US20070165811A1 - System and method for spam detection - Google Patents
System and method for spam detection Download PDFInfo
- Publication number
- US20070165811A1 US20070165811A1 US11/334,920 US33492006A US2007165811A1 US 20070165811 A1 US20070165811 A1 US 20070165811A1 US 33492006 A US33492006 A US 33492006A US 2007165811 A1 US2007165811 A1 US 2007165811A1
- Authority
- US
- United States
- Prior art keywords
- caller
- response
- recited
- acceptable
- challenge
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
- 238000000034 method Methods 0.000 title claims abstract description 31
- 238000001514 detection method Methods 0.000 title description 6
- 230000004044 response Effects 0.000 claims abstract description 76
- 238000012795 verification Methods 0.000 claims abstract description 12
- 238000012360 testing method Methods 0.000 claims description 25
- 238000004891 communication Methods 0.000 claims description 10
- 238000009877 rendering Methods 0.000 claims description 8
- 230000000977 initiatory effect Effects 0.000 claims description 7
- 238000004590 computer program Methods 0.000 claims description 2
- 238000010586 diagram Methods 0.000 description 8
- 230000015654 memory Effects 0.000 description 8
- 239000003795 chemical substances by application Substances 0.000 description 4
- 238000012015 optical character recognition Methods 0.000 description 4
- 238000012545 processing Methods 0.000 description 4
- 230000003287 optical effect Effects 0.000 description 3
- 230000005236 sound signal Effects 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 230000006399 behavior Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000001788 irregular Effects 0.000 description 2
- 230000007246 mechanism Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 230000009118 appropriate response Effects 0.000 description 1
- 230000005540 biological transmission Effects 0.000 description 1
- 239000000872 buffer Substances 0.000 description 1
- 238000012512 characterization method Methods 0.000 description 1
- 230000002596 correlated effect Effects 0.000 description 1
- 230000001934 delay Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000003825 pressing Methods 0.000 description 1
- 230000008569 process Effects 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- 239000007787 solid Substances 0.000 description 1
- 238000001228 spectrum Methods 0.000 description 1
- 238000010998 test method Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/28—Data switching networks characterised by path configuration, e.g. LAN [Local Area Networks] or WAN [Wide Area Networks]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M3/00—Automatic or semi-automatic exchanges
- H04M3/42—Systems providing special services or facilities to subscribers
- H04M3/436—Arrangements for screening incoming calls, i.e. evaluating the characteristics of a call before deciding whether to answer it
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L12/00—Data switching networks
- H04L12/66—Arrangements for connecting between networks having differing types of switching systems, e.g. gateways
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1076—Screening of IP real time communications, e.g. spam over Internet telephony [SPIT]
- H04L65/1079—Screening of IP real time communications, e.g. spam over Internet telephony [SPIT] of unsolicited session attempts, e.g. SPIT
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1101—Session protocols
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L65/00—Network arrangements, protocols or services for supporting real-time applications in data packet communication
- H04L65/1066—Session management
- H04L65/1101—Session protocols
- H04L65/1104—Session initiation protocol [SIP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04M—TELEPHONIC COMMUNICATION
- H04M3/00—Automatic or semi-automatic exchanges
- H04M3/42—Systems providing special services or facilities to subscribers
Definitions
- the present invention relates to caller detection and more particularly to a system and method for determining spam and unsolicited calls.
- IP Internet Protocol
- VoIP Voice-over-IP
- Session Initiation Protocol is a signaling protocol for Internet conferencing, telephony, events notification and instant messaging.
- SIP and VoIP networks unsolicited messages and calls can be automatically generated and delivered to phones in a cheaper and faster manner than in telephone networks.
- Call Spam is where the caller wishes to successfully initiate a dialog and have a media session. For example, unsolicited calls that are automatically initiated and carried out by software using ‘pre-recorded’ streams similar to telemarketing calls today.
- Call initiation spam is where the caller does not wish to successfully initiate a dialog and have a media session. For example, unsolicited INVITE spam with spoofed SIP URIs or IP addresses.
- Email spam issues may be solved using spam filters that passively analyze headers and content contained in individual email messages. This is not guaranteed to be effective because headers can be forged or spoofed. Further, content analysis is not guaranteed to be effective for VoIP spam because content cannot be analyzed until a call is already established and the content has already being transmitted.
- Third party infrastructure services such as reputation systems and consent-based communications can be used to verify callers.
- third party infrastructure services require both caller and callee to participate in such systems.
- the present addresses several problems. These problems may be illustrated as, for example, when a service provider wants to ensure that a human being is accessing the provided service and not some automated attack script, or when a user of the telephone service wants to prevent automated phone spam. There are no known commercial solutions to these problems since the technology is still relatively new and the attacks over IP have not been completely automated.
- a caller verification system and method include generating a challenge to be sent to a caller which requires a response from the caller prior to accepting a call.
- a response or lack thereof is determined from the caller, and the response is analyzed relative to an acceptable response to determine whether the caller is acceptable to communicate with. If the caller is acceptable, the call may be accepted.
- a system for caller verification includes a challenge generator which generates challenges to be sent to a caller responsive to an initiation by the caller for communications, the challenge requiring a response.
- a determination module determines if a response has been received and receives the response from the caller.
- An analyzing device determines if the response is acceptable as compared to an acceptable response to determine whether the caller is acceptable to communicate with.
- FIG. 1 is a block/flow diagram for verification of an acceptable user and/or detecting spam in a human test in accordance with one embodiment of the present invention
- FIG. 2 is a diagram showing verification of an acceptable user and/or detecting spam in an echo test where the caller is not a spammer in accordance with one embodiment of the present invention
- FIG. 3 is a diagram showing verification of an acceptable user and/or detecting spam in an echo test where the caller is a spammer determined by receiving an irregular response in accordance with one embodiment of the present invention
- FIG. 4 is a diagram showing verification of an acceptable user and/or detecting spam in an echo test where the caller is a spammer determined by receiving an no response in accordance with one embodiment of the present invention
- FIG. 5 is a block/flow diagram showing verification of an acceptable user and/or detecting spam for a human test in accordance with one embodiment of the present invention
- FIG. 6 is a block diagram showing a system for verification of an acceptable user and/or detecting spam in accordance with one embodiment of the present invention.
- FIG. 7 is a block/flow diagram showing verification of an acceptable user and/or detecting spam for the echo test in accordance with another embodiment of the present invention.
- Embodiments of the present invention may include an automatic echo test or a human caller test, which screens calls and other communications to determine whether the communication is an unsolicited and undesirable communication, e.g., a sales call, spam, etc.
- UDP User Datagram Protocol
- TCP Transmission Control Protocol
- UDP is a communications protocol that offers a limited amount of service when messages are exchanged between computers in a network that uses the Internet Protocol (IP).
- IP Internet Protocol
- UDP is an alternative to the TCP and, together with IP, is sometimes referred to as UDP/IP.
- These requests or responses may be made of up two parts: a set of headers and one or more message bodies.
- SIP request When a SIP request (or INVITE) is sent, it is sent to the intended party's (or User Agent's (UA)) SIP address. SIP addresses are actually URLs and are like e-mail addresses.
- UA User Agent
- SIP addresses are actually URLs and are like e-mail addresses.
- UA Before a message is delivered to the receiving user agent (UA), it is first sent to a proxy server, which routes and delivers the message to the receiving UA. The response from the receiving UA is then sent back to the initiating UA via proxy servers.
- the caller UA upon receiving an INVITE, the caller UA engages in an automated test and labels the call as legitimate or suspected spam based on the outcome of the test. Based on the label, different actions (drop, filter, ring, forward to voicemail) may be taken to handle the call.
- the test may be performed on behalf of the callee by its UA, proxy server, a hardware agent, or a software agent.
- the embodiments of the present invention provide effective detection of unwanted calls even when a spammer uses spoofed IP addresses and SIP URIs. Effective detection is also provided before permitting a call to be established and content to be delivered. The embodiments only need to be implemented by the callee and are entirely interoperable with SIP protocol.
- Embodiments of the present invention can take the form of an entirely hardware embodiment, an. entirely software embodiment or an embodiment including both hardware and software elements.
- the present invention is implemented in software, which includes but is not limited to firmware, resident software, microcode, etc.
- a computer-usable or computer-readable medium can be any apparatus that may include, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device.
- the medium can be an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system (or apparatus or device) or a propagation medium.
- Examples of a computer-readable medium include a semiconductor or solid state memory, magnetic tape, a removable computer diskette, a random access memory (RAM), a read-only memory (ROM), a rigid magnetic disk and an optical disk. Current examples of optical disks include compact disk-read only memory (CD-ROM), compact disk-read/write (CD-R/W) and DVD.
- a data processing system suitable for storing and/or executing program code may include at least one processor coupled directly or indirectly to memory elements through a system bus.
- the memory elements can include local memory employed during actual execution of the program code, bulk storage, and cache memories which provide temporary storage of at least some program code to reduce the number of times code is retrieved from bulk storage during execution.
- I/O devices including but not limited to keyboards, displays, pointing devices, etc. may be coupled to the system either directly or through intervening I/O controllers.
- Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks.
- Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
- FIG. 1 a block/flow diagram illustratively shows a system/method for detecting spam/unwanted calls for network telephone systems.
- the system/method uses a redirection function of the SIP protocol to respond to a SIP call-in (INVITE).
- INVITE SIP call-in
- embodiments of the present invention provide an integration of a challenge response atop the SIP protocol without requiring changes to the widely deployed protocol.
- the technique achieves automated caller detection circuits for SIP or VoIP.
- the following will describe a SIP exchange for a telephone call, although the present invention is not limited to telephone applications.
- a typical telephone exchange includes, a caller sends a SIP INVITE to a callee over a network, such as the Internet or any other network or communications link.
- the callee receives a CONNECTION IN PROGRESS (e.g., from a proxy or agent), or the callee's handset rings.
- the callee picks up or OK's receiving the call, and the caller acknowledges (ACK).
- a caller initiates a SIP call using a SIP INVITE message.
- the callee checks its well-known address base if the caller's from address or a combination of from and IP address are found, the protocol continues the unmodified SIP path.
- the callee handset or proxy chooses random challenge characters (or words or symbols).
- a display challenge is sent to the caller.
- the display challenge may include a human readable set of characters on the caller's SIP endpoint which are difficult to process with OCR.
- a play back of a human audible rendering of the characters to the caller is performed.
- the rendering is preferably difficult to decipher with voice recognition.
- the caller will transfer a response to the challenge using the microphone or keypad of their communication device (if they are human), and the SIP protocol INVITE will be successful if a correct response is received by the callee.
- a quick call button may be provided on a SIP enabled handset that will disable the authentication procedure for known callers.
- the known caller's SIP profile such as SIP URI or fingerprint may be stored in the callee's phone. For example, an LED (or display message) on the SIP handset will indicate whether a caller is already in the set of “known callers” and whether the know caller is “cleared”.
- the destination may generate a random string of configured length and translate the string into either an image, an audio message or both.
- the destination either proxy or handset
- the destination remembers the redirect and call ID for the redirected call.
- the caller responds to the string (challenge). For example, the caller may listen to a message or view an instruction rendered by the callee. The response may include entering a number or word into the keypad either by reading the string or pressing a key or keys (e.g. “#” or otherwise responding to the image). This response will cause the handset to connect/reconnect to the caller in block 116 if the response is correct.
- the caller handset or proxy sends an INVITE with the answer to the challenge in the body of the connect message.
- the callee phone may be configured to drop the invite with a reject message.
- the callee phone or proxy may answer with a message (e.g. 1xx), but the phone may ring with a different ring tone or provide some indication of a failed challenge to alert the callee.
- the call may be accepted conditionally, e.g., accepted with an OK message, but the callee handset may be configured not to ring as a result of failing the challenge.
- the callee may be prompted with an audible rendering of the random string and asked to input the string using his/her keypad. If the challenge is answered correctly, the callee handset may ring normally. If the ring times out, the handset will close the data connection and send a disconnect event to the caller as described.
- This example provides a challenge, which includes an automatic echo test to detect a spammer, which may be sending a large number of INVITEs to many SIP URIs.
- a caller represented by phone 202 sends an INVITE 206 to a callee, represented by phone 204 .
- callee 204 sends a challenge, e.g., a “183 Session progress” response in a pattern to caller 202 to elicit provisional acknowledgements (PRACKs) 210 .
- PRACK is an acknowledgement for a provisional response, in this case for the session progress message.
- the pattern is crafted to not create much load at a normal caller, but could create significant load at a spammer when combined with messages from other users.
- the pattern could be a burst of back-to-back “183 Session progress” messages in which the burst size is randomly drawn from a range (such as 10-50 packets).
- Another example of a crafted pattern is groups of bursts where the inter-group spacing could also be randomly drawn from a range (such as 10-500 milliseconds).
- phone 202 is not a spammer, it will respond with PRACKs 210 .
- the Prack pattern is tested or compared with the pattern sent from callee 204 .
- an OK signal is sent to the caller 202 , which acknowledges (ACK 214 ).
- a conversation 216 or other communication (data exchange, etc.) can be conducted until the call is ended (BYE 218 ).
- caller 220 is a spammer and does not run a full SIP stack then phone 204 can observe irregularities (e.g., no PRACKs or incorrectly formatted PRACKs) in the caller's responses to session progress 208 or other signal eliciting a response.
- irregularities e.g., no PRACKs or incorrectly formatted PRACKs
- the “183 session progress” probing pattern 208 can alternately or additionally overwhelm the caller system (e.g., the caller's network link, buffers in the caller's SIP implementation related to processing of packets, the caller's memory utilization, or the caller's CPU utilization) leading to drops or delays in the PRACK responses.
- the caller system e.g., the caller's network link, buffers in the caller's SIP implementation related to processing of packets, the caller's memory utilization, or the caller's CPU utilization
- the callee 204 would respond negatively to the call, e.g., terminating the call (forbidden 222 ), or placing the caller on a do not call list.
- a system/method 300 is shown in accordance with an illustrative embodiment of the present invention for testing for human callers.
- a challenge generator 302 generates challenges 322 to a caller.
- Challenges 322 may be randomly generated and may include a random number, which is compared to a plurality of challenge types and items.
- the challenge may include a series of numbers or symbols or an audio clip, or may be selected from a plurality of symbols or audio clips in accordance with a random number generated by generator 302 .
- the challenge generation and rendering (blocks 302 and 304 ) may be performed before or after a call is received.
- the challenge 322 is input to a rendering device 304 which renders the challenge unreadable by machine if the challenge is a display type 307 or rendered incapable of voice/speech recognition if audio 305 .
- the display type 307 noise or extraneous pixels may be added to an image of the characters arranged in a way the OCR cannot properly decipher the symbols.
- a grid with numbers of different fonts, size and arranged in an odd fashion may be employed for the display 307 .
- the display or audio message may be “type 2” written with letters of different fonts, size and arranged in an odd fashion.
- An audio challenge signal 315 ( FIG. 6 ) may be mixed with noise 309 using a mixer 303 to output an audio signal (to a speaker 313 of caller) to render the audio signal undecipherable.
- the challenge is then transmitted back to a caller in block 310 .
- the caller then responds to the challenge if they can.
- the challenge example of “type 2” would be easily readable of determined over noise by a human. The human would know to press the number two on his/her telephone keypad, hence providing the appropriate response to the challenge.
- the callee awaits this response embedded in the message body or otherwise in block 312 and compares the response to an acceptable response, which may include the original challenge 322 or may include a different value. If the response is correct, the call is connected since the caller would be deemed a human.
- a call is received in block 350 , and a fingerprint of the caller may be obtained in block 352 .
- SIP fingerprints are obtained.
- SIP fingerprints are a characterization of measured SIP protocol implementation response time or behavior of SIP devices.
- SIP fingerprints of known SIP devices may be maintained in a database accessible to callees. With method may be employed separately or in conjunction with other echo test methods as described and/or shown in FIG. 7 .
- a callee can easily determine if the caller is a computer or other unwanted caller. This method may not be convenient however since all device may not be listed, etc.
- a test pattern may be generated which requires a response or responses from a caller.
- the test pattern may include known SIP functions, such as PRACK and OPTIONS.
- the pattern may be randomly generated using a challenge generator 302 ( FIG. 6 ).
- the pattern is transmitted to the caller in block 356 , and the response of the caller is monitored in block 358 .
- the response is analyzed to determine if an acceptable echo pattern exists in block 360 .
- the analysis may include checking response packets to make sure that they have correct headers that the response pattern (e.g., inter-packet spacing, response ordering) is correlated to the original test pattern, and/or other irregularities are determined. If there is no response or the pattern is irregular the caller is designated as a machine or spammer in block 362 , and the call is terminated in block 364 . Otherwise the call is permitted to proceed and the phone or other device is permitted to ring.
Abstract
Description
- 1. Technical Field
- The present invention relates to caller detection and more particularly to a system and method for determining spam and unsolicited calls.
- 2. Description of the Related Art
- Anonymity of Internet Protocol (IP) users is a key problem in providing services over the Internet. This affects all services including Voice-over-IP (VoIP) based services. While telephone fraud has always been a problem, the Internet has made this problem more serious because automation of fraud has become much easier. Therefore, it is important for both service providers and users to stop automated attacks that are delivered over IP.
- Session Initiation Protocol or SIP, is a signaling protocol for Internet conferencing, telephony, events notification and instant messaging. In SIP and VoIP networks, unsolicited messages and calls can be automatically generated and delivered to phones in a cheaper and faster manner than in telephone networks.
- Consider two types of spam: (1) Call Spam. Call Spam is where the caller wishes to successfully initiate a dialog and have a media session. For example, unsolicited calls that are automatically initiated and carried out by software using ‘pre-recorded’ streams similar to telemarketing calls today. (2) Call initiation spam. Call initiation spam is where the caller does not wish to successfully initiate a dialog and have a media session. For example, unsolicited INVITE spam with spoofed SIP URIs or IP addresses.
- While telephone network spam (telemarketing) may be solved using legislation, IP networks cross international borders and spammers may not be in a jurisdiction in which certain laws apply. Email spam issues may be solved using spam filters that passively analyze headers and content contained in individual email messages. This is not guaranteed to be effective because headers can be forged or spoofed. Further, content analysis is not guaranteed to be effective for VoIP spam because content cannot be analyzed until a call is already established and the content has already being transmitted.
- Third party infrastructure services such as reputation systems and consent-based communications can be used to verify callers. However, third party infrastructure services require both caller and callee to participate in such systems.
- The present addresses several problems. These problems may be illustrated as, for example, when a service provider wants to ensure that a human being is accessing the provided service and not some automated attack script, or when a user of the telephone service wants to prevent automated phone spam. There are no known commercial solutions to these problems since the technology is still relatively new and the attacks over IP have not been completely automated.
- A caller verification system and method include generating a challenge to be sent to a caller which requires a response from the caller prior to accepting a call. A response or lack thereof is determined from the caller, and the response is analyzed relative to an acceptable response to determine whether the caller is acceptable to communicate with. If the caller is acceptable, the call may be accepted.
- A system for caller verification includes a challenge generator which generates challenges to be sent to a caller responsive to an initiation by the caller for communications, the challenge requiring a response. A determination module determines if a response has been received and receives the response from the caller. An analyzing device determines if the response is acceptable as compared to an acceptable response to determine whether the caller is acceptable to communicate with.
- These and other objects, features and advantages will become apparent from the following detailed description of illustrative embodiments thereof, which is to be read in connection with the accompanying drawings.
- The disclosure will provide details in the following description of preferred embodiments with reference to the following figures wherein:
-
FIG. 1 is a block/flow diagram for verification of an acceptable user and/or detecting spam in a human test in accordance with one embodiment of the present invention; -
FIG. 2 is a diagram showing verification of an acceptable user and/or detecting spam in an echo test where the caller is not a spammer in accordance with one embodiment of the present invention; -
FIG. 3 is a diagram showing verification of an acceptable user and/or detecting spam in an echo test where the caller is a spammer determined by receiving an irregular response in accordance with one embodiment of the present invention; -
FIG. 4 is a diagram showing verification of an acceptable user and/or detecting spam in an echo test where the caller is a spammer determined by receiving an no response in accordance with one embodiment of the present invention; -
FIG. 5 is a block/flow diagram showing verification of an acceptable user and/or detecting spam for a human test in accordance with one embodiment of the present invention; -
FIG. 6 is a block diagram showing a system for verification of an acceptable user and/or detecting spam in accordance with one embodiment of the present invention; and -
FIG. 7 is a block/flow diagram showing verification of an acceptable user and/or detecting spam for the echo test in accordance with another embodiment of the present invention. - Embodiments of the present invention may include an automatic echo test or a human caller test, which screens calls and other communications to determine whether the communication is an unsolicited and undesirable communication, e.g., a sales call, spam, etc.
- In a SIP transaction, messages (either requests or responses) are sent between devices that use either User Datagram Protocol (UDP) or Transmission Control Protocol (TCP) or other transport protocols. UDP is a communications protocol that offers a limited amount of service when messages are exchanged between computers in a network that uses the Internet Protocol (IP). UDP is an alternative to the TCP and, together with IP, is sometimes referred to as UDP/IP. These requests or responses may be made of up two parts: a set of headers and one or more message bodies.
- When a SIP request (or INVITE) is sent, it is sent to the intended party's (or User Agent's (UA)) SIP address. SIP addresses are actually URLs and are like e-mail addresses. Before a message is delivered to the receiving user agent (UA), it is first sent to a proxy server, which routes and delivers the message to the receiving UA. The response from the receiving UA is then sent back to the initiating UA via proxy servers.
- While SIP does not actually define what a session is, it does provide a description of the session in which the user is being invited. In one illustrative embodiment, upon receiving an INVITE, the caller UA engages in an automated test and labels the call as legitimate or suspected spam based on the outcome of the test. Based on the label, different actions (drop, filter, ring, forward to voicemail) may be taken to handle the call. The test may be performed on behalf of the callee by its UA, proxy server, a hardware agent, or a software agent.
- The embodiments of the present invention provide effective detection of unwanted calls even when a spammer uses spoofed IP addresses and SIP URIs. Effective detection is also provided before permitting a call to be established and content to be delivered. The embodiments only need to be implemented by the callee and are entirely interoperable with SIP protocol.
- Embodiments of the present invention can take the form of an entirely hardware embodiment, an. entirely software embodiment or an embodiment including both hardware and software elements. In a preferred embodiment, the present invention is implemented in software, which includes but is not limited to firmware, resident software, microcode, etc.
- Furthermore, the invention can take the form of a computer program product accessible from a computer-usable or computer-readable medium providing program code for use by or in connection with a computer or any instruction execution system. For the purposes of this description, a computer-usable or computer readable medium can be any apparatus that may include, store, communicate, propagate, or transport the program for use by or in connection with the instruction execution system, apparatus, or device. The medium can be an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system (or apparatus or device) or a propagation medium. Examples of a computer-readable medium include a semiconductor or solid state memory, magnetic tape, a removable computer diskette, a random access memory (RAM), a read-only memory (ROM), a rigid magnetic disk and an optical disk. Current examples of optical disks include compact disk-read only memory (CD-ROM), compact disk-read/write (CD-R/W) and DVD.
- A data processing system suitable for storing and/or executing program code may include at least one processor coupled directly or indirectly to memory elements through a system bus. The memory elements can include local memory employed during actual execution of the program code, bulk storage, and cache memories which provide temporary storage of at least some program code to reduce the number of times code is retrieved from bulk storage during execution. Input/output or I/O devices (including but not limited to keyboards, displays, pointing devices, etc.) may be coupled to the system either directly or through intervening I/O controllers.
- Network adapters may also be coupled to the system to enable the data processing system to become coupled to other data processing systems or remote printers or storage devices through intervening private or public networks. Modems, cable modem and Ethernet cards are just a few of the currently available types of network adapters.
- Referring now to the drawings in which like numerals represent the same or similar elements and initially to
FIG. 1 , a block/flow diagram illustratively shows a system/method for detecting spam/unwanted calls for network telephone systems. The system/method uses a redirection function of the SIP protocol to respond to a SIP call-in (INVITE). - There are many existing mechanisms that establish that a human is reading a document, e.g., characters with pixel noise that make optical character recognition (OCR) nearly impossible. Similar techniques can be applied to audio renderings of challenge messages, e.g., by mixing noise into an audio signal, noise with frequency elements that cover the human voice spectrum would be especially effective in derailing voice recognition software.
- Advantageously, embodiments of the present invention provide an integration of a challenge response atop the SIP protocol without requiring changes to the widely deployed protocol. The technique achieves automated caller detection circuits for SIP or VoIP. The following will describe a SIP exchange for a telephone call, although the present invention is not limited to telephone applications.
- A typical telephone exchange includes, a caller sends a SIP INVITE to a callee over a network, such as the Internet or any other network or communications link. The callee receives a CONNECTION IN PROGRESS (e.g., from a proxy or agent), or the callee's handset rings. The callee picks up or OK's receiving the call, and the caller acknowledges (ACK).
- In accordance with the invention, in
block 102, a caller initiates a SIP call using a SIP INVITE message. Inblock 104, the callee checks its well-known address base if the caller's from address or a combination of from and IP address are found, the protocol continues the unmodified SIP path. Inblock 106, the callee handset or proxy chooses random challenge characters (or words or symbols). Inblock 108, a display challenge is sent to the caller. The display challenge may include a human readable set of characters on the caller's SIP endpoint which are difficult to process with OCR. - In
block 110, a play back of a human audible rendering of the characters to the caller is performed. The rendering is preferably difficult to decipher with voice recognition. Inblock 112, the caller will transfer a response to the challenge using the microphone or keypad of their communication device (if they are human), and the SIP protocol INVITE will be successful if a correct response is received by the callee. - To simplify the procedure for frequent or trusted callers, a quick call button may be provided on a SIP enabled handset that will disable the authentication procedure for known callers. The known caller's SIP profile such as SIP URI or fingerprint may be stored in the callee's phone. For example, an LED (or display message) on the SIP handset will indicate whether a caller is already in the set of “known callers” and whether the know caller is “cleared”.
- In blocks 108 and 110, the destination (callee) may generate a random string of configured length and translate the string into either an image, an audio message or both. In
block 112, the destination (either proxy or handset) responds with a redirect message that in its body includes a message challenge and as its attachment includes the randomly generated image and/or audio message. If the phone or proxy is aware of challenge-response mechanism, the callee will render either the image, the audio message or both on the caller's handset. Inblock 114, the destination remembers the redirect and call ID for the redirected call. - In
block 112, the caller responds to the string (challenge). For example, the caller may listen to a message or view an instruction rendered by the callee. The response may include entering a number or word into the keypad either by reading the string or pressing a key or keys (e.g. “#” or otherwise responding to the image). This response will cause the handset to connect/reconnect to the caller inblock 116 if the response is correct. The caller handset or proxy sends an INVITE with the answer to the challenge in the body of the connect message. - If the phone or proxy on the caller side is unaware of the challenge response, the redirect will be followed and the REDIRECT message will not include the correct answer for the posed challenge. In
block 118, the callee phone may be configured to drop the invite with a reject message. The callee phone or proxy may answer with a message (e.g. 1xx), but the phone may ring with a different ring tone or provide some indication of a failed challenge to alert the callee. Inblock 120, the call may be accepted conditionally, e.g., accepted with an OK message, but the callee handset may be configured not to ring as a result of failing the challenge. - In
block 110, the callee may be prompted with an audible rendering of the random string and asked to input the string using his/her keypad. If the challenge is answered correctly, the callee handset may ring normally. If the ring times out, the handset will close the data connection and send a disconnect event to the caller as described. - Referring to
FIG. 2 , an example application of the present invention will now be described to illustrate the handling of a non-spam call in accordance with another embodiment of the present invention. This example provides a challenge, which includes an automatic echo test to detect a spammer, which may be sending a large number of INVITEs to many SIP URIs. A caller, represented byphone 202 sends anINVITE 206 to a callee, represented byphone 204. In response callee 204 sends a challenge, e.g., a “183 Session progress” response in a pattern tocaller 202 to elicit provisional acknowledgements (PRACKs) 210. A PRACK is an acknowledgement for a provisional response, in this case for the session progress message. The pattern is crafted to not create much load at a normal caller, but could create significant load at a spammer when combined with messages from other users. For example, the pattern could be a burst of back-to-back “183 Session progress” messages in which the burst size is randomly drawn from a range (such as 10-50 packets). Another example of a crafted pattern is groups of bursts where the inter-group spacing could also be randomly drawn from a range (such as 10-500 milliseconds). For example, ifphone 202 is not a spammer, it will respond withPRACKs 210. The Prack pattern is tested or compared with the pattern sent fromcallee 204. If it is similar to the original “183 Session progress” pattern (i.e., retains roughly similar inter-group spacing behavior), an OK signal is sent to thecaller 202, which acknowledges (ACK 214). Aconversation 216 or other communication (data exchange, etc.) can be conducted until the call is ended (BYE 218). - Referring to
FIG. 3 , a first example or a spam call is illustratively described. Ifcaller 220 is a spammer and does not run a full SIP stack thenphone 204 can observe irregularities (e.g., no PRACKs or incorrectly formatted PRACKs) in the caller's responses tosession progress 208 or other signal eliciting a response. Ifphone 202 is a spammer and does run a full SIP stack, then the “183 session progress” probingpattern 208 can alternately or additionally overwhelm the caller system (e.g., the caller's network link, buffers in the caller's SIP implementation related to processing of packets, the caller's memory utilization, or the caller's CPU utilization) leading to drops or delays in the PRACK responses. - In either case, since a comparison of the response signal shows irregularities, e.g., incorrect response pattern or no response (
FIG. 4 ), the callee 204 would respond negatively to the call, e.g., terminating the call (forbidden 222), or placing the caller on a do not call list. - Problems with legitimate calls may occur in some instance unless initial steps are taken. For example, automated announcements to all employees that a company is closed due to snow may need the message senders to be authenticated and white-listed so that the calls are allowed to go through automatically before echo testing.
- Referring to
FIGS. 5 and 6 , a system/method 300 is shown in accordance with an illustrative embodiment of the present invention for testing for human callers. In the illustrative embodiment shown inFIGS. 5 and 6 , achallenge generator 302 generateschallenges 322 to a caller.Challenges 322 may be randomly generated and may include a random number, which is compared to a plurality of challenge types and items. For example, the challenge may include a series of numbers or symbols or an audio clip, or may be selected from a plurality of symbols or audio clips in accordance with a random number generated bygenerator 302. The challenge generation and rendering (blocks 302 and 304) may be performed before or after a call is received. - The
challenge 322 is input to arendering device 304 which renders the challenge unreadable by machine if the challenge is adisplay type 307 or rendered incapable of voice/speech recognition ifaudio 305. For thedisplay type 307, noise or extraneous pixels may be added to an image of the characters arranged in a way the OCR cannot properly decipher the symbols. As shown inFIG. 6 , a grid with numbers of different fonts, size and arranged in an odd fashion may be employed for thedisplay 307. As another example, the display or audio message may be “type 2” written with letters of different fonts, size and arranged in an odd fashion. An audio challenge signal 315 (FIG. 6 ) may be mixed withnoise 309 using amixer 303 to output an audio signal (to aspeaker 313 of caller) to render the audio signal undecipherable. - The challenge is then transmitted back to a caller in
block 310. The caller then responds to the challenge if they can. The challenge example of “type 2” would be easily readable of determined over noise by a human. The human would know to press the number two on his/her telephone keypad, hence providing the appropriate response to the challenge. - The callee awaits this response embedded in the message body or otherwise in
block 312 and compares the response to an acceptable response, which may include theoriginal challenge 322 or may include a different value. If the response is correct, the call is connected since the caller would be deemed a human. - Referring to
FIG. 7 , an automatic echo system/method is illustratively described in accordance with an illustrative embodiment. A call is received inblock 350, and a fingerprint of the caller may be obtained inblock 352. In one embodiment, SIP fingerprints are obtained. SIP fingerprints are a characterization of measured SIP protocol implementation response time or behavior of SIP devices. SIP fingerprints of known SIP devices may be maintained in a database accessible to callees. With method may be employed separately or in conjunction with other echo test methods as described and/or shown inFIG. 7 . By obtaining a fingerprint of a caller, a callee can easily determine if the caller is a computer or other unwanted caller. This method may not be convenient however since all device may not be listed, etc. - In
block 354, a test pattern may be generated which requires a response or responses from a caller. The test pattern may include known SIP functions, such as PRACK and OPTIONS. The pattern may be randomly generated using a challenge generator 302 (FIG. 6 ). The pattern is transmitted to the caller inblock 356, and the response of the caller is monitored inblock 358. - The response is analyzed to determine if an acceptable echo pattern exists in
block 360. The analysis may include checking response packets to make sure that they have correct headers that the response pattern (e.g., inter-packet spacing, response ordering) is correlated to the original test pattern, and/or other irregularities are determined. If there is no response or the pattern is irregular the caller is designated as a machine or spammer inblock 362, and the call is terminated inblock 364. Otherwise the call is permitted to proceed and the phone or other device is permitted to ring. - Having described preferred embodiments of a system and method for spam detection (which are intended to be illustrative and not limiting), it is noted that modifications and variations can be made by persons skilled in the art in light of the above teachings. It is therefore to be understood that changes may be made in the particular embodiments disclosed which are within the scope and spirit of the invention as outlined by the appended claims. Having thus described aspects of the invention, with the details and particularity required by the patent laws, what is claimed and desired protected by Letters Patent is set forth in the appended claims.
Claims (23)
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/334,920 US20070165811A1 (en) | 2006-01-19 | 2006-01-19 | System and method for spam detection |
JP2006346232A JP5160084B2 (en) | 2006-01-19 | 2006-12-22 | Method, computer program, and system for verifying caller |
KR1020070000942A KR100974142B1 (en) | 2006-01-19 | 2007-01-04 | System and method for spam detection |
CNA2007100019690A CN101005528A (en) | 2006-01-19 | 2007-01-17 | System and method for spam detection |
US12/131,334 US8085915B2 (en) | 2006-01-19 | 2008-06-02 | System and method for spam detection |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US11/334,920 US20070165811A1 (en) | 2006-01-19 | 2006-01-19 | System and method for spam detection |
Related Child Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/131,334 Continuation US8085915B2 (en) | 2006-01-19 | 2008-06-02 | System and method for spam detection |
Publications (1)
Publication Number | Publication Date |
---|---|
US20070165811A1 true US20070165811A1 (en) | 2007-07-19 |
Family
ID=38263173
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US11/334,920 Abandoned US20070165811A1 (en) | 2006-01-19 | 2006-01-19 | System and method for spam detection |
US12/131,334 Expired - Fee Related US8085915B2 (en) | 2006-01-19 | 2008-06-02 | System and method for spam detection |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US12/131,334 Expired - Fee Related US8085915B2 (en) | 2006-01-19 | 2008-06-02 | System and method for spam detection |
Country Status (4)
Country | Link |
---|---|
US (2) | US20070165811A1 (en) |
JP (1) | JP5160084B2 (en) |
KR (1) | KR100974142B1 (en) |
CN (1) | CN101005528A (en) |
Cited By (36)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070283006A1 (en) * | 2006-06-02 | 2007-12-06 | Uangel Corporation | Automatic identification and blocking method of spam cell |
US20080192656A1 (en) * | 2007-02-09 | 2008-08-14 | Ted Vagelos | Systems And Methods For Providing Enhanced Telephone Services |
US20090022145A1 (en) * | 2007-07-20 | 2009-01-22 | Ipc Systems, Inc. | Systems, methods, apparatus and computer program products for networking trading turret systems using sip |
US20090070874A1 (en) * | 2007-09-12 | 2009-03-12 | Avaya Technology Llc | Signature-Free Intrusion Detection |
US20090070875A1 (en) * | 2007-09-12 | 2009-03-12 | Avaya Technology Llc | Distributed Stateful Intrusion Detection for Voice Over IP |
FR2925253A1 (en) * | 2007-12-17 | 2009-06-19 | France Telecom | Communication e.g. telephonic communication, establishment authorizing method for e.g. mobile telephone, involves processing response to control information, and delivering communication establishment authorization when response is correct |
US20090274143A1 (en) * | 2007-09-12 | 2009-11-05 | Avaya Technology Llc | State Machine Profiling for Voice Over IP Calls |
US20090274144A1 (en) * | 2007-09-12 | 2009-11-05 | Avaya Technology Llc | Multi-Node and Multi-Call State Machine Profiling for Detecting SPIT |
US20100158233A1 (en) * | 2008-12-23 | 2010-06-24 | International Business Machines Corporation | Performing human client verification over a voice interface |
US20100158206A1 (en) * | 2008-12-23 | 2010-06-24 | International Business Machines Corporation | Performing human client verification over a voice interface |
KR100974142B1 (en) | 2006-01-19 | 2010-08-04 | 인터내셔널 비지네스 머신즈 코포레이션 | System and method for spam detection |
EP2337320A1 (en) * | 2008-10-27 | 2011-06-22 | Chengdu Huawei Symantec Technologies Co., Ltd. | A method, an apparatus, a proxy server and a terminal for filtering the spam call |
US20130102297A1 (en) * | 2010-06-28 | 2013-04-25 | Sigma Mediterranee | Method and device for verifying physical recognition between a caller and a called party |
US20150087280A1 (en) * | 2013-09-23 | 2015-03-26 | Ooma, Inc. | Identifying and Filtering Incoming Telephone Calls to Enhance Privacy |
CN104735228A (en) * | 2013-12-23 | 2015-06-24 | 联想(北京)有限公司 | Information processing method, first electronic equipment and second electronic equipment |
GB2524302A (en) * | 2014-03-20 | 2015-09-23 | Ibm | Verifying telephone caller origin |
CN104954361A (en) * | 2015-04-24 | 2015-09-30 | 小米科技有限责任公司 | Contact person verification method, device and system |
US9521069B2 (en) | 2015-05-08 | 2016-12-13 | Ooma, Inc. | Managing alternative networks for high quality of service communications |
US9560198B2 (en) | 2013-09-23 | 2017-01-31 | Ooma, Inc. | Identifying and filtering incoming telephone calls to enhance privacy |
US9633547B2 (en) | 2014-05-20 | 2017-04-25 | Ooma, Inc. | Security monitoring and control |
US20170171393A1 (en) * | 2015-12-15 | 2017-06-15 | Le Holdings (Beijing) Co., Ltd. | Method and Device for Call |
EP3114829A4 (en) * | 2014-03-07 | 2017-12-06 | Dialogtech Inc. | Phone fraud deterrence system for use with toll free and other fee generating numbers |
US10009286B2 (en) | 2015-05-08 | 2018-06-26 | Ooma, Inc. | Communications hub |
US10051121B2 (en) | 2015-04-20 | 2018-08-14 | Youmail, Inc. | System and method for identifying unwanted communications using communication fingerprinting |
US10110739B2 (en) | 2015-04-20 | 2018-10-23 | Youmail, Inc. | System and method for identifying and handling unwanted callers using a call answering system |
US10116796B2 (en) | 2015-10-09 | 2018-10-30 | Ooma, Inc. | Real-time communications-based internet advertising |
US10469556B2 (en) | 2007-05-31 | 2019-11-05 | Ooma, Inc. | System and method for providing audio cues in operation of a VoIP service |
US10553098B2 (en) | 2014-05-20 | 2020-02-04 | Ooma, Inc. | Appliance device integration with alarm systems |
US10771396B2 (en) | 2015-05-08 | 2020-09-08 | Ooma, Inc. | Communications network failure detection and remediation |
US10769931B2 (en) | 2014-05-20 | 2020-09-08 | Ooma, Inc. | Network jamming detection and remediation |
US10904392B2 (en) | 2016-08-01 | 2021-01-26 | Youmail, Inc. | System and method for facilitating setup and joining of conference calls |
US10911368B2 (en) | 2015-05-08 | 2021-02-02 | Ooma, Inc. | Gateway address spoofing for alternate network utilization |
US11171875B2 (en) | 2015-05-08 | 2021-11-09 | Ooma, Inc. | Systems and methods of communications network failure detection and remediation utilizing link probes |
US11316974B2 (en) | 2014-07-09 | 2022-04-26 | Ooma, Inc. | Cloud-based assistive services for use in telecommunications and on premise devices |
US20220237629A1 (en) * | 2021-01-28 | 2022-07-28 | Capital One Services, Llc | System, method, and computer-accessible medium for determining the veracity of a bank fraud call |
US20220394128A1 (en) * | 2021-06-03 | 2022-12-08 | Zhenkun Wang | Method, system and device for permitting unfamiliar call |
Families Citing this family (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8006285B1 (en) | 2005-06-13 | 2011-08-23 | Oracle America, Inc. | Dynamic defense of network attacks |
US7760722B1 (en) * | 2005-10-21 | 2010-07-20 | Oracle America, Inc. | Router based defense against denial of service attacks using dynamic feedback from attacked host |
CN102405635B (en) * | 2009-04-30 | 2014-06-25 | 日本电气株式会社 | Communication system and processing method |
US8315595B2 (en) * | 2009-06-10 | 2012-11-20 | International Business Machines Corporation | Providing trusted communication |
US8719930B2 (en) * | 2010-10-12 | 2014-05-06 | Sonus Networks, Inc. | Real-time network attack detection and mitigation infrastructure |
US10319363B2 (en) * | 2012-02-17 | 2019-06-11 | Microsoft Technology Licensing, Llc | Audio human interactive proof based on text-to-speech and semantics |
US9060053B2 (en) * | 2012-02-21 | 2015-06-16 | Verizon Patent And Licensing Inc. | Mitigating denial of service attacks on call centers |
US8948361B2 (en) * | 2012-07-03 | 2015-02-03 | Avaya Inc. | Mitigating spam and identifying callers in video calls |
US9025746B2 (en) | 2012-07-03 | 2015-05-05 | Avaya Inc. | System and method for visual caller identification |
US8893236B2 (en) * | 2013-02-25 | 2014-11-18 | Red Hat, Inc. | Systems, methods, and computer program products for authenticating human users of a computer system |
US10200531B2 (en) * | 2017-03-14 | 2019-02-05 | Lenovo (Singapore) Pte. Ltd. | Mitigating potential fraud |
CN108964855B (en) * | 2017-05-22 | 2022-05-20 | 中兴通讯股份有限公司 | Voice signaling transmission method and device |
CN112470454A (en) * | 2018-09-10 | 2021-03-09 | 谷歌有限责任公司 | Synchronous communication using voice and text |
CA3020143A1 (en) | 2018-10-09 | 2020-04-09 | Telus Communications Inc. | System and method for limiting incoming spam calls |
KR102607052B1 (en) | 2018-12-19 | 2023-11-29 | 삼성전자주식회사 | Electronic apparatus, controlling method of electronic apparatus and computer readadble medium |
US10848619B2 (en) | 2019-03-07 | 2020-11-24 | At&T Intellectual Property I, L.P. | Communications network security for handling proxy voice calls |
US11330098B1 (en) | 2020-11-06 | 2022-05-10 | Sevis Systems, Llc | System and method for enabling trusted caller identity and spoofed call prevention |
KR20230110002A (en) * | 2022-01-14 | 2023-07-21 | 삼성전자주식회사 | Electronic device for determining call type with external electronic device and method thereof |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6542583B1 (en) * | 1997-03-06 | 2003-04-01 | Avaya Technology Corp. | Caller identification verification system |
US7463724B2 (en) * | 2001-06-25 | 2008-12-09 | At&T Intellectual Property, I.L.P. | Audio caller identification |
Family Cites Families (18)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JPS60192452A (en) * | 1984-03-14 | 1985-09-30 | Nippon Tsushin Kensetsu Kk | Incoming selection system in exchange network |
JP2004523012A (en) * | 1999-09-01 | 2004-07-29 | ピーター, エル. カツィカス, | A system to filter out unauthorized email |
JP2001217922A (en) * | 2000-02-02 | 2001-08-10 | Nec Telecom Syst Ltd | Mobile phone device and mobile phone system using it, and incoming call rejection release method used for it |
JP2001274907A (en) * | 2000-03-24 | 2001-10-05 | Nec Shizuoka Ltd | Caller recognition system and method |
US20020120853A1 (en) * | 2001-02-27 | 2002-08-29 | Networks Associates Technology, Inc. | Scripted distributed denial-of-service (DDoS) attack discrimination using turing tests |
US7529359B2 (en) * | 2001-03-20 | 2009-05-05 | Verizon Business Global Llc | Caller treatment in a SIP network |
US7242680B2 (en) * | 2001-03-20 | 2007-07-10 | Verizon Business Global Llc | Selective feature blocking in a communications network |
US20020188725A1 (en) | 2001-05-31 | 2002-12-12 | Mani Babu V. | User verification service in a multimedia-capable network |
WO2004082251A1 (en) * | 2003-02-10 | 2004-09-23 | Guang Feng | Receiver-side-led communication method, communication apparatus and communication program |
US7856477B2 (en) * | 2003-04-04 | 2010-12-21 | Yahoo! Inc. | Method and system for image verification to prevent messaging abuse |
KR20040095008A (en) * | 2003-05-06 | 2004-11-12 | 심플렉스 인터넷 주식회사 | Method for filtering spam mail using quiz mail |
US20040254793A1 (en) * | 2003-06-12 | 2004-12-16 | Cormac Herley | System and method for providing an audio challenge to distinguish a human from a computer |
JP2005109610A (en) * | 2003-09-29 | 2005-04-21 | Hitachi Software Eng Co Ltd | Method and system for preventing nuisance call |
JP2005328354A (en) * | 2004-05-14 | 2005-11-24 | Mitsubishi Electric Corp | Ip telephone system and subscriber's router |
US8582567B2 (en) * | 2005-08-09 | 2013-11-12 | Avaya Inc. | System and method for providing network level and nodal level vulnerability protection in VoIP networks |
CN1648924A (en) | 2005-02-06 | 2005-08-03 | 刘怡梅 | Method for filtering useless e-mail using short information promise mechanism |
KR100701753B1 (en) * | 2005-06-15 | 2007-03-29 | 엘지전자 주식회사 | Spam Interception System Of Phone |
US20070165811A1 (en) | 2006-01-19 | 2007-07-19 | John Reumann | System and method for spam detection |
-
2006
- 2006-01-19 US US11/334,920 patent/US20070165811A1/en not_active Abandoned
- 2006-12-22 JP JP2006346232A patent/JP5160084B2/en not_active Expired - Fee Related
-
2007
- 2007-01-04 KR KR1020070000942A patent/KR100974142B1/en not_active IP Right Cessation
- 2007-01-17 CN CNA2007100019690A patent/CN101005528A/en active Pending
-
2008
- 2008-06-02 US US12/131,334 patent/US8085915B2/en not_active Expired - Fee Related
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US6542583B1 (en) * | 1997-03-06 | 2003-04-01 | Avaya Technology Corp. | Caller identification verification system |
US7463724B2 (en) * | 2001-06-25 | 2008-12-09 | At&T Intellectual Property, I.L.P. | Audio caller identification |
Cited By (78)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100974142B1 (en) | 2006-01-19 | 2010-08-04 | 인터내셔널 비지네스 머신즈 코포레이션 | System and method for spam detection |
US20070283006A1 (en) * | 2006-06-02 | 2007-12-06 | Uangel Corporation | Automatic identification and blocking method of spam cell |
US7613286B2 (en) * | 2006-06-02 | 2009-11-03 | Uangel Corporation | Automatic identification and blocking method of spam cell |
US20090310771A1 (en) * | 2007-02-09 | 2009-12-17 | Frontier Communications Corp. | Systems and Methods for Providing Enhanced Telephone Services |
US20080192656A1 (en) * | 2007-02-09 | 2008-08-14 | Ted Vagelos | Systems And Methods For Providing Enhanced Telephone Services |
US20080192657A1 (en) * | 2007-02-09 | 2008-08-14 | Ted Vagelos | Systems and methods for providing enhanced telephone services |
US20080192904A1 (en) * | 2007-02-09 | 2008-08-14 | Ted Vagelos | Systems and methods for providing enhanced telephone services |
US20080192655A1 (en) * | 2007-02-09 | 2008-08-14 | Ted Vagelos | Systems And Methods For Providing Enhanced Telephone Services |
US7742468B2 (en) * | 2007-02-09 | 2010-06-22 | Frontier Communications Corporation | Systems and methods for providing enhanced telephone services |
US10469556B2 (en) | 2007-05-31 | 2019-11-05 | Ooma, Inc. | System and method for providing audio cues in operation of a VoIP service |
US20090022145A1 (en) * | 2007-07-20 | 2009-01-22 | Ipc Systems, Inc. | Systems, methods, apparatus and computer program products for networking trading turret systems using sip |
US8570853B2 (en) * | 2007-07-20 | 2013-10-29 | Ipc Systems, Inc. | Systems, methods, apparatus and computer program products for networking trading turret systems using SIP |
US9178898B2 (en) | 2007-09-12 | 2015-11-03 | Avaya Inc. | Distributed stateful intrusion detection for voice over IP |
US20090070875A1 (en) * | 2007-09-12 | 2009-03-12 | Avaya Technology Llc | Distributed Stateful Intrusion Detection for Voice Over IP |
US9736172B2 (en) | 2007-09-12 | 2017-08-15 | Avaya Inc. | Signature-free intrusion detection |
US20090070874A1 (en) * | 2007-09-12 | 2009-03-12 | Avaya Technology Llc | Signature-Free Intrusion Detection |
US20090274143A1 (en) * | 2007-09-12 | 2009-11-05 | Avaya Technology Llc | State Machine Profiling for Voice Over IP Calls |
US20090274144A1 (en) * | 2007-09-12 | 2009-11-05 | Avaya Technology Llc | Multi-Node and Multi-Call State Machine Profiling for Detecting SPIT |
US9438641B2 (en) * | 2007-09-12 | 2016-09-06 | Avaya Inc. | State machine profiling for voice over IP calls |
US9100417B2 (en) * | 2007-09-12 | 2015-08-04 | Avaya Inc. | Multi-node and multi-call state machine profiling for detecting SPIT |
FR2925253A1 (en) * | 2007-12-17 | 2009-06-19 | France Telecom | Communication e.g. telephonic communication, establishment authorizing method for e.g. mobile telephone, involves processing response to control information, and delivering communication establishment authorization when response is correct |
US20110211685A1 (en) * | 2008-10-27 | 2011-09-01 | Chengdu Huawei Symantec Technologies Co., Ltd. | Method, apparatus, proxy server and terminal for filtering out spam call |
EP2337320A4 (en) * | 2008-10-27 | 2012-05-30 | Chengdu Huawei Symantec Tech | A method, an apparatus, a proxy server and a terminal for filtering the spam call |
EP2337320A1 (en) * | 2008-10-27 | 2011-06-22 | Chengdu Huawei Symantec Technologies Co., Ltd. | A method, an apparatus, a proxy server and a terminal for filtering the spam call |
US20100158233A1 (en) * | 2008-12-23 | 2010-06-24 | International Business Machines Corporation | Performing human client verification over a voice interface |
US9020117B2 (en) | 2008-12-23 | 2015-04-28 | International Business Machines Corporation | Performing human client verification over a voice interface |
US20100158206A1 (en) * | 2008-12-23 | 2010-06-24 | International Business Machines Corporation | Performing human client verification over a voice interface |
US8311190B2 (en) * | 2008-12-23 | 2012-11-13 | International Business Machines Corporation | Performing human client verification over a voice interface |
US20130102297A1 (en) * | 2010-06-28 | 2013-04-25 | Sigma Mediterranee | Method and device for verifying physical recognition between a caller and a called party |
US8918089B2 (en) * | 2010-06-28 | 2014-12-23 | Sigma Mediterranee | Method and device for verifying physical recognition between a caller and a called party |
US9560198B2 (en) | 2013-09-23 | 2017-01-31 | Ooma, Inc. | Identifying and filtering incoming telephone calls to enhance privacy |
US9386148B2 (en) | 2013-09-23 | 2016-07-05 | Ooma, Inc. | Identifying and filtering incoming telephone calls to enhance privacy |
US9426288B2 (en) * | 2013-09-23 | 2016-08-23 | Ooma, Inc. | Identifying and filtering incoming telephone calls to enhance privacy |
US10728386B2 (en) | 2013-09-23 | 2020-07-28 | Ooma, Inc. | Identifying and filtering incoming telephone calls to enhance privacy |
US9667782B2 (en) | 2013-09-23 | 2017-05-30 | Ooma, Inc. | Identifying and filtering incoming telephone calls to enhance privacy |
US20150087280A1 (en) * | 2013-09-23 | 2015-03-26 | Ooma, Inc. | Identifying and Filtering Incoming Telephone Calls to Enhance Privacy |
US10135976B2 (en) | 2013-09-23 | 2018-11-20 | Ooma, Inc. | Identifying and filtering incoming telephone calls to enhance privacy |
CN104735228A (en) * | 2013-12-23 | 2015-06-24 | 联想(北京)有限公司 | Information processing method, first electronic equipment and second electronic equipment |
EP3114829A4 (en) * | 2014-03-07 | 2017-12-06 | Dialogtech Inc. | Phone fraud deterrence system for use with toll free and other fee generating numbers |
US10212266B2 (en) | 2014-03-07 | 2019-02-19 | Dialogtech Inc. | Phone fraud deterrence system for use with toll free and other fee generating numbers |
GB2524302A (en) * | 2014-03-20 | 2015-09-23 | Ibm | Verifying telephone caller origin |
US9602662B2 (en) | 2014-03-20 | 2017-03-21 | International Business Machines Corporation | Verifying telephone caller origin |
US9633547B2 (en) | 2014-05-20 | 2017-04-25 | Ooma, Inc. | Security monitoring and control |
US10818158B2 (en) | 2014-05-20 | 2020-10-27 | Ooma, Inc. | Security monitoring and control |
US11763663B2 (en) | 2014-05-20 | 2023-09-19 | Ooma, Inc. | Community security monitoring and control |
US11495117B2 (en) | 2014-05-20 | 2022-11-08 | Ooma, Inc. | Security monitoring and control |
US11250687B2 (en) | 2014-05-20 | 2022-02-15 | Ooma, Inc. | Network jamming detection and remediation |
US11151862B2 (en) | 2014-05-20 | 2021-10-19 | Ooma, Inc. | Security monitoring and control utilizing DECT devices |
US11094185B2 (en) | 2014-05-20 | 2021-08-17 | Ooma, Inc. | Community security monitoring and control |
US10769931B2 (en) | 2014-05-20 | 2020-09-08 | Ooma, Inc. | Network jamming detection and remediation |
US10553098B2 (en) | 2014-05-20 | 2020-02-04 | Ooma, Inc. | Appliance device integration with alarm systems |
US10255792B2 (en) | 2014-05-20 | 2019-04-09 | Ooma, Inc. | Security monitoring and control |
US11330100B2 (en) | 2014-07-09 | 2022-05-10 | Ooma, Inc. | Server based intelligent personal assistant services |
US11316974B2 (en) | 2014-07-09 | 2022-04-26 | Ooma, Inc. | Cloud-based assistive services for use in telecommunications and on premise devices |
US11315405B2 (en) | 2014-07-09 | 2022-04-26 | Ooma, Inc. | Systems and methods for provisioning appliance devices |
US10992803B2 (en) | 2015-04-20 | 2021-04-27 | Youmail, Inc. | System and method for identifying and handling unwanted callers using a call answering system |
US10051121B2 (en) | 2015-04-20 | 2018-08-14 | Youmail, Inc. | System and method for identifying unwanted communications using communication fingerprinting |
US10110739B2 (en) | 2015-04-20 | 2018-10-23 | Youmail, Inc. | System and method for identifying and handling unwanted callers using a call answering system |
CN104954361A (en) * | 2015-04-24 | 2015-09-30 | 小米科技有限责任公司 | Contact person verification method, device and system |
US10158584B2 (en) | 2015-05-08 | 2018-12-18 | Ooma, Inc. | Remote fault tolerance for managing alternative networks for high quality of service communications |
US10771396B2 (en) | 2015-05-08 | 2020-09-08 | Ooma, Inc. | Communications network failure detection and remediation |
US10911368B2 (en) | 2015-05-08 | 2021-02-02 | Ooma, Inc. | Gateway address spoofing for alternate network utilization |
US9929981B2 (en) | 2015-05-08 | 2018-03-27 | Ooma, Inc. | Address space mapping for managing alternative networks for high quality of service communications |
US11032211B2 (en) | 2015-05-08 | 2021-06-08 | Ooma, Inc. | Communications hub |
US9787611B2 (en) | 2015-05-08 | 2017-10-10 | Ooma, Inc. | Establishing and managing alternative networks for high quality of service communications |
US10009286B2 (en) | 2015-05-08 | 2018-06-26 | Ooma, Inc. | Communications hub |
US11171875B2 (en) | 2015-05-08 | 2021-11-09 | Ooma, Inc. | Systems and methods of communications network failure detection and remediation utilizing link probes |
US10263918B2 (en) | 2015-05-08 | 2019-04-16 | Ooma, Inc. | Local fault tolerance for managing alternative networks for high quality of service communications |
US11646974B2 (en) | 2015-05-08 | 2023-05-09 | Ooma, Inc. | Systems and methods for end point data communications anonymization for a communications hub |
US9521069B2 (en) | 2015-05-08 | 2016-12-13 | Ooma, Inc. | Managing alternative networks for high quality of service communications |
US10341490B2 (en) | 2015-10-09 | 2019-07-02 | Ooma, Inc. | Real-time communications-based internet advertising |
US10116796B2 (en) | 2015-10-09 | 2018-10-30 | Ooma, Inc. | Real-time communications-based internet advertising |
US20170171393A1 (en) * | 2015-12-15 | 2017-06-15 | Le Holdings (Beijing) Co., Ltd. | Method and Device for Call |
US11606464B2 (en) | 2016-08-01 | 2023-03-14 | Youmail, Inc. | System and method for facilitating setup and joining of conference calls |
US10904392B2 (en) | 2016-08-01 | 2021-01-26 | Youmail, Inc. | System and method for facilitating setup and joining of conference calls |
US20220237629A1 (en) * | 2021-01-28 | 2022-07-28 | Capital One Services, Llc | System, method, and computer-accessible medium for determining the veracity of a bank fraud call |
US20220394128A1 (en) * | 2021-06-03 | 2022-12-08 | Zhenkun Wang | Method, system and device for permitting unfamiliar call |
US11695870B2 (en) * | 2021-06-03 | 2023-07-04 | Zhenkun Wang | Method, system and device for permitting unfamiliar call |
Also Published As
Publication number | Publication date |
---|---|
KR20070077062A (en) | 2007-07-25 |
JP5160084B2 (en) | 2013-03-13 |
US8085915B2 (en) | 2011-12-27 |
CN101005528A (en) | 2007-07-25 |
JP2007195165A (en) | 2007-08-02 |
KR100974142B1 (en) | 2010-08-04 |
US20080226047A1 (en) | 2008-09-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8085915B2 (en) | System and method for spam detection | |
Quittek et al. | Detecting SPIT calls by checking human communication patterns | |
US11005989B1 (en) | Validating automatic number identification data | |
JP4921043B2 (en) | Method and apparatus for interrupting exchange connection of unwanted telephone calls | |
TWI468002B (en) | Method and system for authentication | |
US8885298B2 (en) | Conference roll call | |
CN101578637B (en) | A mechanism for authentication of caller and callee using otoacoustic emissions | |
US20110211685A1 (en) | Method, apparatus, proxy server and terminal for filtering out spam call | |
WO2009010944A2 (en) | On-demand authentication of call session party information during a telephone call | |
US20220103681A1 (en) | Communication system for mitigating incoming spoofed callers using social media | |
US8953471B2 (en) | Counteracting spam in voice over internet protocol telephony systems | |
US9025587B2 (en) | Auto answer in voice over internet protocol | |
Gritzalis et al. | SPIDER: A platform for managing SIP-based Spam over Internet Telephony (SPIT) | |
KR101463055B1 (en) | System and method for mobile-to-computer communication | |
US9025740B2 (en) | Method and system for improved communication security | |
CA3191409C (en) | Method and system for detection of call signal manipulation | |
US9019869B2 (en) | System and method to suppress voice prompts in SIP calls | |
EP3566427B1 (en) | Out-of-band call verification | |
US9003545B1 (en) | Systems and methods to protect against the release of information | |
WO2020081614A1 (en) | Systems and method for control of telephone calls over cellular networks | |
Su et al. | Using data mining approaches to identify voice over IP spam | |
CN102055588A (en) | Method of call authentication and VOIP (voice over internet phone) system | |
US10979561B1 (en) | PIN or secret-code based caller-id validation system | |
Qiu et al. | SIP Vulnerabilities Testing in Session Establishment & User Registration. | |
Marias et al. | SIP Vulnerabilities for SPIT, SPIT Identification Criteria, Anti-SPIT Mechanisms Evaluation Framework and Legal Issues |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AS | Assignment |
Owner name: INTERNATIONAL BUSINESS MACHINES CORPORATION, NEW Y Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:REUMANN, JOHN;SAHA, DEBANJAN;SHAE, ZON-YIN;AND OTHERS;REEL/FRAME:017349/0470;SIGNING DATES FROM 20050907 TO 20050925 |
|
AS | Assignment |
Owner name: ABBOTT LABORATORIES, ILLINOIS Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:PEREZ-MEDRANO, ARTURO;NELSON, DEREK W.;CARROLL, WILLIAM A.;AND OTHERS;REEL/FRAME:018722/0219;SIGNING DATES FROM 20060410 TO 20060509 |
|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |