Transcription
The Telephony Denial of Service(TDoS) ThreatAn Analysis of the TDoS Threat in Voice Network SecurityA Whitepaper FromSecureLogix Corporation
Telephony Denial-of-Service (TDoS) and The Public Voice ostcommonformofvoice- IP,end- ‐to- nd- ‐to- ‐endInternetProtocol(IP)- ‐basedDoStechniquesthatrelyonIP- nslatecallsbetweenSIPandTDM;anIP- ages,makingitdifficulttotransmitpacket- /cableSIPofferings,Internet- nonymouscallingnumberscheapandeasy.Types of TDoS renttypesofattacks:1
somesocial- ‐network- inuouslydial911.Thisisareal- erthemalware.The Current TDoS ritical,public- ionsummarizingthecurrentthreatsweseeinreal- 2
tofphones.Atitspeak,thisattackwasgeneratingsome hisattackillustratesthatawell- ymaysuffersuchanattack.Anexampleofareal- edinQ4of2016.Anindividualleveragedaclick- ‐to- asimplepieceofcode,reallyjustaloop,3
whichusedtheclick- ‐to- wareneededtoexploittheclick- ‐to- control.AttackerscanuseSIP- mesincreasinglyeasytogeneratealargescale,high- stems.Consideraworst- sthealready- DoS,whichisverydifficulttomitigate,evenbystate- ‐of- ‐the- avethepotentialforverydisruptiveattacks.4
rosstheorganization.Generating a TDoS defromthesmartphone- ,distributedTDoSwillbepossible,whereavoice- erateTDoSattacksisasfollows: Select the phone numbers at the victim. Since the numbers are generally public facing (often 1-800 numbers or911), they are very easy to source from the victim’s website. For a large contact center, it is also possible tolocate some portion of the contact center that has limited resources and/or is a choke point. rnetthatdescribehowtosetthemup. ber,decidewhataudiotoplay,choosethecallrate,etc. thevoicesystems.5
xisting eautomatedandmanual/social- ‐network- ‐originatedTDoSattacks.Legacy hemforTDoSdefensesolutions.Service sophisticatedattacks,butforlargeservice- DoSattack.6
hroughnetworkinterfaces,alsoallowingacloud- ‐baseddeployment.Ahigh- ‐levelarchitecturaldiagramofourhigh- letofeednewbusinessrules.Thesolutionsoffercall- ‐controloptionsandsupportforsemi- ware.7
SecureLogixCorporation13750SanPedro,Suite820 SanAntonio,Texas78232(210)402- ‐9669 rs. ved.8
1 Telephony Denial-of-Service (TDoS) and The Public Voice Network systems.!It!