Because of its usefulness and the money involved in the business, it is subject to fraud. Moreover, nowadays an increased number of fraudulent works are in existence. One such fraudulent activity is the caller identification spoofing attack. Unfortunately, the security standards are not strong enough to detect and prevent such fake calls. They become dangerous conduits for Internet security threats to reach the telecommunication infrastructure. This paper aims at detecting the spoofed phone calls and preventing such calls. This scheme is
implemented …show more content…
Detecting Spoofed calls
Detection of caller identification spoof is by an end-to-end caller identification verification mechanism. The detection mechanism is automated and requires very little user input. Considering A as the caller, B as the receiver, and C as the attacker who tries to spoof A’s caller identification while calling B. In such a spoofing scenario, A may not be in B’s contact list (unknown), and A’s number could be invalid (unreachable). Since the verification operation is preformed automatically, we expand our definition of the names and refer A,
B, and C to the devices of caller, receiver and attacker respectively. In addition A, B, and C can be a smart phone, a mobile phone, a PSTN phone, or a VoIP phone. In all such cases the detection is made successful.
3. Use Cases
SpoofControl relies on a covert channel that is built on top of an end-to-end communication services in telephone networks for verification. SpoofControl can detect spoofing even if caller identification is not in the contact list or is unreachable. There are two use cases of SpoofControl, one for an emergency call scenario and the other for a regular call scenario. In both cases, the end users can utilize SpoofControl to verify caller