Web ProForums
Fraud Analysis in IP and Next-Generation Networks
PDF of this tutorial5. IP and NGN Challenges
The successful containment of next-generation fraud presents many challenges. Preliminary identification and categorization of these challenges is crucial to the implementation of a fail-safe and all-encompassing defense perimeter to guarantee maximum network security. The following list is presented to simplify the reader's understanding of security requirements in both converging and next-generation networks.
NGN Technologies
- Are open and distributed by nature
- Lack inherent security mechanisms
- Run mission-critical applications
- Become increasingly complicated
- Are deployed before they have fully matured
- Offer few expert solutions for their effective management
- Require time- and cost-consuming integration and configuration
Next-Generation Fraud
- Can be easily concealed by hackers
- Makes security mechanisms extremely difficult to maintain, as result of the following:
- Inadequate passwords
- Incorrect configuration of firewalls
- Low employee awareness of security risks
- Insufficient knowledge of NGN environments
- Shortage in next-generation fraud specialists
- Enables fraud to be committed from multiple points in the network simultaneously
- Becomes easier to perform the following:
- IRC channels enable free transfer of sensitive information over open connections
- Tools, scripts, and detailed hacking instructions are publicly available on the Internet
- "Always-on" access technologies put domestic users at higher risk
Increased Incentive
- Profits from nonvoice services are rising.
- Total revenues are increasing.
- Revenues are shifting toward IP networks.
- Service value is based on content, not connection.
- Unlawful intrusion, resource abuse, and deliberate sabotage are easily committed.
- User identification, passwords, credit cards details, and codes are readily available.
- Potential for illegal gain is much higher than that offered by most first-grade felonies.
Growing Operator and SP Concerns
- Subscription fraud is increasing.
- Internal fraud is becoming a major problem.
- Hacking is no longer motivated by challenge or thrill.
- Newly devised billing schemes are being easily and unlawfully manipulated.
- New and highly sophisticated methods of fraud are introduced daily.
- Fraud scenarios are ever-changing.
- Discovery of new methods remains a "secret," enabling recurrence in another network.
- Privacy and data protection laws enable fraudsters to continue their activities.
- Most security mechanisms are only good for enforcing local access policies.
Requirements for Successful Containment of Fraud
- Security mechanisms must be complemented by a central fraud management system.
- The fraud analysis system should do the following:
- Maintain the integrity of the entire security infrastructure
- Act against the adversary and not against the specific attempt
- Enable easy, correct configuration
- Support swift, cost-effective integration of new technologies, products, and services
- Be equipped with an intelligent means of data collection
- Detect and present results on-line, enabling immediate counteraction before severe harm is done
- Assimilate the now familiar pattern to prevent its recurrence
