McInnes, Nathaniel, Wills, Gary and Zaluska, Edward (2019) Analysis of a PBX toll fraud honeypot. International Journal for Information Security Research (IJISR), 9 (1), 821-830. (doi:10.20533/ijisr.2042.4639.2019.0094).
Abstract
Organisations are moving over from legacy telecommunications to Voice over IP (VoIP), enabling greater flexibility, resilience and an overall cost reduction. Session Initiated Protocol (SIP) is considered to be the main VoIP protocol in the business–to-business market, but the correct implementation and configuration is not always well- understood. The failure to configure SIP systems correctly has led to significant fraud exploiting a range of vulnerabilities and billions of dollars every year being stolen from companies of all sizes through PBX Hacking via the medium of Toll Fraud. Previous research into this area is now dated but suggested fast-changing approaches by attackers. Industry organisations such as the Communications Fraud Control Association (CFCA) acknowledged this is a fast-growing problem. To quantify the size of the current problem, a Honeypot experiment was undertaken using a popular phone system used by businesses. The Honeypot ran for 10 days and recorded just under 19 million SIP messages. This research has identified attackers are using various sophisticated methods to attempt to gain access and trick a PBX into making calls. When comparing previous research, the rate of attack is approximately 30 times more aggressive and the countries from where attacks originate are distributed over 75 countries.
More information
Identifiers
Catalogue record
Export record
Altmetrics
Contributors
University divisions
- Faculties (pre 2018 reorg) > Faculty of Engineering and the Environment (pre 2018 reorg) > Southampton Marine & Maritime Institute (pre 2018 reorg)
- Current Faculties > Faculty of Engineering and Physical Sciences > School of Electronics and Computer Science
School of Electronics and Computer Science - Current Faculties > Faculty of Engineering and Physical Sciences > School of Electronics and Computer Science > Web and Internet Science
School of Electronics and Computer Science > Web and Internet Science - Current Faculties > Faculty of Engineering and Physical Sciences > Web Science Institute > CDT Web Science Innovation
Web Science Institute > CDT Web Science Innovation - Current Faculties > Faculty of Engineering and Physical Sciences > School of Electronics and Computer Science > Cyber Physical Systems
School of Electronics and Computer Science > Cyber Physical Systems
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.