Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
180 Ringing
200 OK
The Session Initiation Protocol
(SIP) is a protocol for signalling ACK
and controlling multimedia
communication sessions in Call/Media in Progress
applications of Internet telephony
for voice and video calls BYE
200 OK
SIP HAS MULTIPLE MESSAGES EXCHANGED TO
ESTABLISH AND TERMINATE THE CALL
INVITE
100 Trying
Call
Setup 180 Ringing
200 OK
ACK
Call in
Progress Call/Media in Progress
BYE
Call
Termination
200 OK
SIP HAS MULTIPLE MESSAGES EXCHANGED TO
ESTABLISH AND TERMINATE THE CALL
INVITE
100 Trying
Call
Setup 180 Ringing
200 OK
Usually for Fraud
ACK
Management
Call in
Progress Call/Media in Progress
CDR based data is used
(created upon call termination and
BYE
Call containing the call details)
Termination
200 OK
EXAMPLE
Wangiri Fraud, also known as Call Back Fraud is a fraud scenario where
fraudsters trigger multiple single ring and disconnected calls (displaying a
premium rate number)
ACK
Call in
Progress Call/Media in Progress
BYE
Call
Termination
200 OK
A GROSS SIMPLIFICATION
CDRs Signalling
Both contain
Origin, destination
Date, time, length of calls, etc.
Source IP, Destination IP
EXAMPLE
Wangiri Fraud, also known as Call Back Fraud is a fraud scenario where fraudsters
trigger multiple single ring and disconnected calls (displaying a premium rate number)
INVITE
100 Trying
Call
Setup
183 Session Progress
CANCEL
200 OK
Call
Cancel 487 Request Terminated
ACK
EXAMPLE
Fraudsters are able to hack a PBX and instruct the PBX Detection Rules
phone to transfer calls to the hacker’s phone service. Concurrent Call Transfer:
The compromised PBX’s is used by the hacker
to make free long distance or international calls High number of calls with REFER message
simultaneously without CANCEL, BYE message
This fraud can be further explored by using multiple
transfers which is harder to detect - from Same IP Address/From
INVITE
- With contact number/SIP URI not in Register
- To International Risky Destination
Call
generator
SIP BILLING ATTACK
=
Reduced fraud window
Better Customer Satisfaction
Reduced loss
Improved reaction time to new threats
SIP Fraud You can expand the CDRs and SIP messages can be
Attacks may CDR based approach consolidated in a single view to
cause severe with SIP messages cover all fraud cases origins and
financial analysis to prevent impacts
impacts fraud
Q&A