), Lecture Notes in Computer Science, Vol. 2820,, pp , Pittsburgh, PA, USA, Uszok A., Bradshaw J., Jeffers R., Suri N., Hayes P., Breedy M., Bunch L., Johnson M., Kulkarni S., Lott J., KAoS Policy and Domain Services: Toward a Description-Logic Approach to Policy Representation, Deconfliction, and Enforcement. In Proc. of 4th IEEE Workshop on Policies for Networks and Distributed Systems (Policy 2003), Lake Como, Italy, IEEE, June Vigna G., Eckmann S., Kemmerer R., Attack Languages, in Proc. of the IEEE Information Survivability Workshop, pp , IEEE Press, USA, VOIPSA, VoIP Security and Privacy Threat Taxonomy, October 2005 (available at: Vorm J, Defeating audio (voice) CAPTCHAs,2006, Retrieved October 10, 2007 from Οικονομικό Πανεπιστήμιο Αθηνών 19

20 210. Vorobiev A., Han J., Security Attack Ontology for Web Services, in Proc. of the Second International Conference on Semantics, Knowledge, and Grid (SKG'06), pp.42, IEEE Computer Society, Guilin, China, Walter F., Battiston S., Schweitzer F., Impact of Trust on the Performance of a Recommendation System in a Social Network, in the Proc. of the Fifth International Joint Conference on Autonomous Agents and Multiagent System, (AAMAS 2006), Hakodate, Japan, May, Wang, X., Chan, C. W., & Hamilton, H. J., Design of Knowledge-Based Systems with the Ontology-Domain-System Approach, in the Proc. of the 14th International Conference on Software Engineering and Knowledge Engineering (SEKE02), pp , Italy, Wang L., Noel S., Jajodia S., Minimum-Cost Network Hardening Using Attack Graphs, in the Computer Communications, 29(18), pp , November Wang C. C., Chena S., Using header session messages to anti-spamming, in the Computers & Security Journal, Vol. 26, Is. 5, pp , August Wieringa R. J., Meyer J.-J. C.,. Applications of Deontic Logic in Computer Science: A Concise Overview. In Proc. of Practical Reasoning and Rationality (PRR 98), Brighton, UK, John Wiley & Sons, August Wikipedia CAPTCHA. Retrieved on November D. Willis, A. Allen, Requesting Answering Modes for the Session Initiation Protocol (SIP), Internet Draft, Network Working Group, 2007,draft-ietf-sip-answermode Wojcik M.N., Proulx D., Baker, J., Roberge, R.J., Introduction to OVAL: A Language to Determine the Presence of Computer Vulnerabilities and Configuration Issues Xu. Yang, Retargeting Security in the Session Initiation Protocol (SIP), Internet Draft, Network Working Group, 2007, draft-xu-yang-retargeting-security Yoke H.K., Tan Lawrence, Curbing SPAM via Technical Measures: An Overview, ITU World Summit on the Information Society (WSIS), ITU New Initiatives Programme, by the Strategy and Policy Unit (SPU), Youn, S. and McLeod, D. Efficient Spam Filtering using Adaptive Ontology, in Proc. of the 4th IEEE International Conference on Information Technology (ITNG 07), pp , Las Vegas, NV, Zdziarski A. J, Ending Spam: Bayesian Content Filtering and the Art of Statistical Language Classification, No Starch Press, Zhang D.Y., The Deployment of Features in Internet Telephony, Master thesis of Applied Science in EE, Carleton University, Zhang L., Yao T., Filtering Junk Mail with A Maximum Entropy Model, in Proc. of the 20th International Conference on Computer Processing of Oriental Languages (ICCPOL2003), pp , China, Ziegler C.N., Semantic Web recommender systems, in the Proc. of the Joint ICDE/EDBT Ph.D. Workshop, W. Lindner and A. Perego, Eds. Crete University Press, Heraklion, Greece, Οικονομικό Πανεπιστήμιο Αθηνών 20

21 226. Katirai Η., Filtering junk A performance comparison between genetic programming and naive bayes, Y.J. Yon, Global IPv6 Summit, KISA, Korea, Οικονομικό Πανεπιστήμιο Αθηνών 21