Since the introduction of VoIP, the service or underlying technology (basedon the SIP protocol) has been susceptible to multiple fraud scenarios. In particular, by exploiting some of the features of VoIP, such as three way call and call transfer, hackers can inject call signals into the network and effectively hijack calls. The result is significant non-billable revenue for the Service Provider. Since commands associated with VoIP technology are often sent un-encrypted and without authorization for each command, this is an easy technique to carry out.
An obvious solution is for Service Providers to encrypt the commands and signaling across their networks. However, such encryption can introduce additional cost. Moreover, it can result in a performance burden on the Service Provider, as well as the associated end user equipment.
A Better Solution
A less intrusive method is to introduce active VoIP policy controls in front of the Call Session Control Function (CSCF). This gateway solution can block or challenge call control messages for authenticity before passing them along to the CSCF.
For this second option to be successful, service policy gateways must be able to adapt their methods to constantly changing techniques and security threats. The type of information required to adapt or reconfigure the policy gateway can be provided by Service Assurance vendors using analytical reporting tools.
Detect Traffic Spikes
By processing VoIP-related call records extracted directly from the network, such analytical tools can be used to look for specific patterns or traffic “spikes” within the records, such as call volumes and call duration, both to/from specific numbers. The early detection of such events or behavior will then enable Service Providers to configure their gateways accordingly. Thus, they can effectively minimize the impact of such scenarios, as well as the related revenue loss.
More on security
Voice service providers must now implement call authentication technology to comply with newly passed regulations seeking to eliminate fraudulent robocalls. President Trump last week signed the TRACED (Telephone Robocall Abuse…
Empirix Inc. a leader in network test automation and service and application performance visibility, today announced that Empirix service assurance capabilities can now be extended to monitor the performance of…
I was able to escape the blizzard-like conditions of New England winter for three sunny days in Las Vegas to attend the Avaya International User Group. Despite the recent restructuring…
At Empirix, our continued focus and development of our analytics platform will extend the value to both Wireless and Wireline Service Providers. Our solutions will continue to place emphasis on Customer Experience and Empirix will offer holistic insight into those key entities that reveals unnecessary Opex and Churn.