Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 30184
A Novel Approach to Avoid Billing Attack on VOIP System

Authors: Narendra M. Shekokar, Satish R. Devane

Abstract:

In a recent year usage of VoIP subscription has increased tremendously as compare to Public Switching Telephone System(PSTN). A VoIP subscriber would like to know the exact tariffs of the calls made using VoIP. As the usage increases, the rate of fraud is also increases, causing users complain about excess billing. This in turn hampers the growth of VoIP .This paper describe the common frauds and attack on VoIP based system and make an attempt to solve the billing attack by creating secured channel between caller and callee.

Keywords: VoIP, Billing-fraud, SSL/TLS, MITM, Replay-attack.

Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1332282

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 1320

References:


[1] Rohit Dhamankar "Intrusion Prevention: The Future of VoIP Security", (online).Available:http://www.tippingpoint.com/pdf/resources/whitepap ers/503160-001_TheFutureofVoIPSecurity.pdf , 2004.
[2] J.Roshenburg et al., "SIP: Session Initiation Protocol", IETF RFC 3261, June 2002.
[3] ITU, "Draft revised recommendation H323 V5", Geneva, 20-30, May 2003.
[4] Ruishan Zhang, Xinyuan Wang, Xiaohui Yang, Xuxian Jiang, "Billing Attacks on SIP-Based VoIP Systems", Proceeding of the fIrst USENIX workshop on offensive Technology, August 06-10,2007.
[5] Secure SIP VoIP traffics, (online).Available :http://www.techword.com/networking/features
[6] Atul Kahate,"Cryptography and Network Security", 3rd Edition Tata McGraw-Hill ,2003.
[7] A draft on "Introduction to SSL" (online).Available:http://docs.sun.com/source/816-6156- 10/contents.htm,1998
[8] H. Abdelnur, V. Cridlig, R. State and O. Festor, "VoIP Security Assessment: Methods and Tools", IEEE conference on VoIP MaSe 2006.
[9] Yanlan Ding, Guiping Su, "Intrusion detection system for signal based SIP attack through timed HCPN", Second IEEE international Conference on Availability, Reliability, Security 2007.