docNational Caller ID Authentication System
download 
Report Transcription
National Caller ID Authentication System
NCAS National Caller ID Authentication System The National Telecom Security Border Controller OmniBud INC. 2003–2013 Dedicate to Internet Communication and Access Security … NCAS Registration Module “PSTN subscribers with VoIP Calling Requirements” of a country register their phone numbers and corresponding SIP details to the National NCAS DB after performing appropriate phone number ownership verification. 2 NCAS Registration Flow National NCAS DB Server NCAS Registration Server “PSTN Subscribers with VoIP Calling Requirements” of a country register their 1. Phone Number 2. SIP Details to National NCAS DB via Registration Server 3 Caller ID Authentication Module The Caller ID and corresponding SIP details (including VIA, CONTACT…) of an IP originated phone call with Caller ID in domestic phone number format are retrieved and transmitted to Caller ID Authentication Module then compare with the data stored in NCAS DB registered by PSTN subscribers. If the authentication result of Caller ID Authentication Module is “failed”, the IP originated phone call is suspected to be a Fraud Call of Fake Caller ID. There is no standard format of IP originated phone calls now and the Fraud Calls of Fake Caller IDs are easy to be hidden in these calls. It is easy for the government get rid of the IP originated Fraud Calls and standardize the signals by simple performing Caller ID authentication of IP originated phone calls. 4 SIP Details Sample INVITE sip:[email protected] SIP/2.0 Via: SIP/2.0/UDP 111.222.333.443:5060;branch=z9hG4bKtiop3 SIP Server Via: SIP/2.0/UDP 111.222.333.442:5060;branch=z9hG4bK83842.1 IP (發話SIP伺服器IP) Via: SIP/2.0/UDP 111.222.333.441:5060;branch=z9hG4bKmp17a (發話設備IP) To: 0911111111 <sip:[email protected]> From: 0922222222 <sip:[email protected]>;tag=42 Caller ID (主叫號碼欄位與發話端URI) Subject: Where are you exactly? SIP Client Contact: <sip:[email protected]> IP (發話端URI) 5 Caller ID Authentication Module A voice phone call is a two way communication. It means if the malicious caller changes the other SIP details together Caller ID, the phone call will be terminated at the same time. That is the principle NCAS works to authenticate the Fraud Calls of Fake Caller IDs. In order not to affect the service and revenue of current PSTN operators, the IP originated phone calls failed in NCAS authentication should not be blocked, but only added with a “Alert Mark” to Caller ID to notice the PSTN Callee, thus to meet both needs of PSTN Operator Operation and PSTN Subscriber Protection. 6 Caller ID Authentication Module As to email and message services, because these services are one way communications, the IP originated sender can fake the communication signals together with Caller ID without failing the service. That is one way services like email and message cannot be secured by NCAS based mechanisms. 7 Malicious Call Marking Module There is no “Alert Mark” added to the Caller ID of an IP originated phone call passes NCAS authentication. An “Alert Mark” like “000, +++…” is added to the Caller ID of an IP originated phone call fails NCAS authentication. If a PSTN Phone can be preset or installed a function of outputting different “ring tones or flashes” when detecting the Call ID is marked with “Alert Mark” like “000, +++…) in the firmware or APPs, the power of putting off “Fraud Call of Fake Caller ID” will be much stronger. 8 NCAS Operation Flow (Caller ID Authentication Passed) 4. Query in NCAS Query System NCAS DB NCAS Query Server 3. Send query to NCAS Query Server NCAS Fraud Detection Server 5. A passed query by NCAS Query Server NCAS Agent Server 6. Forward the Unmarked SIP invite to PSTN Operator NGN Server 2. Forward SIP invite to NCAS Agent Server 1. Inbound IP Traffic VoIP Provider SIP Server NCAS Procedure Unmarked IP Traffic Marked IP Traffic Unmarked PSTN Traffic Marked PSTN Traffic RTP PSTN Operator NGN Server 9 NCAS Demo Picture (Caller ID Authentication Passed) 10 NCAS Operation Flow (Caller ID Authentication Failed) 4. Query in NCAS Query System NCAS DB NCAS Query Server 3. Send query to NCAS Query Server NCAS Fraud Detection Server 5. A failed query by NCAS Query Server NCAS Agent Server 6. Forward the Marked SIP invite to PSTN Operator NGN Server 2. Forward SIP invite to NCAS Agent Server 1. Inbound IP Traffic VoIP Provider SIP Server NCAS Procedure Unmarked IP Traffic Marked IP Traffic Unmarked PSTN Traffic Marked PSTN Traffic RTP PSTN Operator NGN Server 11 NCAS Demo Picture (Caller ID Authentication Failed) 12 Fraud Call of Fake Caller ID Detection Module The Malicious Call Detection Module accumulates the data including Caller ID, SIP Details, time… and performs an instant analysis to perform the “Real-Time Suspicious Fraud Call of Fake Caller ID Detection”. The Malicious Call Detection Module accumulates the data including Caller ID, SIP Details, time… and performs a periodical analysis to perform the accurate “Fraud Call of Fake Caller ID Detection”. 13 IP Originated Phone Call LOI Module(Optional) It is easy to add the LOI equipments to IP Originate Phone Call LOI Module to record or monitor the phone calls of target criteria like Failed NCAS, target Caller ID, target Callee Phone Number, target SIP Server IP… etc. It can not only perform instant LOI of specific purposes, but also significant reduce the cost of LOI building up over PSTN equipments. 14 NCAS DB Registration and Update Flow National NCAS Center NCAS Registration Servers, DB and Fraud Detection Server Domestic PSTN Operator A NCAS DB and Agent Servers Internet VoIP Operators NCAS Registration Servers “PSTN subscribers with VoIP Calling Requirements” of a country register their phone numbers and corresponding SIP details to the National NCAS DB through themselves or their VoIP Operators. National NCAS Center update latest NCAS details to Domestic PSTN Operators periodically for their NCAS Authentication and Malicious Marking Module to perform NCAS authentication. Domestic PSTN Operator B NCAS DB and Agent Servers 15 NCAS Operation Flow National NCAS Center NCAS Registration Servers, DB and Fraud Detection Server Domestic PSTN Operator A NCAS DB and Agent Servers Internet VoIP/ISR Operator SIP Servers All the IP originated phone call with Caller ID in domestic phone number format are transmitted to NCAS Agent Servers of PSTN Operators to perform: 1. Caller ID Authentication 2. Malicious Call Marking 3. IP Originated Phone Call LOI (optional) Domestic PSTN Operator B NCAS DB and Agent Servers 16 NCAS Fraud Call of Fake Caller ID Detection Flow National NCAS Center NCAS Registration Servers, DB and Fraud Detection Server Domestic PSTN Operator A NCAS DB and Agent Servers Internet VoIP/ISR Operator SIP Servers The Fraud Call of Fake Caller ID Detection Module accumulates the data including Caller ID, SIP Details, time… from Domestic PSTN Operators to perform the analysis of instant and periodic “Fraud Call of Fake Caller ID Detection”. Domestic PSTN Operator B NCAS DB and Agent Servers 17 Best wishes to everybody in the room ! OmniBud INC. 2003–2013 Dedicate to Internet Communication and Access Security …
