StarTrinity.com

VoIP software

VoIP community

VoIP marketplace


logged in as
log out

False Answer Supervision (FAS) Fraud Detection in VoIP networks

Detection

Method #1

The 1st method is to use our softswitch, to use audio signal processing features. Every type of FAS implementation needs detailed analysis and special configuration

Method #2

The 2nd method needs interconnection with suspective carriers and telco's in destination countries. Special contracts are needed. We suggest you to have 2 or more instances of SIP Tester, one to generate calls and second to receive calls. The test calls are passed through a network of VoIP carriers (wholesalers) to ensure integrity of VoIP routes. If some fraud exists in the network, the SIP Testers detect mismatch of billed duration. Additionally you should process generated CDRs to detect blending or loss of SIP calls: match every generated and received call, one by one.
CallXML scripts for call generator(s):
<callxml>
<!-- IP addresses:
  2.2.2.2 - call receiver instance of SIP Tester for morocco (country#1)
  3.3.3.3 - call receiver instance of SIP Tester for zimbabwe (country#2)
  4.4.4.4 - outgoing carrier for morocco
  5.5.5.5 - outgoing carrier for zimbabwe
 -->

<!-- read destination numbers from CSV files -->
 <readcsv value="D:\StarTrinity\CSV\Morocco Cell June 29 Dialer Ready.csv" var0="calledId_1" var1="callerId_1" repeat="infinite" />
 <readcsv value="D:\StarTrinity\CSV\Zim Econet Nov 18 Dialer Ready 4x.csv" var0="calledId_2" var1="callerId_2" repeat="infinite" />

<!-- make call to one of 2 destination carriers (for 2 countries) -->
 <call maxtime="35000ms" value="$rand_from_options;" codec="G729">
  <option value="sip:$calledId_1;@4.4.4.4?callerId=$callerId_1;" maxCallsPerDestinationResource="300" destinationResourceId="server1" />
  <option value="sip:$calledId_2;@5.5.5.5?callerId=$callerId_2;" maxCallsPerDestinationResource="600" destinationResourceId="server2" />
 </call>
 <on event="answer">
  <!-- when call is connected: -->

  <assign var="duration" value="$rand(670000);" /> <!-- predefine billed duration for this call -->

  <!-- check if call is really answered by call receiver instance of SIP Tester, send locally predefined billed duration -->
  <switch value="$destinationResourceId;">
   <case equals="server1">
    <sendhttprequest value="http://2.2.2.2:19019/API/MainViewModel/SetCallXmlVariables?calledId=$calledId;&peerDuration=$duration;" user="admin" password="todo_password" contentvar="r" />
    <if test="$r; == false">
     <log value="rejecting call: does not exist on peer = 2.2.2.2 (to $calledId;)" />
     <exit />
    </if>
   </case>
   <case equals="server2">
    <sendhttprequest value="http://3.3.3.3:19019/API/MainViewModel/SetCallXmlVariables?calledId=$calledId;&peerDuration=$duration;" user="admin" password="todo_password" contentvar="r" />
    <if test="$r; == false">
     <log value="rejecting call: does not exist on peer = 3.3.3.3 (to $calledId;)" />
     <exit />
    </if>
   </case>
  </switch>

  <assign var="t1" value="$timeMs();" />
  <!-- every 2 seconds: check if call is not over-billed -->
  <setinterval value="2s">
   <if test="$peerDuration;">
    <assign var="localActualDelay" mathvalue="$timeMs(); - $t1; - 1000" />
    <if test="$localActualDelay; &gt; $peerDuration;">
     <log value="detected duration mismatch! (from $callerId; to $calledId;) actual: $localActualDelay;ms, must be $peerDuration;ms" />
     <exit />
    </if>
   </if>
  </setinterval>

  <!-- leave the call connected for the predefined duration. play a random WAV file -->
  <playaudio value="$randfile(D:\StarTrinity\Wav\*.wav);" repeat="infinite" maxtime="$duration;ms" />
  <exit />
 </on>
</callxml>

CallXML scripts for call receiver(s):
<callxml>
<!-- IP addresses:
  1.1.1.1 - call generator instance of SIP Tester
  6.6.6.6 and 7.7.7.7 - carriers which send calls to this SIP Tester
 -->


 <if test="$callerIpAddress; = 6.6.6.6 or $callerIpAddress; = 7.7.7.7"> <!-- firewall logic: accept only from needed carriers -->
  <assign var="duration" value="$rand(670000);" /> <!-- predefine billed duration of call -->

  <!-- send request to call generator to check if this call was really sent there. also send planned duration -->
  <sendhttprequest value="http://1.1.1.1:19019/API/MainViewModel/SetCallXmlVariables?callerId=&calledId=$calledId;&peerDuration=$duration;" user="admin" password="password_todo" contentvar="r" />
  <if test="$r; == false">
   <log value="rejecting call: does not exist on call generator=1.1.1.1 (to $calledId;)" />
   <reject value="503" />
   <exit />
  </if>

  <accept value="183" />
  <playaudio value="rbt.wav" repeat="infinite" maxtime="$rand(15000);ms" /> <!-- simulate ringback tone, play rbt.wav -->
  <block probability="0.55">
   <reject value="486" /> <!--reject call with probability of 55%-->
   <exit />
  </block>
  <accept /> <!-- connect the call -->
  <assign var="t1" value="$timeMs();" />
  <setinterval value="2s">
   <if test="$peerDuration;">
    <!-- every 2 seconds check if current call is not over-billed. if over-billed (a sign of FAS - report it) -->
    <assign var="localActualDelay" mathvalue="$timeMs(); - $t1; - 1000" />
    <if test="$localActualDelay; &gt; $peerDuration;">
     <log value="detected duration mismatch! (from $callerId; to $calledId;) actual: $localActualDelay;ms, must be $peerDuration;ms" />
     <exit />
    </if>
   </if>
  </setinterval>
  <playaudio value="speech.wav" repeat="infinite" maxtime="$duration;ms" /> <!-- leave the call connected for the predefined duration -->
 </if>
 <exit />
</callxml>
Hope this will help you to fight against VoIP fraud
Copyright 2011-2017 StarTrinity.com | Blog | Contact lead developer via LinkedIn | Get support via TeamViewer