Voice over IP enables the transmission of telephone calls over the Internet as opposed to POTS (plain old telephone service). Internet Telephony means economical phone calls, which is a fantastic benefit to both consumers and businesses, but it also can lead to cheap methods of mass advertising. VoIP Spam is a potentially serious issue that will be facing IP telephony in the near future. VoIP Spam is also known as SPIT or Spam over Internet Telephony.

At present, there are a variety of filters and mechanisms to prevent junk E-mail from entering one’s inbox, but what can be done to stop telemarketers from sending advertising messages directly to your voice mailbox? Any automated system can dial thousands of numbers by sending messages to thousands of IP addresses in seconds in a stealthy and cost-effective manner, rather than tying up a single telephone line to make a call over the Public Switched Telephone Network.

What makes SPIT a reality is the true rise in popularity of SIP (Session Initiation Protocol). With SIP, each telephony account has a URI which is similar to an E-mail address, for example, This e-mail address is being protected from spam bots, you need JavaScript enabled to view it .  Usually there is only one identifier that makes it easier for people to remember their URI based on their E-mail address. Thus, a spitter can harvest a company’s E-mail addresses and gain direct access to their SIP voicemail, as well. Spitters can also use spambots to harvest VoIP addresses in order to send bulk unsolicited voicemail messages to the unfortunate recipients.

One solution to SPIT is to blacklist the IP address of unsolicited callers and source alias name, but not unlike spammers, spitters can block trace back to their domains and use bots to fake all of that information. It’s not unrealistic to expect that cryptographic techniques may be adopted in the future, like public keys and digital signatures for IP-telephony authentication. One company has developed software to scan incoming calls at the voice server using algorithms to detect many calls from the same location or calls of the same duration and block them completely. Firewalls can also filter VoIP traffic for anomalies and effectively drop those connections.

Since VoIP is a major target for exploitation, the proliferation of Internet Telephony should be characterized by a rise in SPIT. Recently, Vonage sent out mass E-mailings and voice mailings to customers regarding their IPO – which may have been considered as SPIT. The unified messaging feature of VoIP systems might allow mailboxes receive voicemail messages taking up multiple megabytes of storage. Both carriers and Internet Telephony Service providers are responsible for taking the necessary steps to defend the voice mailboxes of their end-users and clients against SPIT. Since VoIP spam is becoming a potential threat, administrators need to be proactive in putting systems in place that will protect clients against it.

Denial of Service (DoS) against a SIP sever is a kind of attack that occurs when the attacker device sends packet floods towards the server. Because the server will allocate memory and CPU resources for each received packet, this immediately results in large-scale loss of function for the SIP-based server. In such cases, the authentication mechanisms that are usually operated by SIP servers as a security measure, cannot avoid allowing the server to be flooded.

Dialexia is developing a solution to the DoS problem in order to secure Dial-Office and Dial-Gate installations. The solution is mainly founded on an embedded DoS detector and controller. The solution philosophy consists of intervening at the early stage of receiving SIP traffic to avoid to be constrained to deal with message floods that would already have allocated memory and CPU resources. For that, the DoS detector and controller intercepts all the incoming SIP traffic to analyze the content of every SIP packet. This aims to detect any DoS attacker. If an attacker is detected, their IP address is added to a black list. Once this is done, the DoS detector and controller will be able to filter incoming traffic to reject any packets coming from that attacker.