Abstract
The deployment of Next-Generation Networks (NGN) is a challenge that requires integrating heterogeneous services into a global system of All-IP telecommunications. These networks carry voice, data, and multimedia traffic over the Internet, providing users with the information they want in any format, amount, device, place or moment. Still, there are certain issues, such as the emerging security risks or the billing paradigms of the services offered, which demand deeper research in order to guarantee the stability and the revenue of such systems. Against this background, we analyse the security requirements of NGN and introduce a fraud management system based on misuse detection for Voice over IP services. Specifically, we address a fraud detection framework consisting of a rule engine built over a knowledge base. We detail the architecture of our model and describe a case study illustrating a possible fraud and how our system detects it, proving in this way, its feasibility in this task.
Chapter PDF
Similar content being viewed by others
References
Mao, Z., Douligeris, C.: A distributed database architecture for global roaming in next-generation mobile networks. IEEE/ACM Trans. Netw. 12(1), 146–160 (2004)
Bella, M.B., Eloff, J., Olivier, M.: A fraud management system architecture for next-generation networks. Forensic Sci. Int. 185(1), 51–58 (2009)
Liu, Y., Liang, X.: New regulations to the next generation network. In: WRI International Conference on Communications and Mobile Computing. CMC 2009, January 2009, vol. 2, pp. 172–174 (2009)
Crimi, J.C.: Next Generation Network (NGN) services. In: Telcordia Technologies (2000)
KPMG Forensic: Fraud survey, http://www.kpmg.com/
Communications Fraud Control Association: Global telecom revenues increase 12% and fraud increases 52% from 2003-2005 (2006), http://www.cfca.org/
Web Application Security Consortium: Threat classification, http://www.webappsec.org/
Howard, J., Longstaff, T.: A common language for computer security incidents. Technical Report Sandia Report: SAND98-8667, Sandia National Laboratories (1998)
Kvarnstrom, H., Lundin, E., Jonsson, E.: Combining fraud and intrusion detection - meeting new requirements. In: Fifth Nordic Workshop on Secure IT systems, NordSec 2000 (2000)
Simmons, M.R.: Recognizing the elements of fraud (1995), http://www.facilitatedcontrols.com/fraud-investigation/fraudwww.shtml
Mcnamara, P., Firozabadi, B.S., hua Tan, Y., Lee, R.M.: Formal definitions of fraud. In: Norms, Logics and Information Systems - New Studies in Deontic Logic and Computer Science, pp. 275–288. IOS Press, Amsterdam (1999)
Cortesao, L., Martins, F., Rosa, A., Carvalho, P.: Fraud management systems in telecommunications: A practical approach (April 2005)
Bihina Bella, M.A., Olivier, M.S., Eloff, J.H.P.: A fraud detection model for Next-Generation Networks. In: Browne, D. (ed.) Southern African Telecommunication Networks and Applications Conference 2005 (SATNAC 2005) Proceedings, Champagne Castle, South Africa, September 2005, vol. 1, pp. 321–326 (2005)
Communications Fraud Control Association: Announces results of world wide telecom fraud survey (March, 2003), http://www.cfca.org/
Alves, R., Ferreira, P., Belo, O., Lopes, J., Ribeiro, J., Cortesao, L., Martins, F.: Discovering telecom fraud situations through mining anomalous behavior patterns. In: Workshop on Data Mining for Busines Applications, 12th ACM SIGKDD International Conference on Knowledge Discovery Data Mining (August 2006)
McGibney, J., Hearne, S.: An approach to rules-based fraud management in emerging converged networks. In: IEEE/IEI Irish Telecommunications Systems Research Symposium (2003)
Hollmén, J., Tresp, V.: Call-based fraud detection in mobile communication networks using a hierarchical regime-switching model. In: Advances in Neural Information Processing Systems, pp. 889–895 (1999)
Kou, Y., Lu, C., Sirwongwattana, S., Huang, Y.: Survey of fraud detection techniques. In: Proceedings of IEEE Intl. Conference on Networking, Sensing and Control (2004)
Estévez, P., Held, C., Perez, C.: Subscription fraud prevention in telecommunications using fuzzy rules and neural networks. Expert Systems with Applications 31(2), 337–344 (2006)
Weiss, G.: Data mining in telecommunications (2005)
Rosset, S., Murad, U., Neumann, E., Idan, Y., Pinkas, G.: Discovery of fraud rules for telecommunications—challenges and solutions. In: KDD ’99: Proceedings of the fifth ACM SIGKDD international conference on Knowledge discovery and data mining, New York, NY, USA, pp. 409–413. ACM, New York (1999)
Lundin, E., Jonsson, E.: Anomaly-based intrusion detection: privacy concerns and other problems. Computer Networks 34(4), 623–640 (2000)
Jones, A., Sielken, R.: Computer system intrusion detection: A survey. In: University of Virginia, Computer Science Department, Tech. Rep. (1999)
Kumar, S., Spafford, E.: A pattern matching model for misuse intrusion detection. In: Proceedings of the 17th National Computer Security Conference (1994)
TeleManagement Forum: IPDR Service Specification. Design Guide (September 2008), http://tmforum.org/edn
McGibneya, J., Schmidtb, N., Patelb, A.: A service-centric model for intrusion detection in next-generation networks. Computer Standards & Interfaces 27(5), 513–520 (2005)
Russell, S., Norvig, P.: Artificial Intelligence: A Modern Approach. Prentice-Hall, Englewood Cliffs (2003)
Wooldridge, M., Jennings, N.: Intelligent agents: Theory and practice. Knowledge Eengineering Review 10(2), 115–152 (1995)
Chisholm, M.: How to Build a Business Rules Engine Extending Application Functionality through Metadata Engineering. Elsevier Inc., Amsterdam (2004)
Kitchenham, B., Pickard, L., Pfleeger, S.: Case studies for method and tool evaluation. IEEE software 12(4), 52–62 (1995)
TeleManagement Forum: Service Specification - Voice over IP (VoIP) (November 2004), http://tmforum.org/edn
Goldstein, E.: The Best of 2600: A Hacker Odyssey (Kindle Edition). Wiley, Chichester (2008)
Lundin, E., Kvarnstrom, H., Jonsson, E.: A synthetic fraud data generation methodology. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 265–277. Springer, Heidelberg (2002)
Axelsson, S.: Intrusion detection systems: A survey and taxonomy. Chalmers University of Technology, Dept. of Computer Engineering, Göteborg, Sweden, Technical Report 99–15
Baluja, W., Llanes, A.: Estado actual y tendencias del enfrentamiento del fraude en las redes de telecomunicaciones. IngenierÃa Electrónica, Automática y Comunicaciones XXVI, 46–52 (2005)
Bihina Bella, M.A., Eloff, J.H.P., Olivier, M.S.: Using the IPDR standard for NGN billing and fraud detection. Research in progress paper (June/July 2005), http://mo.co.za/abstract/ipdrfraud.htm
Choi, M.J., Hong, J.W.K.: Towards management of next generation networks. IEICE Trans. Commun. E90-B(11), 3004–3014 (2007)
Hearne, S., McGibney, J., Patel, A.: Addressing fraud detection and management in next-generation telecommunications networks (2004)
JBoss: Drools documentation, http://jboss.org/drools/
Takuji, T.: Backend systems architectures in the age of the next generation network. NEC Technical Journal 1(2), 51–55 (2006)
Vincent, J., Mintram, R., Phalp, K., Anyakoha, C.: AI solutions for MDS: Artificial Intelligence techniques for Misuse Detection and localisation in telecommunication environments (2007)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 IFIP International Federation for Information Processing
About this paper
Cite this paper
Ruiz-Agundez, I., Penya, Y.K., Garcia Bringas, P. (2010). Fraud Detection for Voice over IP Services on Next-Generation Networks. In: Samarati, P., Tunstall, M., Posegga, J., Markantonakis, K., Sauveron, D. (eds) Information Security Theory and Practices. Security and Privacy of Pervasive Systems and Smart Devices. WISTP 2010. Lecture Notes in Computer Science, vol 6033. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-12368-9_14
Download citation
DOI: https://doi.org/10.1007/978-3-642-12368-9_14
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-12367-2
Online ISBN: 978-3-642-12368-9
eBook Packages: Computer ScienceComputer Science (R0)