{"guid":"30278963-3b07-49a8-96a7-2b24a8cf573b","title":"Exploring fraud in telephony networks","subtitle":null,"slug":"35c3-9852-exploring_fraud_in_telephony_networks","link":"https://fahrplan.events.ccc.de/congress/2018/Fahrplan/events/9852.html","description":"Telephone networks form the oldest large scale network that has grown to\ntouch over 7 billion people. Telephony is now merging many complex\ntechnologies (PSTN, cellular and IP networks) and enabling numerous\nservices that can be easily  monetized. However, security challenges for\ntelephony are often neither well understood, nor well addressed. As a\nresult, telephone networks attract a lot of fraud. In this talk, we will\nsystematically explore the fraud in telephone networks, focusing on\nvoice telephony. We will present a taxonomy of fraud, and analyze two\nprevalent fraud schemes in more detail: looking into the ecosystem of\nInternational Revenue Share Fraud (IRSF), and discussing a new\ncountermeasure to the well-known problem of voice spam.\n\nThis talk aims to improve the understanding of the fraud ecosystem in\ntelephony networks. We first provide a clear taxonomy that\ndifferentiates between the root causes, the vulnerabilities, the\nexploitation techniques, the fraud types and finally the way fraud\nbenefits fraudsters.\n\nAs concrete examples, we first look into International Revenue Share\nFraud (IRSF), where phone calls to certain destinations are hijacked by fraudulent operators and diverted to the so-called ‘international premium rate services’. This fraud often involves multiple parties who collect and share the call revenue, and is usually combined with other\ntechniques (such as voice scam, mobile malware, PBX hacking) to generate call traffic without payment. We will further explore the IRSF ecosystem by analyzing more than 1 million `premium rate' phone numbers that we collected from several online service providers over the past 3 years.\n\nIn the second part, we will look into voice spam, a prevalent fraud in\nmany countries. After giving an overview of various types of unwanted phone calls, we will focus on a recent countermeasure which involves connecting the phone spammer with a phone bot (“robocallee”) that mimics a real persona. Lenny is such a bot (a computer program) which plays a set of pre-recorded voice messages to interact with the spammers. We try to understand the effectiveness of this chatbot, by analyzing the recorded conversations of Lenny with various types of spammers. As we consider the ‘benefits’ as a fundamental part of our fraud definition, we believe that chatbots can be combined with the existing fraud detection and prevention mechanisms, as a supplementary way of slowing down voice spam campaigns.\n\n\u003ca href=\"http://www.s3.eurecom.fr/docs/eurosp17_sahin.pdf\"\u003ehttp://www.s3.eurecom.fr/docs/eurosp17_sahin.pdf\u003c/a\u003e\n\n\u003ca href=\"http://www.s3.eurecom.fr/docs/soups17_sahin.pdf\"\u003ehttp://www.s3.eurecom.fr/docs/soups17_sahin.pdf\u003c/a\u003e\n\n\u003ca href=\"https://www.ieee-security.org/TC/SP2018/poster-abstracts/oakland2018-paper31-poster-abstract.pdf\"\u003ehttps://www.ieee-security.org/TC/SP2018/poster-abstracts/oakland2018-paper31-poster-abstract.pdf\u003c/a\u003e","original_language":"eng","persons":["Merve Sahin","Aurélien Francillon"],"tags":["35c3","9852","Security"],"view_count":4448,"promoted":false,"date":"2018-12-28T00:00:00.000+01:00","release_date":"2018-12-28T01:00:00.000+01:00","updated_at":"2026-04-04T10:30:05.745+02:00","length":3724,"duration":3724,"thumb_url":"https://static.media.ccc.de/media/congress/2018/9852-hd.jpg","poster_url":"https://static.media.ccc.de/media/congress/2018/9852-hd_preview.jpg","timeline_url":"https://static.media.ccc.de/media/congress/2018/9852-hd.timeline.jpg","thumbnails_url":"https://static.media.ccc.de/media/congress/2018/9852-hd.thumbnails.vtt","frontend_link":"https://media.ccc.de/v/35c3-9852-exploring_fraud_in_telephony_networks","url":"https://api.media.ccc.de/public/events/30278963-3b07-49a8-96a7-2b24a8cf573b","conference_title":"35C3: Refreshing Memories","conference_url":"https://api.media.ccc.de/public/conferences/35c3","related":[{"event_id":6381,"event_guid":"c0e4f528-92c7-4170-aff3-d4dd5cd74b2c","weight":79},{"event_id":6388,"event_guid":"4cc5cf9a-214f-4e7d-991f-199e9f0db8cc","weight":87},{"event_id":6390,"event_guid":"6a5007f4-e7d6-4c63-9a10-26dd48a6eb6c","weight":96},{"event_id":6397,"event_guid":"51ede2da-0f9b-4984-bd58-659c556d20c9","weight":96},{"event_id":6401,"event_guid":"f0d70663-0769-4462-ad27-bc516d9cb141","weight":100},{"event_id":6402,"event_guid":"8a3e490c-30a5-46a6-ab4f-45ef3b23b1a1","weight":154},{"event_id":6404,"event_guid":"5b947f86-8ba1-4b99-adbe-7c5030deea0c","weight":92},{"event_id":6408,"event_guid":"ffdc92f3-1a39-4931-9409-f8bfabe9f628","weight":119},{"event_id":6409,"event_guid":"a42e5a4f-fd9b-4571-bf17-483978afecb3","weight":118},{"event_id":6411,"event_guid":"42650545-4394-4455-a5f5-9efad111fedc","weight":203},{"event_id":6419,"event_guid":"96d10915-cc4b-42ca-ad75-15205db70d0b","weight":113},{"event_id":6422,"event_guid":"e8385c89-d33a-42d8-afb6-8ae28fe5c89d","weight":118},{"event_id":6423,"event_guid":"ea7c532f-cc2d-4cb1-8f15-1933df7fd523","weight":105},{"event_id":6430,"event_guid":"462f9320-3a0e-4785-82de-15343803c2ba","weight":131},{"event_id":6431,"event_guid":"c6790632-b9eb-49a2-87fe-30129fbcbce1","weight":83},{"event_id":6434,"event_guid":"6beabddc-2dd6-43d2-9936-618d41d42cde","weight":152},{"event_id":6435,"event_guid":"9777cea0-ac06-4274-85db-908c1e87e2f4","weight":177},{"event_id":6462,"event_guid":"23e85d7a-9645-4ae2-9954-63b71abc08d4","weight":95},{"event_id":6474,"event_guid":"f58a2b6d-bde0-483b-a8db-043ea9371cb6","weight":126},{"event_id":6477,"event_guid":"c85de43e-107e-4247-b550-946f376e2ec4","weight":112},{"event_id":6503,"event_guid":"d0d6d058-f117-4ccb-ba6a-c41d9290a287","weight":105},{"event_id":6523,"event_guid":"240fe8a1-ee33-4f07-88d0-34b8bb04db71","weight":80},{"event_id":6603,"event_guid":"ea00d1e0-a580-415f-a8cf-f02883d939dc","weight":84}],"recordings":[{"size":null,"length":null,"mime_type":"application/x-subrip","language":"eng","filename":"DRAFT_35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks.en_DRAFT.srt","state":"todo","folder":"","high_quality":true,"width":null,"height":null,"updated_at":"2024-02-04T19:35:34.947+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/DRAFT_35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks.en_DRAFT.srt","url":"https://api.media.ccc.de/public/recordings/69705","event_url":"https://api.media.ccc.de/public/events/30278963-3b07-49a8-96a7-2b24a8cf573b","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":476,"length":3724,"mime_type":"video/mp4","language":"eng","filename":"35c3-9852-eng-Exploring_fraud_in_telephony_networks.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-28T15:16:26.515+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-hd/35c3-9852-eng-Exploring_fraud_in_telephony_networks.mp4","url":"https://api.media.ccc.de/public/recordings/31260","event_url":"https://api.media.ccc.de/public/events/30278963-3b07-49a8-96a7-2b24a8cf573b","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":477,"length":3724,"mime_type":"video/mp4","language":"deu","filename":"35c3-9852-deu-Exploring_fraud_in_telephony_networks.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-28T15:16:45.089+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-hd/35c3-9852-deu-Exploring_fraud_in_telephony_networks.mp4","url":"https://api.media.ccc.de/public/recordings/31261","event_url":"https://api.media.ccc.de/public/events/30278963-3b07-49a8-96a7-2b24a8cf573b","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":596,"length":3724,"mime_type":"video/mp4","language":"eng-deu","filename":"35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks_hd.mp4","state":"new","folder":"h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-28T15:17:02.542+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-hd/35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks_hd.mp4","url":"https://api.media.ccc.de/public/recordings/31262","event_url":"https://api.media.ccc.de/public/events/30278963-3b07-49a8-96a7-2b24a8cf573b","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":180,"length":3724,"mime_type":"video/mp4","language":"eng-deu","filename":"35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks_hd-slides.mp4","state":"new","folder":"slides-h264-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-28T15:29:40.919+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/slides-h264-hd/35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks_hd-slides.mp4","url":"https://api.media.ccc.de/public/recordings/31268","event_url":"https://api.media.ccc.de/public/events/30278963-3b07-49a8-96a7-2b24a8cf573b","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":56,"length":3724,"mime_type":"audio/mpeg","language":"eng","filename":"35c3-9852-eng-Exploring_fraud_in_telephony_networks_mp3.mp3","state":"new","folder":"mp3","high_quality":false,"width":0,"height":0,"updated_at":"2018-12-28T15:34:36.566+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/mp3/35c3-9852-eng-Exploring_fraud_in_telephony_networks_mp3.mp3","url":"https://api.media.ccc.de/public/recordings/31278","event_url":"https://api.media.ccc.de/public/events/30278963-3b07-49a8-96a7-2b24a8cf573b","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":36,"length":3724,"mime_type":"audio/opus","language":"eng","filename":"35c3-9852-eng-Exploring_fraud_in_telephony_networks_opus.opus","state":"new","folder":"opus","high_quality":false,"width":0,"height":0,"updated_at":"2018-12-28T15:35:04.595+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/opus/35c3-9852-eng-Exploring_fraud_in_telephony_networks_opus.opus","url":"https://api.media.ccc.de/public/recordings/31279","event_url":"https://api.media.ccc.de/public/events/30278963-3b07-49a8-96a7-2b24a8cf573b","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":226,"length":3724,"mime_type":"video/mp4","language":"eng-deu","filename":"35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks_sd.mp4","state":"new","folder":"h264-sd","high_quality":false,"width":720,"height":576,"updated_at":"2018-12-28T16:13:43.076+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/h264-sd/35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks_sd.mp4","url":"https://api.media.ccc.de/public/recordings/31286","event_url":"https://api.media.ccc.de/public/events/30278963-3b07-49a8-96a7-2b24a8cf573b","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":397,"length":3724,"mime_type":"video/webm","language":"eng-deu","filename":"35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks_webm-sd.webm","state":"new","folder":"webm-sd","high_quality":false,"width":720,"height":576,"updated_at":"2018-12-28T16:17:46.331+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/webm-sd/35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks_webm-sd.webm","url":"https://api.media.ccc.de/public/recordings/31295","event_url":"https://api.media.ccc.de/public/events/30278963-3b07-49a8-96a7-2b24a8cf573b","conference_url":"https://api.media.ccc.de/public/conferences/35c3"},{"size":875,"length":3724,"mime_type":"video/webm","language":"eng-deu","filename":"35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks_webm-hd.webm","state":"new","folder":"webm-hd","high_quality":true,"width":1920,"height":1080,"updated_at":"2018-12-28T17:07:26.638+01:00","recording_url":"https://cdn.media.ccc.de/congress/2018/webm-hd/35c3-9852-eng-deu-Exploring_fraud_in_telephony_networks_webm-hd.webm","url":"https://api.media.ccc.de/public/recordings/31301","event_url":"https://api.media.ccc.de/public/events/30278963-3b07-49a8-96a7-2b24a8cf573b","conference_url":"https://api.media.ccc.de/public/conferences/35c3"}]}