[OpenSIPS-Users] Fraud Detection module

Răzvan Crainea razvan at opensips.org
Thu Feb 26 09:46:28 CET 2015 

Hi, Laszlo!

The new module should provide all these features in a unified way. Just 
give it a try and let us know how it works :).

Best regards,

Răzvan Crainea
OpenSIPS Solutions
www.opensips-solutions.com

On 02/25/2015 06:37 PM, Laszlo wrote:
> Hi Andrei,
>
> This is a very useful module and can be a life saver. We implemented 
> nearly the same thing 1 year ago (actually it's a two level check) 
> with nearly the same logic as we see in this module.
> Few more "variables" are used in the logic, like monitoring the 
> useragent string, monitoring the last 10/100/1000 calls to check past 
> dialing patterns, etc. In nowadays's nosql and caching "era" it should 
> not be a problem. This module is definately a good start!
>
>
> On Wed, Feb 25, 2015 at 3:02 PM, Andrei Datcu 
> <andreidatcu at opensips.org <mailto:andreidatcu at opensips.org>> wrote:
>
>     Hello OpenSIPS community,
>
>
>     When was the last time when your users were hijacked and scammed?
>     We know for sure when it will be the last time - NOW! For those of
>     you familiar with the major problem in the VoIP world, we have
>     good news: OpenSIPS 2.1 can now detect and prevent those attacks
>     through it’s fraud detection module!
>
>
>     Fraud is a major problem nowadays and it is more complex as it
>     depends on the end-user/end-device security level. And all the
>     VoIP providers are looking forward for ways to protect their users
>     and avoid the blame.
>
>
>
>     For recognizing an attack, the Fraud Detection module defines
>     profiles. A profile is a set of five parameters that together
>     decide when an user account is hijacked:
>
>
>     * Total number of calls - maximum number of incoming calls (in a
>     given time frame) before considering the accounted hijacked
>
>
>     * Number of calls per minute - maximum number of CPS before
>     considering the user account hijacked
>
>
>     * Number of concurrent calls - maximum number of parallel calls
>     the user can have without being considered hijacked
>
>
>     * Number of sequential calls - maximum number of consecutive calls
>     to the same destination before the user account is considered hijacked
>
>
>     * Call duration - maximum duration of a call before being
>     considered a potential fraud
>
>
>
>     Each user gets assigned a profile and OpenSIPS will update and
>     evaluate the profile for each incoming call of that user. The
>     Fraud Detection will keep trace of the user’s calls, of their
>     parameters and how their are fitting into the user’s profile.
>     Whenever a threshold for one of these parameters is hit, you will
>     be noticed either through a return code or through an event.
>
>
>     A quick start tutorial is already available[1]
>
>
>     The module documentation can be found at[2]
>
>
>     Please do not hesitate to provide any feedback, comments, reports
>     or questions in regards to this new module.
>
>
>
>     [1]http://www.opensips.org/Documentation/Tutorials-FraudDetection-2-1
>
>     [2]http://www.opensips.org/html/docs/modules/2.1.x/fraud_detection.html
>
>
>
>     Regards,
>
>     Andrei Datcu
>
>
>     _______________________________________________
>     Users mailing list
>     Users at lists.opensips.org <mailto:Users at lists.opensips.org>
>     http://lists.opensips.org/cgi-bin/mailman/listinfo/users
>
>
>
>
> -- 
>
> --
> Kind regards,
> Laszlo Bekesi
> http://voipfreak.net
>
>
> _______________________________________________
> Users mailing list
> Users at lists.opensips.org
> http://lists.opensips.org/cgi-bin/mailman/listinfo/users

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opensips.org/pipermail/users/attachments/20150226/91181c1d/attachment.htm>

More information about the Users mailing list