Architecture for Trapping Toll Fraud Attacks Using a VoIP Honeynet Approach

Gruber, Markus; Schanes, Christian; Fankhauser, Florian; Moutran, Martin; Grechenig, Thomas

doi:10.1007/978-3-642-38631-2_49

Cited by 5 publications

(9 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Since 2011, researchers at Vienna University of Technology have also been running a Honeynet. Their findings coincide with Essen's in that many calls were to African countries (Ethiopia and Egypt) and when attempts are made, most of the time the attempt is made from an Egyptian IP address [15].…”

Section: Pbx Penetration Studiessupporting

confidence: 80%

“…In contrast, Sengar suggests that most SIP vulnerabilities are not due to the weaknesses in the protocol itself, but result from poor SIP credentials and misconfigured systems [13]. Other researchers such as Hoffstadt et al [14] and Gruber et al [15] support this assessment.…”

Section: Voip Vulnerabilities and Types Of Attacksmentioning

confidence: 99%

“…Repeated studies found that once an attacker has gained access, they attempt to call premium-rate numbers or high-cost numbers in various countries, suggesting attackers earn money for doing so [14,15]. Gambia, Palestinian territories and Somalia appear to be regularly attempted.…”

Section: Pbx Penetration Studiesmentioning

confidence: 99%

See 2 more Smart Citations

Analysis of a PBX Toll Fraud Honeypot

Mcinnes¹,

Zaluska²,

Wills³

2019

IJISR

View full text Add to dashboard Cite

Organisations are moving over from legacy telecommunications to Voice over IP (VoIP), enabling greater flexibility, resilience and an overall cost reduction. Session Initiated Protocol (SIP) is considered to be the main VoIP protocol in the business-to-business market, but the correct implementation and configuration is not always wellunderstood. The failure to configure SIP systems correctly has led to significant fraud exploiting a range of vulnerabilities and billions of dollars every year being stolen from companies of all sizes through PBX Hacking via the medium of Toll Fraud. Previous research into this area is now dated but suggested fast-changing approaches by attackers. Industry organisations such as the Communications Fraud Control Association (CFCA) acknowledged this is a fast-growing problem. To quantify the size of the current problem, a Honeypot experiment was undertaken using a popular phone system used by businesses. The Honeypot ran for 10 days and recorded just under 19 million SIP messages. This research has identified attackers are using various sophisticated methods to attempt to gain access and trick a PBX into making calls. When comparing previous research, the rate of attack is approximately 30 times more aggressive and the countries from where attacks originate are distributed over 75 countries.

show abstract

Section: Pbx Penetration Studiessupporting

confidence: 80%

Section: Voip Vulnerabilities and Types Of Attacksmentioning

confidence: 99%

See 1 more Smart Citation

Analysis of a PBX Toll Fraud Honeypot

Mcinnes¹,

Zaluska²,

Wills³

2019

IJISR

View full text Add to dashboard Cite

show abstract

“…If a caller tries to call a callee outside the local VoIP domain of the honeypot the call will be forwarded to our VoIP provider via the uplink interface, who will route the call to a PSTN endpoint. The processing steps for collecting toll fraud attacks with our proposed honeynet approach is described in our previous work [10]. …”

Section: Description Of the Voip/pstn Honeynet Architecturementioning

confidence: 99%

Voice calls for free: How the black market establishes free phone calls — Trapped and uncovered by a VoIP honeynet

Gruber

Schanes

Fankhauser

et al. 2013

2013 Eleventh Annual Conference on Privacy, Security and Trust

Self Cite

View full text Add to dashboard Cite

The number of Voice over IP systems and the number of Session Initiation Protocol users is constantly increasing. The new Voice over IP infrastructures are connected with the traditional Public Switched Telephone Network and attacks against the phone infrastructure are becoming more imaginative. The attacks can cause financial losses, e.g., attackers steal money or incur costs for the victim. We analyze the current status of toll fraud attacks by analyzing real-world attacks collected in a Voice over IP honeynet solution. Based on the detailed data about real attacks, the creation or adaption of existing prevention mechanisms is possible in order to avoid toll fraud attacks in live environments.

show abstract

“…In many cases, congestion on IP and internet networks prevents service providers and users from delivering an excellent quality for VoIP communications. It is worth to note that there exist considerable research proposals and solutions tackling the quality of service issues in VoIP networks . However, there is a paucity of research on VoIP security threats.…”

Section: Introductionmentioning

confidence: 99%

Security of VoIP traffic over low or limited bandwidth networks

Alouneh

Abed

Ghinea

2016

Security Comm Networks

View full text Add to dashboard Cite

The early days of voice over IP (VoIP) adoption were characterized by a lack of concern and awareness about security issues related to its use. Indeed, service providers and users were mostly preoccupied with issues related to its quality, functionality, and cost. Now that VoIP is a mainstream communication technology, security has become a major issue. This paper investigates the major security threats for VoIP communications and proposes a multipath approach solution, especially targeted for low bandwidth networks. Results show that security has an effect on VoIP quality especially for a large distance between communicating nodes and packet size. Results also show that our proposed multipath solution reduces significantly packet losses and performs better than single routing techniques in networks with low bandwidth capacities.

show abstract

Architecture for Trapping Toll Fraud Attacks Using a VoIP Honeynet Approach

Cited by 5 publications

References 8 publications

Analysis of a PBX Toll Fraud Honeypot

Analysis of a PBX Toll Fraud Honeypot

Voice calls for free: How the black market establishes free phone calls — Trapped and uncovered by a VoIP honeynet

Security of VoIP traffic over low or limited bandwidth networks

Contact Info

Product

Resources

About

Architecture for Trapping Toll Fraud Attacks Using a VoIP Honeynet Approach

Cited by 5 publications

References 8 publications

Analysis of a PBX Toll Fraud Honeypot

Analysis of a PBX Toll Fraud Honeypot

Voice calls for free: How the black market establishes free phone calls &#x2014; Trapped and uncovered by a VoIP honeynet

Security of VoIP traffic over low or limited bandwidth networks

Contact Info

Product

Resources

About

Voice calls for free: How the black market establishes free phone calls — Trapped and uncovered by a VoIP honeynet