Behavior- based approach to detect spam over IP telephony attacks

Spam over IP telephony (SPIT) is expected to
become a serious problem as the use of voice over IP grows.
This kind of spam is appreciated by spammers due to its effec-
tiveness and low cost. Many anti-SPIT solutions are applied
to resolve this problem but there are still limited in some
cases. Thus, in this paper, we propose a system to detect
SPIT attacks through behavior-based approach. Our frame-
work operates in three steps: (1) collecting significant calls
attributes by exploring and analyzing network traces using
OPNET environment; (2) applying sliding windows strategy
to properly maintain the callers profiles; and (3) classify-
ing caller (i.e., legitimate or SPITter) using ten supervised
learning methods: NaïveBayes, BayesNet, SMO RBFKernel,
SMO PolyKernel, MultiLayerPerceptron with two and three
layers, NBTree, J48, Bagging and AdaBoostM1. The results
of our experiments demonstrate the great performance of
these methods. Our study, based on receiver operating char-
acteristics curves, shows that the AdaBoostM1 classifier is
more efficient than the other methods and achieve an almost
perfect detection rate with acceptable training time.