iVisher: Real‐Time Detection of Caller ID Spoofing

Voice phishing (vishing) uses social engineering, based on people's trust in telephone services, to trick people into divulging financial data or transferring money to a scammer. In a vishing attack, a scammer often modifies the telephone number that appears on the victim's phone to mislead the victim into believing that the phone call is coming from a trusted source, since people typically judge a caller's legitimacy by the displayed phone number. We propose a system named iVisher for detecting a concealed incoming number (that is, caller ID) in Session Initiation Protocol-based Voice-over-Internet Protocol initiated phone calls. Our results demonstrate that iVisher is capable of detecting a concealed caller ID without significantly impacting upon the overall call setup time.

[1]  Mark Handley,et al.  SIP: Session Initiation Protocol , 1999, RFC.

[2]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[3]  Jon Peterson,et al.  Integrated Services Digital Network (ISDN) User Part (ISUP) to Session Initiation Protocol (SIP) Mapping , 2002, RFC.

[4]  Salvatore J. Stolfo,et al.  Data Mining Approaches for Intrusion Detection , 1998, USENIX Security Symposium.

[5]  Georgios Kambourakis,et al.  PrivaSIP: Ad-hoc identity privacy in SIP , 2011, Comput. Stand. Interfaces.

[6]  Joon-Hyuk Chang,et al.  Voice phishing detection technique based on minimum classification error method incorporating codec parameters , 2010 .

[7]  Federico Maggi Are the Con Artists Back? A Preliminary Analysis of Modern Phone Frauds , 2010, 2010 10th IEEE International Conference on Computer and Information Technology.

[8]  M.A. Qadeer,et al.  Asterisk Voice Exchange: An Alternative to Conventional EPBX , 2008, 2008 International Conference on Computer and Electrical Engineering.

[9]  Hsiao-Hwa Chen,et al.  A secure and efficient SIP authentication scheme for converged VoIP networks , 2010, Comput. Commun..

[10]  Stanley Chow,et al.  Authenticating displayed names in telephony , 2009, Bell Labs Technical Journal.

[11]  Thomas F. La Porta,et al.  Interworking internet telephony and wireless telecommunications networks , 2001, CCRV.

[12]  Xuxian Jiang,et al.  Voice pharming attack and the trust of VoIP , 2008, SecureComm.

[13]  Stefan Gorling,et al.  The Myth of User Education , 2006 .

[14]  Giovanni Vigna,et al.  Intrusion detection: a brief history and overview , 2002 .

[15]  A. Vinck for POWER LINE COMMUNICATIONS , 2006 .

[16]  Georgios Kambourakis,et al.  SIPA: generic and secure accounting for SIP , 2012, Secur. Commun. Networks.

[17]  Joon-Hyuk Chang Statistical Model-Based Voice Activity Detection Based on Second-Order Conditional MAP with Soft Decision , 2012 .

[18]  Radu State,et al.  Holistic VoIP intrusion detection and prevention system , 2007, IPTComm '07.

[19]  Richard P. Ejzak,et al.  Network overload and congestion: A comparison of ISUP and SIP , 2004, Bell Labs Technical Journal.

[20]  A. Majumder,et al.  Power line communications , 2004, IEEE Potentials.

[21]  Paul V. Mockapetris,et al.  Domain names: Concepts and facilities , 1983, RFC.

[22]  Jürgen Quittek,et al.  On Spam over Internet Telephony (SPIT) Prevention , 2008, IEEE Communications Magazine.