DOCSLIB.ORG

“In Vivo” Spam Filtering: a Challenge Problem For

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
“In Vivo” Spam Filtering: a Challenge Problem For “In vivo” spam filtering: A challenge problem for KDD Tom Fawcett Hewlett­Packard Laboratories 1501 Page Mill Road Palo Alto, CA USA [email protected] ABSTRACT vivo" we mean the problem as it is truly faced in an op- erating environment, that is, by an on-line filter on a mail Spam, also known as Unsolicited Commercial Email (UCE), account that receives realistic feeds of email over time, and is the bane of email communication. Many data mining serves a human user. In this context, spam filtering faces researchers have addressed the problem of detecting spam, issues of skewed and changing class distributions; unequal generally by treating it as a static text classification prob- and uncertain error costs; complex text patterns; a complex, lem. True in vivo spam filtering has characteristics that disjunctive and drifting target concept; and challenges of make it a rich and challenging domain for data mining. In- intelligent, adaptive adversaries. Many real-world domains deed, real-world datasets with these characteristics are typ- share these characteristics and would benefit indirectly by ically difficult to acquire and to share. This paper demon- work on spam filtering. strates some of these characteristics and argues that re- searchers should pursue in vivo spam filtering as an accessi- Improving spam filtering is a worthy goal in itself, but this ble domain for investigating them. paper takes the (admittedly selfish) position that data min- ing researchers should study the problem for the benefit of data mining. It is unclear whether spam filtering ef- General Terms forts could genuinely benefit from data mining research. On the other hand, one of the persistent difficulties of research spam, text classification, challenge problems, class skew, im- in many real-world domains is that of acquiring and shar- balanced data, cost-sensitive learning, data streams, concept ing datasets. Most companies, for example, do not release drift datasets containing real customer transactions; we are aware of no public domain datasets containing genuine fraudu- 1. INTRODUCTION lent transactions for studying fraud detection. Even sharing Spam, also known as Unsolicited Commercial Email (UCE) such data between partner companies usually requires for- and Unsolicited Bulk Email (UBE), is commonplace every- mal non-disclosure agreements. In other domains datasets where in email communication1. Spam is a costly problem may still have copyright or privacy issues. Few datasets and many experts agree it is only getting worse [7; 24; 31; 34; involving concept drift or changing class distributions are 14]. Because of the economics of spam and the difficulties publicly available. Without such datasets, the ability to inherent in stopping it, it is unlikely to go away soon. replicate results and compare algorithm performance is hin- Many data mining and machine learning researchers have dered and progress on these research topics will be impaired. worked on spam detection and filtering, commonly treat- Spam data are easily accessible and shareable, which makes ing it as a basic text classification problem. The problem spam filtering a good domain testbed for investigating many is popular enough that it has been the subject of a Data of the same issues. Mining Cup contest [10] as well as numerous class projects. The remainder of the paper enumerates these research issues Bayesian analysis has been very popular [28; 30; 16; 3], but and describes how they are manifested in in vivo spam filter- researchers have also used SVMs [20], decisions trees [4], ing. The final section of the paper describes how researchers memory and case-based reasoning [29; 8], rule learning [27] could begin exploring the domain. and even genetic programming [19]. But researchers who treat spam filtering as an isolated text 2. CHALLENGES classification task have only addressed a portion of the prob- lem. This paper argues that real-world in vivo spam filtering 2.1 Skewed and drifting class distributions is a rich and challenging problem for data mining. By \in Like most text classification domains, spam presents the 1 problem of a skewed class distribution, i.e., the proportion of The term \spam" is sometimes used loosely to mean any spam to legitimate email is uneven. There are no generally message broadcast to multiple senders (regardless of intent) or any message that is undesired. Here we intend the nar- agreed upon class priors for this problem. G´omez Hidalgo rower, stricter definition: unsolicited commercial email sent [15] points out that the proportion of spam messages re- to an account by a person unacquainted with the recipient. ported in research datasets varies considerably, from 16.6% to 88.2%. This may be simply because the proportion varies considerably from one individual to another. The amount of spam received depends on the email address, the degree SIGKDD Explorations. Volume 5,Issue 2 - Page 140 300 30 250 25 200 20 150 15 100 10 50 5 Number of messages per week Number of spam messages per week 0 0 0 10 20 30 40 50 0 10 20 30 40 50 Week of 2002 Week of 2002 (a) Spam messages (b) Legitimate messages Figure 1: Weekly variation in message traffic, spam versus legitimate email 1 0.9 0.8 p(spam) 0.7 0.6 0.5 0 10 20 30 40 50 Week of 2002 Figure 2: SpamCop: Spam forwarded and reports sent Figure 3: Drifting priors: weekly estimates of p(spam) taken from data in figure 1. of exposure, the amount of time the address has been pub- lic and the upstream filtering. The amount of legitimate several datasets we can make a case that spam priors change email received similarly varies greatly from one individual significantly over time. to another. Figure 1a shows a graph of spam volume received in 2002 Perhaps more importantly, spam varies over time as well. by Paul Wouters of Xtended Internet2. In 2002 the spam This was demonstrated dramatically in 2002 when a large volume was 146 55 messages per week, indicating a great number of open relays and open proxies were brought on-line deal of variation in spite of its upward trend. For most in Asian countries, primarily Korea and China. Such a large people, the volume of the legitimate email received varies as new pool of unprotected machines provided great opportu- well. Figure 1b shows a graph of the number of legitimate nities for spammers, and soon email servers throughout the messages saved by the author over the weeks in 2002. The world experienced a huge surge in the amount of spam they volume is 12:3 6:4 messages per week. forwarded and received. The problem became so bad that Figure 2 shows the volume of reports issued from Spam- for a brief time all email from certain Asian countries was Cop's website3 This graph also demonstrates some of spam's blocked completely by some ISPs [9]. episodic nature. SpamCop is a service used by many peo- In spite of claims that spam is generally increasing [7; 24; ple to filter spam and to submit reports (complaints) to the 5], the volume varies considerably and non-monotonically originators of spam. Both the amount of spam submitted on a daily or weekly scale. Calculating spam proportion and the number of reports sent show clear episodic behavior. even approximately is difficult. Although some public spam These graphs show time variation in both the volume of datasets are available (see Appendix A), we are aware of no personal email datasets arranged over time, so it is difficult 2http://spamarchive.xtdnet.nl/ to match the two to establish priors. Nevertheless, using 3http://www.spamcop.net/spamstats.shtml SIGKDD Explorations. Volume 5,Issue 2 - Page 141 1 0.9 0.8 0.7 0.6 0.5 p(spam) 0.4 0.3 0.2 0.1 0 0 10 20 30 Day (a) (b) Figure 4: Email volume from Eide's trial, (a) absolute volume, (b) resulting prior p(spam). spam and the volume of legitimate email received, something If we assume that the cost of a false positive (that is, of that researchers have not generally acknowledged. Since the classifying a legitimate message as spam) is about ten times two sources of email|senders of spam and senders of legiti- that of a false negative, this reduces to mate email|are independent parties with little in common, p(spam) we can expect their variation to be statistically uncorrelated, PCFspam = and the class priors will vary over time. No fixed prior will p(spam) + p(legit) × 10 be correct. How much could we expect class priors to vary? If we assume that a user received the spam shown in figure 1a and the Using the p(spam) range from figure 4b, the PCF range of legitimate email shown in figure 1b, we can estimate the class interest for spam filtering is :04 ≤ PCFspam ≤ :47. Since the prior p(spam) simply as the proportion of weekly messages entire PCF range is [0,1], this means nearly half of cost space that are spam. Figure 3 shows a graph of this value, which is influenced by this variation in priors. Any classifier whose ranges between about .67 to .99. performance lies within this 44% could be a competitive A further demonstration of changing priors appears in Kris- solution. This is a wide range, and it is reasonable to expect tian Eide's study of bayesian spam filters [12]. In evaluating classifier superiority to vary within it. these filters he measured the volume of spam and legitimate The purpose of this analysis is not to call into question the email he received over the course of one month. These vol- validity of prior work, but to point out that changing class umes are graphed in figure 4a, and the computed daily spam distributions are a reality in this domain and their influence prior is graphed in figure 4b.
Load more

Recommended publications
  • Trendmicro™ Hosted Email Security
    TrendMicro™ Hosted Email Security Best Practice Guide Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. The names of companies, products, people, characters, and/or data mentioned herein are fictitious and are in no way intended to represent any real individual, company, product, or event, unless otherwise noted. Complying with all applicable copyright laws is the responsibility of the user. Copyright © 2016 Trend Micro Incorporated. All rights reserved. Trend Micro, the Trend Micro t-ball logo, and TrendLabs are trademarks or registered trademarks of Trend Micro, Incorporated. All other brand and product names may be trademarks or registered trademarks of their respective companies or organizations. No part of this publication may be reproduced, photocopied, stored in a retrieval system, or transmitted without the express prior written consent of Trend Micro Incorporated. Authors : Michael Mortiz, Jefferson Gonzaga Editorial : Jason Zhang Released : June 2016 Table of Contents 1 Best Practice Configurations ................................................................................................................................. 8 1.1 Activating a domain ....................................................................................................................................... 8 1.2 Adding Approved/Blocked Sender ................................................................................................................ 8 1.3 HES order
    [Show full text]
  • A Survey of Learning-Based Techniques of Email Spam Filtering
    View metadata, citation and similar papers at core.ac.uk brought to you by CORE provided by Unitn-eprints Research A SURVEY OF LEARNING-BASED TECHNIQUES OF EMAIL SPAM FILTERING Enrico Blanzieri and Anton Bryl January 2008 (Updated version) Technical Report # DIT-06-056 A Survey of Learning-Based Techniques of Email Spam Filtering Enrico Blanzieri, University of Trento, Italy, and Anton Bryl University of Trento, Italy, Create-Net, Italy [email protected] January 11, 2008 Abstract vertising pornography, pyramid schemes, etc. [68]. The total worldwide financial losses caused by spam Email spam is one of the major problems of the to- in 2005 were estimated by Ferris Research Analyzer day’s Internet, bringing financial damage to compa- Information Service at $50 billion [31]. nies and annoying individual users. Among the ap- Lately, Goodman et al. [39] presented an overview proaches developed to stop spam, filtering is an im- of the field of anti-spam protection, giving a brief portant and popular one. In this paper we give an history of spam and anti-spam and describing major overview of the state of the art of machine learn- directions of development. They are quite optimistic ing applications for spam filtering, and of the ways in their conclusions, indicating learning-based spam of evaluation and comparison of different filtering recognition, together with anti-spoofing technologies methods. We also provide a brief description of and economic approaches, as one of the measures other branches of anti-spam protection and discuss which together will probably lead to the final victory the use of various approaches in commercial and non- over email spammers in the near future.
    [Show full text]
  • Detecting Phishing in Emails Srikanth Palla and Ram Dantu, University of North Texas, Denton, TX
    1 Detecting Phishing in Emails Srikanth Palla and Ram Dantu, University of North Texas, Denton, TX announcements. The third category of spammers is called Abstract — Phishing attackers misrepresent the true sender and phishers. Phishing attackers misrepresent the true sender and steal consumers' personal identity data and financial account steal the consumers' personal identity data and financial credentials. Though phishers try to counterfeit the websites in account credentials. These spammers send spoofed emails and the content, they do not have access to all the fields in the lead consumers to counterfeit websites designed to trick email header. Our classification method is based on the recipients into divulging financial data such as credit card information provided in the email header (rather than the numbers, account usernames, passwords and social security content of the email). We believe the phisher cannot modify numbers. By hijacking brand names of banks, e-retailers and the complete header, though he can forge certain fields. We credit card companies, phishers often convince the recipients based our classification on three kinds of analyses on the to respond. Legislation can not help since a majority number header: DNS-based header analysis, Social Network analysis of phishers do not belong to the United States. In this paper we and Wantedness analysis. In the DNS-based header analysis, present a new method for recognizing phishing attacks so that we classified the corpus into 8 buckets and used social the consumers can be vigilant and not fall prey to these network analysis to further reduce the false positives. We counterfeit websites. Based on the relation between credibility introduced a concept of wantedness and credibility, and and phishing frequency, we classify the phishers into i) derived equations to calculate the wantedness values of the Prospective Phishers ii) Suspects iii) Recent Phishers iv) Serial email senders.
    [Show full text]
  • Efficient Spam Filtering System Based on Smart Cooperative Subjective and Objective Methods*
    Int. J. Communications, Network and System Sciences, 2013, 6, 88-99 http://dx.doi.org/10.4236/ijcns.2013.62011 Published Online February 2013 (http://www.scirp.org/journal/ijcns) Efficient Spam Filtering System Based on Smart * Cooperative Subjective and Objective Methods Samir A. Elsagheer Mohamed1,2 1College of Computer, Qassim University, Qassim, KSA 2Electrical Engineering Department, Faculty of Engineering, Aswan University, Aswan, Egypt Email: [email protected], [email protected] Received September 17, 2012; revised January 16, 2013; accepted January 25, 2013 ABSTRACT Most of the spam filtering techniques are based on objective methods such as the content filtering and DNS/reverse DNS checks. Recently, some cooperative subjective spam filtering techniques are proposed. Objective methods suffer from the false positive and false negative classification. Objective methods based on the content filtering are time con- suming and resource demanding. They are inaccurate and require continuous update to cope with newly invented spammer’s tricks. On the other side, the existing subjective proposals have some drawbacks like the attacks from mali- cious users that make them unreliable and the privacy. In this paper, we propose an efficient spam filtering system that is based on a smart cooperative subjective technique for content filtering in addition to the fastest and the most reliable non-content-based objective methods. The system combines several applications. The first is a web-based system that we have developed based on the proposed technique. A server application having extra features suitable for the enter- prises and closed work groups is a second part of the system. Another part is a set of standard web services that allow any existing email server or email client to interact with the system.
    [Show full text]
  • Account Administrator's Guide
    ePrism Email Security Account Administrator’s Guide - V10.4 4225 Executive Sq, Ste 1600 Give us a call: Send us an email: For more info, visit us at: La Jolla, CA 92037-1487 1-800-782-3762 [email protected] www.edgewave.com © 2001—2016 EdgeWave. All rights reserved. The EdgeWave logo is a trademark of EdgeWave Inc. All other trademarks and registered trademarks are hereby acknowledged. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. The Email Security software and its documentation are copyrighted materials. Law prohibits making unauthorized copies. No part of this software or documentation may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into another language without prior permission of EdgeWave. 10.4 Contents Chapter 1 Overview 1 Overview of Services 1 Email Filtering (EMF) 2 Archive 3 Continuity 3 Encryption 4 Data Loss Protection (DLP) 4 Personal Health Information 4 Personal Financial Information 5 Document Conventions 6 Other Conventions 6 Supported Browsers 7 Reporting Spam to EdgeWave 7 Contacting Us 7 Additional Resources 7 Chapter 2 Portal Overview 8 Navigation Tree 9 Work Area 10 Navigation Icons 10 Getting Started 11 Logging into the portal for the first time 11 Logging into the portal after registration 12 Changing Your Personal Information 12 Configuring Accounts 12 Chapter 3 EdgeWave Administrator
    [Show full text]
  • IFIP AICT 394, Pp
    A Scalable Spam Filtering Architecture Nuno Ferreira1, Gracinda Carvalho1, and Paulo Rogério Pereira2 1 Universidade Aberta, Portugal 2 INESC-ID, Instituto Superior Técnico, Technical University of Lisbon, Portugal [email protected], [email protected], [email protected] Abstract. The proposed spam filtering architecture for MTA1 servers is a component based architecture that allows distributed processing and centralized knowledge. This architecture allows heterogeneous systems to coexist and benefit from a centralized knowledge source and filtering rules. MTA servers in the infrastructure contribute to a common knowledge, allowing for a more rational resource usage. The architecture is fully scalable, ranging from all-in- one system with minimal components instances, to multiple components instances distributed across multiple systems. Filtering rules can be implemented as independent modules that can be added, removed or modified without impact on MTA servers operation. A proof-of-concept solution was developed. Most of spam is filtered due to a grey-listing effect from the architecture itself. Using simple filters as Domain Name System black and white lists, and Sender Policy Framework validation, it is possible to guarantee a spam filtering effective, efficient and virtually without false positives. Keywords: spam filtering, distributed architecture, component based, centralized knowledge, heterogeneous system, scalable deployment, dynamic rules, modular implementation. 1 Introduction Internet mail spam2 is a problem for most organizations and individuals. Receiving spam on mobile devices, and on other connected appliances, is yet a bigger problem, as these platforms are not the most appropriate for spam filtering. Spam can be seen as belonging to one of two major categories: Fraud and Commercial.
    [Show full text]
  • White Paper Barracuda • Comprehensive Email Filtering
    Comprehensive Email Filtering White Paper Barracuda • Comprehensive Email Filtering Email has undoubtedly become a valued communications tool among organizations worldwide. With Spam History frequent virus attacks and the alarming influx of spam, email loses the efficiency to communicate. Spam Spam is one form of abuse messages represent the vast majority of email traffic on the Internet. Spam is no longer a simple annoyance; of the Simple Mail Transfer it is a significant security issue and a massive drain on financial resources. Protocol (SMTP), which is implemented in email systems This is simply astounding and unacceptable. It’s time to take control of spam and virus attacks. on the basis of RFC 524. First proposed in 1973, RFC 524 was Filtering Email in Two Advanced Processes developed during a time when computer security was not a Today, there are a number of solutions designed to help alleviate the spam problem. Barracuda Networks significant concern. As such, designed the affordable Barracuda Email Security Gateway as an easy-to-use, enterprise-class hardware and RFC 524 is no longer a secure software solution for businesses of all sizes that comprehensively evaluates each email, using two main command set, making it and classes of sophisticated algorithms and techniques: Connection Management and Mail Scanning. SMTP susceptible to abuse. During the connection management process, emails are filtered through five defense layers to verify Most spam-making tools authenticity of envelope information, and any inappropriate incoming mail connections are dropped exploit the security holes in even before receiving the message. Any emails that survive the connection verification process must then SMTP.
    [Show full text]
  • Email Filtering for Providers
    Email Filtering for providers How email service providers and ISPs can use anti-phishing, anti-ransomware and graymail filtering as a strategic weapon. Win new customers, keep your current ones, and avoid being stuck in commodity pricing hell. Table of Contents Summary .............................................................................................. 3 Introduction ......................................................................................... 4 What is an ISP or Host To Do? ....................................................... 5 The Spectrum of Email Threats and Nuisances ........................ 5 Spam ................................................................................................... 6 Graymail .............................................................................................. 7 Phishing and Spear Phishing ............................................................... 8 Malware through Phishing and Spear Phishing Campaigns ................10 Stopping Spear Phishing is Difficult ...................................................11 Hard Costs of Email Threats and Nuisances ............................ 11 Opportunity Costs of Email Security .......................................... 12 Mitigating the Full Spectrum of Email Threats .......................... 12 Heuristic Filtering and Rules to Fight Graymail and Spam ..................13 Anti-Phishing/Spear Phishing ............................................................14 Anti-Malware and Attachment Analysis .............................................15
    [Show full text]
  • System Administrator's Guide
    ePrism Email Security System Administrator’s Guide - V11.0 4225 Executive Sq, Ste 1600 Give us a call: Send us an email: For more info, visit us at: La Jolla, CA 92037-1487 1-800-782-3762 [email protected] www.edgewave.com © 2001—2017 EdgeWave. All rights reserved. The EdgeWave logo is a trademark of EdgeWave Inc. All other trademarks and registered trademarks are hereby acknowledged. Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. Other product and company names mentioned herein may be the trademarks of their respective owners. The Email Security software and its documentation are copyrighted materials. Law prohibits making unauthorized copies. No part of this software or documentation may be reproduced, transmitted, transcribed, stored in a retrieval system, or translated into another language without prior permission of EdgeWave. 11.0 Contents Chapter 1 Overview 1 Overview of Services 1 Email Filtering (EMF) 2 Archive 3 Continuity 3 Encryption 4 Data Loss Protection (DLP) 4 Personal Health Information 4 Personal Financial Information 5 ThreatCheck 6 Vx Service 6 Document Conventions 7 Supported Browsers 7 Reporting Spam to EdgeWave 7 Contacting Us 8 Additional Resources 8 Chapter 2 ePrism Appliance 9 Planning for the ePrism Appliance 9 About MX Records 9 Configuration Examples 10 Email Security Outside Corporate Firewall 10 Email Security Behind Corporate Firewall 10 Mandatory 11 Optional 12 Accessing the ePrism Appliance 12 ePrism Appliance
    [Show full text]
  • A Survey of Phishing Email Filtering Techniques Ammar Almomani, B
    2070 IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. 15, NO. 4, FOURTH QUARTER 2013 A Survey of Phishing Email Filtering Techniques Ammar Almomani, B. B. Gupta, Samer Atawneh, A. Meulenberg, and Eman Almomani Abstract—Phishing email is one of the major problems of messages and are capable of deceiving even the clever Internet today’s Internet, resulting in financial losses for organizations users. Fraudulent emails can steal secret information from and annoying individual users. Numerous approaches have been the victims, resulting in loss of funds. As a consequence, developed to filter phishing emails, yet the problem still lacks a complete solution. In this paper, we present a survey of these attacks are damaging electronic commerce in the Internet the state of the art research on such attacks. This is the first world, resulting in the loss of trust and use of the Internet [9]. comprehensive survey to discuss methods of protection against This threat has led to the development of a large number of phishing email attacks in detail. We present an overview of the techniques for the detection and filtering of phishing emails. various techniques presently used to detect phishing email, at the The many approaches proposed in the literature to filter different stages of attack, mostly focusing on machine-learning techniques. A comparative study and evaluation of these filtering phishing emails, may be classified according to the different methods is carried out. This provides an understanding of the stages of the attack flow, e.g. network level protection, au- problem, its current solution space, and the future research thentication, client side tool, user education, server side filters directions anticipated.
    [Show full text]
  • A Study of Spam Origins
    Spamology: A Study of Spam Origins ∗ Craig A. Shue Minaxi Gupta Chin Hua Kong Oak Ridge National Computer Science Dept. Computer Science Dept. Laboratory Indiana University Indiana University Oak Ridge, Tennessee, USA Bloomington, Indiana, USA Bloomington, Indiana, USA [email protected] [email protected] [email protected] John T. Lubia Asim S. Yuksel Computer Science Dept. Computer Science Dept. Indiana University Indiana University Bloomington, Indiana, USA Bloomington, Indiana, USA [email protected] [email protected] ABSTRACT email lists for very little money.” This paper is motivated by The rise of spam in the last decade has been staggering, with the question: How are these bulk email lists created? While the rate of spam exceeding that of legitimate email. While previous work has explored one avenue for how spammers conjectures exist on how spammers gain access to email ad- might be harvesting email addresses [1], our goal is to un- dresses to spam, most work in the area of spam containment dertake a systematic study to understand the phenomenon. has either focused on better spam filtering methodologies Our general approach is to register a dedicated domain, or on understanding the botnets commonly used to send run an email server for that domain, and post email ad- spam. In this paper, we aim to understand the origins of dresses belonging to the domain at strategic places and watch spam. We post dedicated email addresses to record how the inflow of spam. The first step we take is to register for and where spammers go to obtain email addresses.
    [Show full text]
  • Download File
    Scaling up VoIP: Transport Protocols and Controlling Unwanted Communication Requests Kumiko Ono Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in the Graduate School of Arts and Sciences COLUMBIA UNIVERSITY 2012 c 2012 Kumiko Ono All Rights Reserved ABSTRACT Scaling up VoIP: Transport Protocols and Controlling Unwanted Communication Requests Kumiko Ono Millions of people worldwide use voice over IP (VoIP) services not only as cost-effective alternatives to long distance and international calls but also as unified communication tools, such as video conferencing. Owing to the low cost of new user accounts, each person can easily obtain multiple accounts for various purposes. Rich VoIP functions combined with the low cost of new accounts and connections attract many people, resulting in a dramatic increase in the number of active user accounts. Internet telephony service providers (ITSPs), therefore, need to deploy VoIP systems to accommodate this growing demand for VoIP user accounts. Attracted people also include bad actors who make calls that are unwanted to callees. Once ITSPs openly connect with each other, unwanted bulk calls will be at least as serious a problem as email spam. This dissertation studies how we can reduce load both on ITSPs and end users to ensure continuing the success of VoIP services. From ITSPs' perspective, the scalability of VoIP servers is of importance and concern. Scalability depends on server implementation and the transport protocol for SIP, VoIP sig- naling. We conduct experiments to understand the impact of connection-oriented transport protocols, namely, TCP and SCTP, because of the additional costs of handling connec- tions.
    [Show full text]