[OpenSIPS-Users] Fraud Detection module

Andrei Datcu andreidatcu at opensips.org
Wed Feb 25 15:02:18 CET 2015

Hello OpenSIPS community,

When was the last time when your users were hijacked and scammed? We 
know for sure when it will be the last time - NOW! For those of you 
familiar with the major problem in the VoIP world, we have good news: 
OpenSIPS 2.1 can now detect and prevent those attacks through it’s fraud 
detection module!

Fraud is a major problem nowadays and it is more complex as it depends 
on the end-user/end-device security level. And all the VoIP providers 
are looking forward for ways to protect their users and avoid the blame.

For recognizing an attack, the Fraud Detection module defines profiles. 
A profile is a set of five parameters that together decide when an user 
account is hijacked:

* Total number of calls - maximum number of incoming calls (in a given 
time frame) before considering the accounted hijacked

* Number of calls per minute - maximum number of CPS before considering 
the user account hijacked

* Number of concurrent calls - maximum number of parallel calls the user 
can have without being considered hijacked

* Number of sequential calls - maximum number of consecutive calls to 
the same destination before the user account is considered hijacked

* Call duration - maximum duration of a call before being considered a 
potential fraud

Each user gets assigned a profile and OpenSIPS will update and evaluate 
the profile for each incoming call of that user. The Fraud Detection 
will keep trace of the user’s calls, of their parameters and how their 
are fitting into the user’s profile. Whenever a threshold for one of 
these parameters is hit, you will be noticed either through a return 
code or through an event.

A quick start tutorial is already available[1]

The module documentation can be found at[2]

Please do not hesitate to provide any feedback, comments, reports or 
questions in regards to this new module.




Andrei Datcu

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20150225/c785d397/attachment-0001.htm>

More information about the Users mailing list