SlideShare a Scribd company logo

Agenda: Introductions The TDoS Problem SIP and TDM Mediation Analytics and Detection Customer Case Studies Q/A and Discussion

Download as PPTX, PDF
A
Alan Percy

This document provides an overview of telephony denial of service (TDoS) attacks, their impact, detection and mitigation methods. It introduces TelcoBridges and TransNexus as companies that provide TDoS protection solutions for carriers and enterprises. The presentation includes examples of TDoS attacks customers experienced and how the companies' products defended against them. Future trends around increasing threats and SHAKEN call authentication standards are also discussed.

Technology
1 of 30
2 Agenda: Introductions The TDoS Problem SIP and TDM Mediation Analytics and Detection Customer Case Studies Q/A and Discussion
3 Today’s Presenters: Alan D Percy Product Marketing alan.percy@telcobridges.com Jim Dalton CEO TransNexus jim.dalton@transnexus.com Alec Fenichel Software Engineer alec.fenichel@transnexus.com
TelcoBridges Inc. • Manufacturer of telecom VoIP gateways and SBC software for carriers and enterprises • Privately held • Founded in 2002 • Employees: ~40 • Headquarters: Montreal, Canada • Hardware & software R&D as well as production of its products in Montreal • Sales/Support offices: Poland, Turkey, Hong Kong • 24/7 technical support 4 TelcoBridges HQ
• Software for the telecommunications industry since 1997 • Solutions for • Jurisdictional least cost routing • Fraud prevention • Robocall prevention • TDoS protection • STIR/SHAKEN • Analytics and reporting • Our software uses innovative methods that we’ve invented and patented TransNexus
6 Telephony Denial of Service (TDoS) “The Day the 9-1-1 Network Stood Still” • Hacker in Phoenix was looking for bugs in Apple iPhone security • Created web application that would dial 9-1-1 • Distributed application to unwitting user’s phones via Twitter • 1,800 compromised phones made thousands of 9-1-1 calls • Flooding 9-1-1 desks, overwhelming PSAP • Blocking real emergency usage • Required power-cycle of user’s phone to stop https://www.networkworld.com/article/3137526/the-day-the-911-network-stood-still.html
7 The Risks “If coordinated with an actual physical terrorist attack, this would be particularly catastrophic, resulting in a large number of victims losing the ability to connect with emergency services.” - William N. Bryan, Under Secretary for Science and Technology
8 TDoS Impact • More than a Nuisance • Negatively Impacting • Businesses • Government • Particularly Vulnerable: • 9-1-1 Emergency Call Centers • Banking and Financial • Health Care • Contact Centers
9 TDoS Attack Profiles Tsunami of Traffic Overwhelming Telephone Facilities Persistent Pest Taxing People and Resources
10 Where do TDoS Attacks Originate? • Usually using VoIP technology • (faster, cheaper, easier to hide) • Often Distributed Attacks • Malware on desktop or mobile device • Popular Open-source Applications • CPaaS Platforms • Legitimate notification services
11 TDoS Attacker Motivations Extortion “Send me Bitcoin or else…” Pranksters Fame and Fortune Distraction “Don’t look while I hack your system” Robocalls Inadvertent TDoS Competitor “I’ll get your customers”
What is the Impact? Doctors and healthcare workers must answer calls Businesses need bad calls blocked so they can get to the good ones Inbound call centers waste time answering calls. Consumers complain about robocalls
TDoS with SIP Trunking 13 ACD / PBX SBCSIP Trunking TDOS Cloud-based Analytics INVITE 302 503 603 SIP SIP Frustrated Customer Frustrated Customer
TDoS with TDM Trunking 14 ACD / PBX Gateway PSTN Trunking TDOS Frustrated Customer Cloud-based Analytics INVITE 302 503 603 TDM SIP or TDM
15 SIP Interface to Analytics SIP Response Code Action 503 Service Unavailable Call is good, proceed to next route (destination) 603 Decline Call is bad, disconnect 302 Moved Temporarily Call is suspect, re-route to screening application
• Highly flexible blacklisting • Invalid calling numbers • High risk calling numbers • Calling numbers with poor reputation • SIP Analytics: real time traffic analysis TDoS Detection Methods Let’s have a look at these methods…
• Easy to configure • Extensive blacklisting options available • Telephone number or prefix • Service provider, using their SPID/OCN • Location (e.g., state/province) • Country • Can be applied to all calls or specific telephone numbers • Can block everything and open pinholes as needed Highly Flexible Blacklisting
• We collect a list of high-risk and invalid numbers from a variety of sources • FCC consumer complaints • Our honeypot traps • Customer reported numbers • Available as a subscription service per telephone number Shield Database
• Provides a 0 – 100 reputation score for each calling number • Higher scores indicate a higher certainty of robocall detection • Thresholds and actions can be customized for each telephone number Reputation Service
• SIP Analytics performs real time traffic analysis before call setup • Automatically learns the call traffic patterns for each individual number • Can detect and prevent robocalls and TDoS attacks in milliseconds while legitimate calls continue uninterrupted SIP Analytics®
• Report only • Block • Send to voicemail • Send to CAPTCHA • Modify caller display name (CNAM) If an attack is detected, you can <SPAM> Audio sample
22 Future Trends 1. Increasing threats for enterprises 2. TDoS protection is a new opportunity for telephone service providers 3. SHAKEN Call Authentication • Calling number is digitally signed • Easy trace back for law enforcement
Case 1: Manufacturing Plant in Texas Attack: • Attacker leaves 200+ voicemails every night Defense: • Route suspect calls to CAPTCHA gateway for human verification
Case 2: Travel Booking Service Attack: • Competitor’s agents calling to tie up agents on the phone Defense: • SIP Analytics blocks repetitive calls from the same number
Case 3: Auto Dealer in Florida Attack: • PRI capacity filled by robocalls Defense: • Reputation and Shield block bad calls to free up PRI capacity
Case 3: Enterprise Solution 26 ACD / PBX PSTN Trunking TDM TDM Customer Premises TMG800 Gateway ClearIP Cloud-based Analytics INVITE 302 503 603 CAPTCHA Gateway
TelcoBridges Portfolio Confidential 27 Signaling and Media Gateways TMG800 Virtualized Session Border Controller Software Support and Professional Services TMG3200 TMG7800
28 TransNexus Portfolio • Dynamic call analytics and policies • Least Cost and Intelligent routing • Toll Fraud protection • Robocall and TDoS Controls • SHAKEN – Secure Telephony Identification • Feature rich for service providers • Simple to use for enterprise customers • Cloud based or on-premises
29 Learn More… www.FreeSBC.com/video-library
30 Learn More: Frequently Asked Questions at: forums.freesbc.com Book a FREE TDOS consultation at: www2.telcobridges.com/TDOShelp Q/A https://transnexus.com/ https://prosbc.com/

Recommended

Securty Issues from 1999
Securty Issues from 1999Securty Issues from 1999
Securty Issues from 1999TomParker
 
Cybersecurity Presentation by Tecomex Forensics Ltd
Cybersecurity Presentation by Tecomex Forensics LtdCybersecurity Presentation by Tecomex Forensics Ltd
Cybersecurity Presentation by Tecomex Forensics LtdDr. Idris Ahmed
 
Using fault injection attacks for digital forensics
Using fault injection attacks for digital forensics Using fault injection attacks for digital forensics
Using fault injection attacks for digital forensics Justin Black
 
Tecomex Forensics Brochure 2014
Tecomex Forensics Brochure 2014Tecomex Forensics Brochure 2014
Tecomex Forensics Brochure 2014Dr. Idris Ahmed
 
ppt
pptppt
pptVideoguy
 
Remote Guarding Vendor Tool
Remote Guarding Vendor ToolRemote Guarding Vendor Tool
Remote Guarding Vendor ToolElite ISI
 
Retail Location Security Complexities
Retail Location Security ComplexitiesRetail Location Security Complexities
Retail Location Security ComplexitiesEtienne Liebetrau
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_roomNCC Group
 

Recommended

Securty Issues from 1999
Securty Issues from 1999Securty Issues from 1999
Securty Issues from 1999TomParker
 
Cybersecurity Presentation by Tecomex Forensics Ltd
Cybersecurity Presentation by Tecomex Forensics LtdCybersecurity Presentation by Tecomex Forensics Ltd
Cybersecurity Presentation by Tecomex Forensics LtdDr. Idris Ahmed
 
Using fault injection attacks for digital forensics
Using fault injection attacks for digital forensics Using fault injection attacks for digital forensics
Using fault injection attacks for digital forensics Justin Black
 
Tecomex Forensics Brochure 2014
Tecomex Forensics Brochure 2014Tecomex Forensics Brochure 2014
Tecomex Forensics Brochure 2014Dr. Idris Ahmed
 
ppt
pptppt
pptVideoguy
 
Remote Guarding Vendor Tool
Remote Guarding Vendor ToolRemote Guarding Vendor Tool
Remote Guarding Vendor ToolElite ISI
 
Retail Location Security Complexities
Retail Location Security ComplexitiesRetail Location Security Complexities
Retail Location Security ComplexitiesEtienne Liebetrau
 
2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_room2012 12-04 --ncc_group_-_mobile_threat_war_room
2012 12-04 --ncc_group_-_mobile_threat_war_roomNCC Group
 
IVR Solutions at the Enterprise Level
IVR Solutions at the Enterprise LevelIVR Solutions at the Enterprise Level
IVR Solutions at the Enterprise LevelCallFire
 
Advanced Threat Protection: Lessons from a Red Team Exercise
Advanced Threat Protection: Lessons from a Red Team ExerciseAdvanced Threat Protection: Lessons from a Red Team Exercise
Advanced Threat Protection: Lessons from a Red Team ExercisePeter Wood
 
Ip
IpIp
Ipmangal das
 
Ip
IpIp
Ipmangal das
 
Voxeo Summit Day 2 - Securing customer interactions
Voxeo Summit Day 2 - Securing customer interactionsVoxeo Summit Day 2 - Securing customer interactions
Voxeo Summit Day 2 - Securing customer interactionsVoxeo Corp
 
Interactive Voice Response (IVR)
Interactive Voice Response (IVR)Interactive Voice Response (IVR)
Interactive Voice Response (IVR)Teckinfo Solutions Pvt. Ltd.
 
Alpha Com E
Alpha Com EAlpha Com E
Alpha Com Ekerryorr
 
The Role of SBC in Fraud Protection
The Role of SBC in Fraud ProtectionThe Role of SBC in Fraud Protection
The Role of SBC in Fraud ProtectionAlan Percy
 
The Role of SBCs in Fraud Protection
The Role of SBCs in Fraud ProtectionThe Role of SBCs in Fraud Protection
The Role of SBCs in Fraud ProtectionTelcoBridges Inc.
 
How to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeHow to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeTelcoBridges Inc.
 
How to Prevent Telecom Fraud
How to Prevent Telecom FraudHow to Prevent Telecom Fraud
How to Prevent Telecom FraudJeraSoft
 
How to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeHow to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeAlan Percy
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Alan Percy
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?TelcoBridges Inc.
 
RMS Tech Solutions - Digital Profile
RMS Tech Solutions - Digital ProfileRMS Tech Solutions - Digital Profile
RMS Tech Solutions - Digital ProfileRMSTechSolutions
 
Are You Vulnerable to IP Telephony Fraud and Cyber Threats?
Are You Vulnerable to IP Telephony Fraud and Cyber Threats?Are You Vulnerable to IP Telephony Fraud and Cyber Threats?
Are You Vulnerable to IP Telephony Fraud and Cyber Threats?Carl Blume
 
Deliver solutions cv_vebtech
Deliver solutions cv_vebtechDeliver solutions cv_vebtech
Deliver solutions cv_vebtechSvetlanaUsikava
 
5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths DebunkedJive Communications
 
MMPL corporate overview mail
MMPL corporate overview mailMMPL corporate overview mail
MMPL corporate overview mailMedley India Infosolution Pvt Ltd
 
VoIP Security 101 what you need to know
VoIP Security 101 what you need to knowVoIP Security 101 what you need to know
VoIP Security 101 what you need to knowEric Klein
 
Crexendo Business Solutions' Cloud Telecom Technology
Crexendo Business Solutions' Cloud Telecom TechnologyCrexendo Business Solutions' Cloud Telecom Technology
Crexendo Business Solutions' Cloud Telecom TechnologyDale Miller
 
SecureTower General Info
SecureTower General InfoSecureTower General Info
SecureTower General InfoAnton Lishchuk
 

More Related Content

What's hot

IVR Solutions at the Enterprise Level
IVR Solutions at the Enterprise LevelIVR Solutions at the Enterprise Level
IVR Solutions at the Enterprise LevelCallFire
 
Advanced Threat Protection: Lessons from a Red Team Exercise
Advanced Threat Protection: Lessons from a Red Team ExerciseAdvanced Threat Protection: Lessons from a Red Team Exercise
Advanced Threat Protection: Lessons from a Red Team ExercisePeter Wood
 
Voxeo Summit Day 2 - Securing customer interactions
Voxeo Summit Day 2 - Securing customer interactionsVoxeo Summit Day 2 - Securing customer interactions
Voxeo Summit Day 2 - Securing customer interactionsVoxeo Corp
 
Alpha Com E
Alpha Com EAlpha Com E
Alpha Com Ekerryorr
 

What's hot (7)

IVR Solutions at the Enterprise Level
IVR Solutions at the Enterprise LevelIVR Solutions at the Enterprise Level
IVR Solutions at the Enterprise Level
 
Advanced Threat Protection: Lessons from a Red Team Exercise
Advanced Threat Protection: Lessons from a Red Team ExerciseAdvanced Threat Protection: Lessons from a Red Team Exercise
Advanced Threat Protection: Lessons from a Red Team Exercise
 
Ip
IpIp
Ip
 
Ip
IpIp
Ip
 
Voxeo Summit Day 2 - Securing customer interactions
Voxeo Summit Day 2 - Securing customer interactionsVoxeo Summit Day 2 - Securing customer interactions
Voxeo Summit Day 2 - Securing customer interactions
 
Interactive Voice Response (IVR)
Interactive Voice Response (IVR)Interactive Voice Response (IVR)
Interactive Voice Response (IVR)
 
Alpha Com E
Alpha Com EAlpha Com E
Alpha Com E
 

Similar to Agenda: Introductions The TDoS Problem SIP and TDM Mediation Analytics and Detection Customer Case Studies Q/A and Discussion

The Role of SBC in Fraud Protection
The Role of SBC in Fraud ProtectionThe Role of SBC in Fraud Protection
The Role of SBC in Fraud ProtectionAlan Percy
 
The Role of SBCs in Fraud Protection
The Role of SBCs in Fraud ProtectionThe Role of SBCs in Fraud Protection
The Role of SBCs in Fraud ProtectionTelcoBridges Inc.
 
How to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeHow to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeTelcoBridges Inc.
 
How to Prevent Telecom Fraud
How to Prevent Telecom FraudHow to Prevent Telecom Fraud
How to Prevent Telecom FraudJeraSoft
 
How to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeHow to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeAlan Percy
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Alan Percy
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?TelcoBridges Inc.
 
RMS Tech Solutions - Digital Profile
RMS Tech Solutions - Digital ProfileRMS Tech Solutions - Digital Profile
RMS Tech Solutions - Digital ProfileRMSTechSolutions
 
Are You Vulnerable to IP Telephony Fraud and Cyber Threats?
Are You Vulnerable to IP Telephony Fraud and Cyber Threats?Are You Vulnerable to IP Telephony Fraud and Cyber Threats?
Are You Vulnerable to IP Telephony Fraud and Cyber Threats?Carl Blume
 
Deliver solutions cv_vebtech
Deliver solutions cv_vebtechDeliver solutions cv_vebtech
Deliver solutions cv_vebtechSvetlanaUsikava
 
5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths DebunkedJive Communications
 
VoIP Security 101 what you need to know
VoIP Security 101 what you need to knowVoIP Security 101 what you need to know
VoIP Security 101 what you need to knowEric Klein
 
Crexendo Business Solutions' Cloud Telecom Technology
Crexendo Business Solutions' Cloud Telecom TechnologyCrexendo Business Solutions' Cloud Telecom Technology
Crexendo Business Solutions' Cloud Telecom TechnologyDale Miller
 
SecureTower General Info
SecureTower General InfoSecureTower General Info
SecureTower General InfoAnton Lishchuk
 
The New Cloud Contact Center
The New Cloud Contact CenterThe New Cloud Contact Center
The New Cloud Contact CenterSteve Chirokas
 
Contact Center Capabilities
Contact Center CapabilitiesContact Center Capabilities
Contact Center Capabilitiesservice007
 
Centuric Overview
Centuric OverviewCenturic Overview
Centuric OverviewCenturic
 
Spark tg Contact Center Solution
Spark tg Contact Center SolutionSpark tg Contact Center Solution
Spark tg Contact Center SolutionBilal Husain
 
Telepacific's Hosted Telephone System
Telepacific's Hosted Telephone System Telepacific's Hosted Telephone System
Telepacific's Hosted Telephone System Bob Moore
 

Similar to Agenda: Introductions The TDoS Problem SIP and TDM Mediation Analytics and Detection Customer Case Studies Q/A and Discussion (20)

The Role of SBC in Fraud Protection
The Role of SBC in Fraud ProtectionThe Role of SBC in Fraud Protection
The Role of SBC in Fraud Protection
 
The Role of SBCs in Fraud Protection
The Role of SBCs in Fraud ProtectionThe Role of SBCs in Fraud Protection
The Role of SBCs in Fraud Protection
 
How to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeHow to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-Time
 
How to Prevent Telecom Fraud
How to Prevent Telecom FraudHow to Prevent Telecom Fraud
How to Prevent Telecom Fraud
 
How to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-TimeHow to Prevent Telecom Fraud in Real-Time
How to Prevent Telecom Fraud in Real-Time
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
 
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?Will STIR/SHAKEN Solve the Illegal Robocall Problem?
Will STIR/SHAKEN Solve the Illegal Robocall Problem?
 
RMS Tech Solutions - Digital Profile
RMS Tech Solutions - Digital ProfileRMS Tech Solutions - Digital Profile
RMS Tech Solutions - Digital Profile
 
Are You Vulnerable to IP Telephony Fraud and Cyber Threats?
Are You Vulnerable to IP Telephony Fraud and Cyber Threats?Are You Vulnerable to IP Telephony Fraud and Cyber Threats?
Are You Vulnerable to IP Telephony Fraud and Cyber Threats?
 
Deliver solutions cv_vebtech
Deliver solutions cv_vebtechDeliver solutions cv_vebtech
Deliver solutions cv_vebtech
 
5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked5 Common Hosted VoIP Myths Debunked
5 Common Hosted VoIP Myths Debunked
 
MMPL corporate overview mail
MMPL corporate overview mailMMPL corporate overview mail
MMPL corporate overview mail
 
VoIP Security 101 what you need to know
VoIP Security 101 what you need to knowVoIP Security 101 what you need to know
VoIP Security 101 what you need to know
 
Crexendo Business Solutions' Cloud Telecom Technology
Crexendo Business Solutions' Cloud Telecom TechnologyCrexendo Business Solutions' Cloud Telecom Technology
Crexendo Business Solutions' Cloud Telecom Technology
 
SecureTower General Info
SecureTower General InfoSecureTower General Info
SecureTower General Info
 
The New Cloud Contact Center
The New Cloud Contact CenterThe New Cloud Contact Center
The New Cloud Contact Center
 
Contact Center Capabilities
Contact Center CapabilitiesContact Center Capabilities
Contact Center Capabilities
 
Centuric Overview
Centuric OverviewCenturic Overview
Centuric Overview
 
Spark tg Contact Center Solution
Spark tg Contact Center SolutionSpark tg Contact Center Solution
Spark tg Contact Center Solution
 
Telepacific's Hosted Telephone System
Telepacific's Hosted Telephone System Telepacific's Hosted Telephone System
Telepacific's Hosted Telephone System
 

More from Alan Percy

Network Transformation Best Practices-Working.pptx
Network Transformation Best Practices-Working.pptxNetwork Transformation Best Practices-Working.pptx
Network Transformation Best Practices-Working.pptxAlan Percy
 
Tmedia for Metaswitch - an FAQ Session
Tmedia for Metaswitch - an FAQ SessionTmedia for Metaswitch - an FAQ Session
Tmedia for Metaswitch - an FAQ SessionAlan Percy
 
Marketing Open Source Software - 10 Tips
Marketing Open Source Software - 10 TipsMarketing Open Source Software - 10 Tips
Marketing Open Source Software - 10 TipsAlan Percy
 
Contact Center as a Service - Challenges and Successes
Contact Center as a Service - Challenges and Successes Contact Center as a Service - Challenges and Successes
Contact Center as a Service - Challenges and Successes Alan Percy
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCAlan Percy
 
How to Measure VoIP Voice Quality
How to Measure VoIP Voice QualityHow to Measure VoIP Voice Quality
How to Measure VoIP Voice QualityAlan Percy
 
What is SS7? An Introduction to Signaling System 7
What is SS7? An Introduction to Signaling System 7What is SS7? An Introduction to Signaling System 7
What is SS7? An Introduction to Signaling System 7Alan Percy
 
RESTful APIs and SBCs
RESTful APIs and SBCsRESTful APIs and SBCs
RESTful APIs and SBCsAlan Percy
 
VoIP Frequently Asked Questions
VoIP Frequently Asked QuestionsVoIP Frequently Asked Questions
VoIP Frequently Asked QuestionsAlan Percy
 
New Opportunities with Two Factor Authentication (2FA) - A How To
New Opportunities with Two Factor Authentication (2FA) - A How ToNew Opportunities with Two Factor Authentication (2FA) - A How To
New Opportunities with Two Factor Authentication (2FA) - A How ToAlan Percy
 
UCaaS with 3cx and ProSBC
UCaaS with 3cx and ProSBCUCaaS with 3cx and ProSBC
UCaaS with 3cx and ProSBCAlan Percy
 
The Future of Media Gateways
The Future of Media GatewaysThe Future of Media Gateways
The Future of Media GatewaysAlan Percy
 
ProSBC on Azure - A Tutorial
ProSBC on Azure - A TutorialProSBC on Azure - A Tutorial
ProSBC on Azure - A TutorialAlan Percy
 
uCPE and VNFs Explained
uCPE and VNFs ExplaineduCPE and VNFs Explained
uCPE and VNFs ExplainedAlan Percy
 
ProSBC a Deep Dive
ProSBC a Deep DiveProSBC a Deep Dive
ProSBC a Deep DiveAlan Percy
 
Enabling business with CPaaS and SBCs
Enabling business with CPaaS and SBCsEnabling business with CPaaS and SBCs
Enabling business with CPaaS and SBCsAlan Percy
 
Scaling Open Source Applications with SBCs
Scaling Open Source Applications with SBCsScaling Open Source Applications with SBCs
Scaling Open Source Applications with SBCsAlan Percy
 
ProSBC introduction
ProSBC introductionProSBC introduction
ProSBC introductionAlan Percy
 
Extending the Life of your SS7 Network with SIGTRAN
Extending the Life of your SS7 Network with SIGTRANExtending the Life of your SS7 Network with SIGTRAN
Extending the Life of your SS7 Network with SIGTRANAlan Percy
 
STIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQSTIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQAlan Percy
 

More from Alan Percy (20)

Network Transformation Best Practices-Working.pptx
Network Transformation Best Practices-Working.pptxNetwork Transformation Best Practices-Working.pptx
Network Transformation Best Practices-Working.pptx
 
Tmedia for Metaswitch - an FAQ Session
Tmedia for Metaswitch - an FAQ SessionTmedia for Metaswitch - an FAQ Session
Tmedia for Metaswitch - an FAQ Session
 
Marketing Open Source Software - 10 Tips
Marketing Open Source Software - 10 TipsMarketing Open Source Software - 10 Tips
Marketing Open Source Software - 10 Tips
 
Contact Center as a Service - Challenges and Successes
Contact Center as a Service - Challenges and Successes Contact Center as a Service - Challenges and Successes
Contact Center as a Service - Challenges and Successes
 
Robocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBCRobocall Mitigation with YouMail and ProSBC
Robocall Mitigation with YouMail and ProSBC
 
How to Measure VoIP Voice Quality
How to Measure VoIP Voice QualityHow to Measure VoIP Voice Quality
How to Measure VoIP Voice Quality
 
What is SS7? An Introduction to Signaling System 7
What is SS7? An Introduction to Signaling System 7What is SS7? An Introduction to Signaling System 7
What is SS7? An Introduction to Signaling System 7
 
RESTful APIs and SBCs
RESTful APIs and SBCsRESTful APIs and SBCs
RESTful APIs and SBCs
 
VoIP Frequently Asked Questions
VoIP Frequently Asked QuestionsVoIP Frequently Asked Questions
VoIP Frequently Asked Questions
 
New Opportunities with Two Factor Authentication (2FA) - A How To
New Opportunities with Two Factor Authentication (2FA) - A How ToNew Opportunities with Two Factor Authentication (2FA) - A How To
New Opportunities with Two Factor Authentication (2FA) - A How To
 
UCaaS with 3cx and ProSBC
UCaaS with 3cx and ProSBCUCaaS with 3cx and ProSBC
UCaaS with 3cx and ProSBC
 
The Future of Media Gateways
The Future of Media GatewaysThe Future of Media Gateways
The Future of Media Gateways
 
ProSBC on Azure - A Tutorial
ProSBC on Azure - A TutorialProSBC on Azure - A Tutorial
ProSBC on Azure - A Tutorial
 
uCPE and VNFs Explained
uCPE and VNFs ExplaineduCPE and VNFs Explained
uCPE and VNFs Explained
 
ProSBC a Deep Dive
ProSBC a Deep DiveProSBC a Deep Dive
ProSBC a Deep Dive
 
Enabling business with CPaaS and SBCs
Enabling business with CPaaS and SBCsEnabling business with CPaaS and SBCs
Enabling business with CPaaS and SBCs
 
Scaling Open Source Applications with SBCs
Scaling Open Source Applications with SBCsScaling Open Source Applications with SBCs
Scaling Open Source Applications with SBCs
 
ProSBC introduction
ProSBC introductionProSBC introduction
ProSBC introduction
 
Extending the Life of your SS7 Network with SIGTRAN
Extending the Life of your SS7 Network with SIGTRANExtending the Life of your SS7 Network with SIGTRAN
Extending the Life of your SS7 Network with SIGTRAN
 
STIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQSTIR-SHAKEN Top 10 FAQ
STIR-SHAKEN Top 10 FAQ
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsMaria Levchenko
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 

Recently uploaded (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 

Agenda: Introductions The TDoS Problem SIP and TDM Mediation Analytics and Detection Customer Case Studies Q/A and Discussion

  • 1.
  • 2. 2 Agenda: Introductions The TDoS Problem SIP and TDM Mediation Analytics and Detection Customer Case Studies Q/A and Discussion
  • 3. 3 Today’s Presenters: Alan D Percy Product Marketing alan.percy@telcobridges.com Jim Dalton CEO TransNexus jim.dalton@transnexus.com Alec Fenichel Software Engineer alec.fenichel@transnexus.com
  • 4. TelcoBridges Inc. • Manufacturer of telecom VoIP gateways and SBC software for carriers and enterprises • Privately held • Founded in 2002 • Employees: ~40 • Headquarters: Montreal, Canada • Hardware & software R&D as well as production of its products in Montreal • Sales/Support offices: Poland, Turkey, Hong Kong • 24/7 technical support 4 TelcoBridges HQ
  • 5. • Software for the telecommunications industry since 1997 • Solutions for • Jurisdictional least cost routing • Fraud prevention • Robocall prevention • TDoS protection • STIR/SHAKEN • Analytics and reporting • Our software uses innovative methods that we’ve invented and patented TransNexus
  • 6. 6 Telephony Denial of Service (TDoS) “The Day the 9-1-1 Network Stood Still” • Hacker in Phoenix was looking for bugs in Apple iPhone security • Created web application that would dial 9-1-1 • Distributed application to unwitting user’s phones via Twitter • 1,800 compromised phones made thousands of 9-1-1 calls • Flooding 9-1-1 desks, overwhelming PSAP • Blocking real emergency usage • Required power-cycle of user’s phone to stop https://www.networkworld.com/article/3137526/the-day-the-911-network-stood-still.html
  • 7. 7 The Risks “If coordinated with an actual physical terrorist attack, this would be particularly catastrophic, resulting in a large number of victims losing the ability to connect with emergency services.” - William N. Bryan, Under Secretary for Science and Technology
  • 8. 8 TDoS Impact • More than a Nuisance • Negatively Impacting • Businesses • Government • Particularly Vulnerable: • 9-1-1 Emergency Call Centers • Banking and Financial • Health Care • Contact Centers
  • 9. 9 TDoS Attack Profiles Tsunami of Traffic Overwhelming Telephone Facilities Persistent Pest Taxing People and Resources
  • 10. 10 Where do TDoS Attacks Originate? • Usually using VoIP technology • (faster, cheaper, easier to hide) • Often Distributed Attacks • Malware on desktop or mobile device • Popular Open-source Applications • CPaaS Platforms • Legitimate notification services
  • 11. 11 TDoS Attacker Motivations Extortion “Send me Bitcoin or else…” Pranksters Fame and Fortune Distraction “Don’t look while I hack your system” Robocalls Inadvertent TDoS Competitor “I’ll get your customers”
  • 12. What is the Impact? Doctors and healthcare workers must answer calls Businesses need bad calls blocked so they can get to the good ones Inbound call centers waste time answering calls. Consumers complain about robocalls
  • 13. TDoS with SIP Trunking 13 ACD / PBX SBCSIP Trunking TDOS Cloud-based Analytics INVITE 302 503 603 SIP SIP Frustrated Customer Frustrated Customer
  • 14. TDoS with TDM Trunking 14 ACD / PBX Gateway PSTN Trunking TDOS Frustrated Customer Cloud-based Analytics INVITE 302 503 603 TDM SIP or TDM
  • 15. 15 SIP Interface to Analytics SIP Response Code Action 503 Service Unavailable Call is good, proceed to next route (destination) 603 Decline Call is bad, disconnect 302 Moved Temporarily Call is suspect, re-route to screening application
  • 16. • Highly flexible blacklisting • Invalid calling numbers • High risk calling numbers • Calling numbers with poor reputation • SIP Analytics: real time traffic analysis TDoS Detection Methods Let’s have a look at these methods…
  • 17. • Easy to configure • Extensive blacklisting options available • Telephone number or prefix • Service provider, using their SPID/OCN • Location (e.g., state/province) • Country • Can be applied to all calls or specific telephone numbers • Can block everything and open pinholes as needed Highly Flexible Blacklisting
  • 18. • We collect a list of high-risk and invalid numbers from a variety of sources • FCC consumer complaints • Our honeypot traps • Customer reported numbers • Available as a subscription service per telephone number Shield Database
  • 19. • Provides a 0 – 100 reputation score for each calling number • Higher scores indicate a higher certainty of robocall detection • Thresholds and actions can be customized for each telephone number Reputation Service
  • 20. • SIP Analytics performs real time traffic analysis before call setup • Automatically learns the call traffic patterns for each individual number • Can detect and prevent robocalls and TDoS attacks in milliseconds while legitimate calls continue uninterrupted SIP Analytics®
  • 21. • Report only • Block • Send to voicemail • Send to CAPTCHA • Modify caller display name (CNAM) If an attack is detected, you can <SPAM> Audio sample
  • 22. 22 Future Trends 1. Increasing threats for enterprises 2. TDoS protection is a new opportunity for telephone service providers 3. SHAKEN Call Authentication • Calling number is digitally signed • Easy trace back for law enforcement
  • 23. Case 1: Manufacturing Plant in Texas Attack: • Attacker leaves 200+ voicemails every night Defense: • Route suspect calls to CAPTCHA gateway for human verification
  • 24. Case 2: Travel Booking Service Attack: • Competitor’s agents calling to tie up agents on the phone Defense: • SIP Analytics blocks repetitive calls from the same number
  • 25. Case 3: Auto Dealer in Florida Attack: • PRI capacity filled by robocalls Defense: • Reputation and Shield block bad calls to free up PRI capacity
  • 26. Case 3: Enterprise Solution 26 ACD / PBX PSTN Trunking TDM TDM Customer Premises TMG800 Gateway ClearIP Cloud-based Analytics INVITE 302 503 603 CAPTCHA Gateway
  • 27. TelcoBridges Portfolio Confidential 27 Signaling and Media Gateways TMG800 Virtualized Session Border Controller Software Support and Professional Services TMG3200 TMG7800
  • 28. 28 TransNexus Portfolio • Dynamic call analytics and policies • Least Cost and Intelligent routing • Toll Fraud protection • Robocall and TDoS Controls • SHAKEN – Secure Telephony Identification • Feature rich for service providers • Simple to use for enterprise customers • Cloud based or on-premises
  • 30. 30 Learn More: Frequently Asked Questions at: forums.freesbc.com Book a FREE TDOS consultation at: www2.telcobridges.com/TDOShelp Q/A https://transnexus.com/ https://prosbc.com/