ImageVerifierCode 换一换
格式:PDF , 页数:18 ,大小:181.77KB ,
资源ID:803442      下载积分:10000 积分
快捷下载
登录下载
邮箱/手机:
温馨提示:
如需开发票,请勿充值!快捷下载时,用户名和密码都是您填写的邮箱或者手机号,方便查询和重复下载(系统自动生成)。
如填写123,账号就是123,密码也是123。
特别说明:
请自助下载,系统不会自动发送文件的哦; 如果您已付费,想二次下载,请登录后访问:我的下载记录
支付方式: 支付宝扫码支付 微信扫码支付   
注意:如需开发票,请勿充值!
验证码:   换一换

加入VIP,免费下载
 

温馨提示:由于个人手机设置不同,如果发现不能下载,请复制以下地址【http://www.mydoc123.com/d-803442.html】到电脑端继续下载(重复下载不扣费)。

已注册用户请登录:
账号:
密码:
验证码:   换一换
  忘记密码?
三方登录: 微信登录  

下载须知

1: 本站所有资源如无特殊说明,都需要本地电脑安装OFFICE2007和PDF阅读器。
2: 试题试卷类文档,如果标题没有明确说明有答案则都视为没有答案,请知晓。
3: 文件的所有权益归上传用户所有。
4. 未经权益所有人同意不得将文件中的内容挪作商业或盈利用途。
5. 本站仅提供交流平台,并不能对任何下载内容负责。
6. 下载文件中如有侵权或不适当内容,请与我们联系,我们立即纠正。
7. 本站不保证下载资源的准确性、安全性和完整性, 同时也不承担用户因使用这些下载资源对自己和他人造成任何形式的伤害或损失。

版权提示 | 免责声明

本文(ITU-T SERIES X SUPP 11-2011 ITU-T X 1245 C Supplement on framework based on real-time blocking lists for countering VoIP spam (Study Group 17)《ITU-T X 1245-基于实时阻列表的框架来计算网络电话(VOIP)垃.pdf)为本站会员(赵齐羽)主动上传,麦多课文库仅提供信息存储空间,仅对用户上传内容的表现方式做保护处理,对上载内容本身不做任何修改或编辑。 若此文所含内容侵犯了您的版权或隐私,请立即通知麦多课文库(发送邮件至master@mydoc123.com或直接QQ联系客服),我们立即给予删除!

ITU-T SERIES X SUPP 11-2011 ITU-T X 1245 C Supplement on framework based on real-time blocking lists for countering VoIP spam (Study Group 17)《ITU-T X 1245-基于实时阻列表的框架来计算网络电话(VOIP)垃.pdf

1、 InteITTELECOSTANDAOF ITU SERICOMITU-Ton respamITU-TrnatiU-TMMUNICATRDIZATIONES X: DMUNICX.124al-timX-serional ION SECTORATA NEATIONS5 Sue bloces RecoTelecTWORAND Spplemcking lismmendommuKS, OPECURIent onts forations nicatSSuEN SYSTY framecount Suppion Ueriepplem(TEM work tering Vlementnions Xent 11

2、09/2011based oIP 11 ) ITU-T X-SERIES RECOMMENDATIONS DATA NETWORKS, OPEN SYSTEM COMMUNICATIONS AND SECURITY PUBLIC DATA NETWORKS X.1X.199OPEN SYSTEMS INTERCONNECTION X.200X.299INTERWORKING BETWEEN NETWORKS X.300X.399MESSAGE HANDLING SYSTEMS X.400X.499DIRECTORY X.500X.599OSI NETWORKING AND SYSTEM ASP

3、ECTS X.600X.699OSI MANAGEMENT X.700X.799SECURITY X.800X.849OSI APPLICATIONS X.850X.899OPEN DISTRIBUTED PROCESSING X.900X.999INFORMATION AND NETWORK SECURITY General security aspects X.1000X.1029Network security X.1030X.1049Security management X.1050X.1069Telebiometrics X.1080X.1099SECURE APPLICATION

4、S AND SERVICES Multicast security X.1100X.1109Home network security X.1110X.1119Mobile security X.1120X.1139Web security X.1140X.1149Security protocols X.1150X.1159Peer-to-peer security X.1160X.1169Networked ID security X.1170X.1179IPTV security X.1180X.1199CYBERSPACE SECURITY Cybersecurity X.1200X.

5、1229Countering spam X.1230X.1249Identity management X.1250X.1279SECURE APPLICATIONS AND SERVICES Emergency communications X.1300X.1309Ubiquitous sensor network security X.1310X.1339CYBERSECURITY INFORMATION EXCHANGE Overview of cybersecurity X.1500X.1519Vulnerability/state exchange X.1520X.1539Event

6、/incident/heuristics exchange X.1540X.1549Exchange of policies X.1550X.1559Heuristics and information request X.1560X.1569Identification and discovery X.1570X.1579Assured exchange X.1580X.1589For further details, please refer to the list of ITU-T Recommendations. X series Supplement 11 (09/2011) i S

7、upplement 11 to ITU-T X-series Recommendations ITU-T X.1245 Supplement on framework based on real-time blocking lists for countering VoIP spam Summary Supplement 11 to ITU-T X-series Recommendations provides a technical framework based on a real-time blocking list (RBL) for countering voice over Int

8、ernet protocol (VoIP) spam, which consists of four functional entities: a VoIP spam prevention system (VSPS), a VoIP spam prevention policy server (VSPPS), an RBL central system for VoIP spam prevention (VSP-RBL), and a user-reputation system (URS). This supplement also specifies the functionalities

9、, procedures, and interfaces of each functional entity for countering VoIP spam. History Edition Recommendation Approval Study Group 1.0 ITU-T X Suppl. 11 2011-09-02 17 Keywords RBL, URS, VoIP, VoIP spam. ii X series Supplement 11 (09/2011) FOREWORD The International Telecommunication Union (ITU) is

10、 the United Nations specialized agency in the field of telecommunications, information and communication technologies (ICTs). The ITU Telecommunication Standardization Sector (ITU-T) is a permanent organ of ITU. ITU-T is responsible for studying technical, operating and tariff questions and issuing

11、Recommendations on them with a view to standardizing telecommunications on a worldwide basis. The World Telecommunication Standardization Assembly (WTSA), which meets every four years, establishes the topics for study by the ITU-T study groups which, in turn, produce Recommendations on these topics.

12、 The approval of ITU-T Recommendations is covered by the procedure laid down in WTSA Resolution 1. In some areas of information technology which fall within ITU-Ts purview, the necessary standards are prepared on a collaborative basis with ISO and IEC. NOTE In this publication, the expression “Admin

13、istration“ is used for conciseness to indicate both a telecommunication administration and a recognized operating agency. Compliance with this publication is voluntary. However, the publication may contain certain mandatory provisions (to ensure, e.g., interoperability or applicability) and complian

14、ce with the publication is achieved when all of these mandatory provisions are met. The words “shall“ or some other obligatory language such as “must“ and the negative equivalents are used to express requirements. The use of such words does not suggest that compliance with the publication is require

15、d of any party. INTELLECTUAL PROPERTY RIGHTS ITU draws attention to the possibility that the practice or implementation of this publication may involve the use of a claimed Intellectual Property Right. ITU takes no position concerning the evidence, validity or applicability of claimed Intellectual P

16、roperty Rights, whether asserted by ITU members or others outside of the publication development process. As of the date of approval of this publication, ITU had not received notice of intellectual property, protected by patents, which may be required to implement this publication. However, implemen

17、ters are cautioned that this may not represent the latest information and are therefore strongly urged to consult the TSB patent database at http:/www.itu.int/ITU-T/ipr/. ITU 2012 All rights reserved. No part of this publication may be reproduced, by any means whatsoever, without the prior written p

18、ermission of ITU. X series Supplement 11 (09/2011) iii Table of Contents Page 1 Scope 1 2 References. 1 3 Terms and definitions . 1 3.1 Terms defined elsewhere 1 3.2 Terms defined in this supplement . 1 4 Abbreviations and acronyms 2 5 Conventions 3 6 Overview of VoIP spam . 3 6.1 General aspects .

19、3 6.2 Spam flow . 3 7 Functional architecture for countering VoIP spam . 4 7.1 Overall architecture 4 7.2 VoIP spam prevention system (VSPS) . 5 7.3 VoIP spam prevention policy server (VSPPS) . 5 7.4 RBL central system for VoIP spam prevention (VSP-RBL) 6 7.5 User-reputation system (URS) . 6 7.6 Pro

20、cess for countering VoIP spam . 7 8 RBL update procedures for countering VoIP spam 8 8.1 Global RBL update procedures 8 8.2 Local RBL update procedure 8 Bibliography. 10 X series Supplement 11 (09/2011) 1 Supplement 11 to ITU-T X-series Recommendations ITU-T X.1245 Supplement on framework based on r

21、eal-time blocking lists for countering VoIP spam 1 Scope This supplement to ITU-T X.1245 provides a framework based on RBL for countering VoIP spam. The scope of this supplement consists in: defining the functional architecture for countering VoIP spam, defining four functional entities: VoIP spam p

22、revention system (VSPS), VoIP spam prevention policy server (VSPPS), RBL central system for VoIP spam prevention (VSP-RBL), and user-reputation system (URS) in the framework, describing the procedures and interfaces associated with the functional entities. Compliance with all relevant laws and regul

23、ations should be considered before adopting the anti-spam methods described in this supplement. 2 References None. 3 Terms and definitions 3.1 Terms defined elsewhere This supplement uses the following terms defined elsewhere: 3.1.1 spam b-ITU-T X.1240: The meaning of the word “spam“ depends on each

24、 national perception of privacy and what constitutes spam from the national technological, economic, social and practical perspectives. In particular, its meaning evolves and broadens as technologies develop, providing novel opportunities for misuse of electronic communications. Although there is no

25、 globally agreed definition for spam, this term is commonly used to describe unsolicited electronic bulk communications over e-mail or mobile messaging for the purpose of marketing commercial products or services. 3.1.2 spammer b-ITU-T X.1240: An entity or a person creating and sending spam. 3.1.3 s

26、pam over instant messaging (SPIM) b-ITU-T X.1244: A spam targeting users of instant messaging service. 3.2 Terms defined in this supplement This supplement defines the following terms: 3.2.1 call spam: Unwanted, automatically-dialled and pre-recorded VoIP telephone calls. 3.2.2 global RBL: A set of

27、RBLs which are integrated from local RBLs and managed by VSP-RBL. 3.2.3 inbound domain: Domain to which a call is going. 3.2.4 local RBL: A set of real-time blocking lists (RBLs) managed by a VoIP spam prevention policy server (VSPPS) in each domain. 3.2.5 outbound domain: Domain from which a call i

28、s coming out. 2 X series Supplement 11 (09/2011) 3.2.6 RBL central system for VoIP spam prevention (VSP-RBL): An entity that creates and manages the global real-time blocking list (RBL). 3.2.7 real-time blocking list (RBL): A list of IP addresses or domain names that can be a basis to block immediat

29、ely during VoIP call set-up. 3.2.8 user-reputation system (URS): An entity that calculates the VoIP spam score. 3.2.9 VoIP spam: Spam emerging over VoIP services. 3.2.10 VoIP spam prevention policy server (VSPPS): An entity that creates and manages the local RBL. 3.2.11 VoIP spam prevention system (

30、VSPS): An entity that detects and blocks VoIP spam during the call process. 4 Abbreviations and acronyms This supplement uses the following abbreviations and acronyms: ACS Auto Calling System ACTR Average Call Traffic Rate CBR Call Barring Rate CDR Call Duration Rate CERT Computer Emergency Response

31、 Team CIRT Computer Incident Response Team CRR Call Recipient Rate ICT Inter Call Time IM Instant Messaging IP Internet Protocol IPSec IP Security Protocol IVR Interactive Voice Response P2P Peer to Peer RBL Real-time Blocking List SIP Session Initiation Protocol SPIM SPam over Instant Messaging TCT

32、 Total Call Time TLS Transport Layer Security TTP Trusted Third Party URS User-Reputation System VoIP Voice over Internet Protocol VSP-RBL RBL central system for VoIP Spam Prevention VSPPS Voice Spam Prevention Policy Server VSPS Voice Spam Prevention System X series Supplement 11 (09/2011) 3 5 Conv

33、entions None. 6 Overview of VoIP spam 6.1 General aspects VoIP, like e-mail and other Internet applications, is susceptible to abuse by malicious parties that initiate unsolicited and unwanted communications. Increasingly, telemarketers, prank callers, and other telephone-system abusers, are likely

34、to target VoIP systems. VoIP spam is a kind of real-time voice spam emerging over VoIP services, such as telemarketing that includes communications with a telemarketer and interaction with the IVR system or ACS. The problem with VoIP spam is the difficulty in detecting unwanted calls; after all, it

35、can be assumed that recipients are unaware that they are victims of a VoIP spam until they answer it. As VoIP becomes more and more popular around the world, the threat of VoIP spam is also rapidly increasing. The following list describes the main characteristics of VoIP spam that have the potential

36、 to emerge as threats to VoIP service providers and users: ability to send VoIP spam in bulk and cheaply to unspecified recipients through the Internet, using equipment or software that generates calls and sends messages automatically; ability to circumvent the spam-filtering policies of service pro

37、viders because VoIP spam can be sent directly to a recipient (P2P method); inability to analyse content of voice calls. Unlike the contents of e-mails, which can be analysed before delivery to the recipient, the contents of voice calls are obviously not available for analysis beforehand. This elimin

38、ates the most effective measure that is currently in use to counter e-mail spam; the potential to be more disruptive than e-mail spam because the larger size of voice files can seriously slow down networks; ability for spammers to leave a bogus voice-mail message from a bank, thereby gaining financi

39、al/private information or asking the telephone owner to call a false number. 6.2 Spam flow There are two types of VoIP spam; one is call spam and the other is instant messaging (IM) spam. In this supplement, the VoIP protocols focus only on b-ITU-T H.323 and SIP. Clauses 6.2.1 and 6.2.2 describe the

40、 definition and call flow of each type of spam. 6.2.1 Call spam X Suppl.11(11)_F01Spammer RecipientCall setupRTP (Advertisement)Figure 1 Call spam flow Call spam refers to any of the commercial messages sent via VoIP. Due to the wide array of tools already available to spammers on the Internet, it i

41、s a potential venue for large volumes of unsolicited calls. Figure 1 describes the call spam flow. After call establishment, the spammer will send call spam created by an automatic tool to unspecified recipients. 4 X series Supplement 11 (09/2011) 6.2.2 Instant messaging (IM) spam X Suppl.11(11)_F02

42、Spammer RecipientCall setup (Advertisement)CANCELFigure 2 IM spam flow Instant messaging spam is defined as a bulk unsolicited set of instant messages containing the message that the spammer is seeking to convey. Figure 2 describes the IM spam flow. The spammer sends IM spam in a call setup message.

43、 In the case of e-mail spam, the advertisement is displayed when the e-mail is opened, and the recipient might immediately remove it by checking the title. Since the IM spam in VoIP automatically shows up on the screen in the VoIP terminal, the recipients will be forced to view the advertisement. In

44、 addition, the spammer sends IM spam at little or no cost by putting the telephone down even before a call is established. 7 Functional architecture for countering VoIP spam 7.1 Overall architecture The functional architecture for countering VoIP spam consists of two kinds of domains: outbound domai

45、n and inbound domain. The outbound domain and the inbound domain contain senders and recipients, respectively. The functional architecture consists of four kinds of functional entities as shown in Figure 3: a VoIP spam prevention system, a VoIP spam prevention policy server, an RBL central system fo

46、r VoIP spam prevention, and a user-reputation system. Both domains belong to the VoIP service provider, while VSP-RBL belongs to the trusted third party (TTP), for example CERT, CIRT, or a national authority. The functional architecture is designed to use RBL. Two kinds of RBL are used for counterin

47、g VoIP spam: local RBL and global RBL. The local RBL is created using a VoIP spam score defined in clause 7.5.1, or using a report on VoIP spam from recipients and managed by each VoIP service provider. However, the global RBL is created by integrating the local RBLs and is managed by the TTP. Durin

48、g call set-up, each call is examined by the local RBL in the VSPPS of the outbound domain and is blocked when the IP address or domain name of the sender is already listed in the local RBL. Although not blocked by VSPS based on the local RBL, a call with a VoIP spam feature is immediately blocked wh

49、en the VoIP spam score of the call calculated by URS exceeds the threshold. If the call is not blocked in the outbound domain, the VSPPS and URS of the inbound domain perform the same actions mentioned previously. Otherwise, the call is sent to one or more recipients. The procedures to counter IM spam are performed in the same manner. X series Supplement 11 (09/2011) 5 X Suppl.11(11)_F03URSLocalRBLURSLocalRBLVSPPSVSPSRecipientVSPPSVSPSSenderGlobalRBLVSP-RBLOutbound Domain Inbound DomainVoIP call f

copyright@ 2008-2019 麦多课文库(www.mydoc123.com)网站版权所有
备案/许可证编号:苏ICP备17064731号-1