Since the introduction of VoIP, the service or underlying technology (based on the SIP protocol) has been susceptible to multiple fraud scenarios. In particular, by exploiting some of the features of VoIP, such as three way call and call transfer, hackers can inject call signals into the network and effectively hijack calls. The result is significant non-billable revenue for the Service Provider. Since commands associated with VoIP technology are often sent un-encrypted and without authorization for each command, this is an easy technique to carry out.
An obvious solution is for Service Providers to encrypt the commands and signaling across their networks. However, such encryption can introduce additional cost. Moreover, it can result in a performance burden on the Service Provider, as well as the associated end user equipment.
A Better Solution
A less intrusive method is to introduce active VoIP policy controls in front of the Call Session Control Function (CSCF). This gateway solution can block or challenge call control messages for authenticity before passing them along to the CSCF.
For this second option to be successful, service policy gateways must be able to adapt their methods to constantly changing techniques and security threats. The type of information required to adapt or reconfigure the policy gateway can be provided by Service Assurance vendors using analytical reporting tools.
By processing VoIP-related call records extracted directly from the network, such analytical tools can be used to look for specific patterns or traffic “spikes” within the records, such as call volumes and call durations, both to/from specific numbers. The early detection of such events or behavior will then enable Service Providers to configure their gateways accordingly. Thus, they can effectively minimize the impact of such scenarios, as well as the related revenue loss.