CallShield

Voice Fraud and Revenue Protection

Use Cases Include: Robocall / Nuisance Call Detection and Revenue Share Fraud (IRSF and Wangiri)

Carriers can no longer rely on using only rules and thresholds for detection, as fraudsters themselves are using state of the art technology to avoid detection, such as artificial intelligence to change behavior in real-time and CLI Spoofing for more successful robocall attacks.

By using Mavenir’s native Machine Learning (ML)algorithms to identify fraud and other anomalous network behavior, reliance on rules can be avoided, providing higher accuracy, lower false positives, and the knowledge that known, future and unknown types of fraud will always be quickly identified.

Machine Learning

Not all anomalous activity on an operator’s network is fraudulent, but all fraud is anomalous. By using ML, identify unknown anomalies or future types without the need for new rules.

Dedicated ML algorithms are available to provide built-in focus on known fraud types such as Wangiri fraud / missed call back fraud, robocalling attacks, and revenue share frauds like IRSF, while also providing methods to identify new forms of unknown and future fraud that don’t exist today. Unique real-time data featurization ensures a targeted ML approach, with constantly improving detection precision.

Resources

OpenRAN Architecture Provides Path to More Secure Open Networks

Some features used by ML include: answer and decline rates, ring time, pre-recorded voicemail durations,  classifying abnormal traffic peaks, anomalous behavior classification, voicemail redirect rates, typical duration patterns, and other unknown anomalies.

Dedicated detection of ‘neighbor spoofing’ and ‘mirror spoofing’ techniques are also supported. ML identifies this traffic for detailed monitoring, and analyses all calls the caller id initiates to callee’s sharing the same range or caller id’s calling its same number. Deep long short-term memory (LSTM) and convolutional neural network (CNN) networks review entire neighborhoods holistically to identify robocall / cuisance calls, and quickly identify clusters of suspect calls with near perfect accuracy, even if caller-ids are spoofed. This is completed through a combination of behavioral analysis and feature categorization, such as: counts of distinct qualifying B-numbers, targeted sequential B ranges, average and spread of ring and talk durations, standard deviation of pause time between calls, categorizing rates of unanswered calls, etc.

Some features used by ML include: history of traffic from subscriber / towards B country, sudden increases, time of calls, history of communication, durations, time between calls, roaming status, IMEI change, average call duration and customer type.

Advantages of Mavenir’s Call Shield

Mavenir brought the latest in detection together from 5+ years of proprietary MLtechnology, enhanced with a fully scalable and highly adaptable solution suitable for Mobile Network Operators (MNO’s), Mobile Virtual Network Operators (MVNO’s) and wholesalers alike. The advantages of purchasing this solution from Mavenir are:

  • Various deployment models.
  • Modular design utilizing a big data backend.
  • Real time traffic ingestion and analysis, blocking, diverting, and customer warning.
  • ML algorithms designed in combination with deep domain expertise and supported with intelligent service turnings.
  • Pre-integrated with Mavenir traffic-based solutions including Mavenir Signaling Firewall as optional network integration point.
  • Pre-integrated with Mavenir ‘XMS’ component for traffic ingestion and system performance analysis.
  • Pre-integrated with Mavenir ‘Analytics’ component providing powerful data analysis and user created reports, dashboarding and widgets.

Integration Interfaces

Mavenir’s Call Shield is part of Mavenir’s Fraud and Security Suite that, among other capabilities includes a set of network facing elements or Policy Enforcement Points(PEP) normally deployed as a firewall on a specific signaling or data stream. Mavenir’s SIP firewall is a default PEP, and also support ISUP via a SS7 Firewall.

Figure 1: SIP Firewall is a default PEP. ISUP via SS7 Firewall also supported

 

 

Related Content

Real-time Network Protection Critical in Wake of Sophisticated Flubot Cyberattacks

06 July 2021

As more network customers become vulnerable, CSPs are challenged to build the right defenses and monitoring to protect and predict sophisticated cyber-attacks.

Read More

TIP’s Open RAN Project Group Accelerates the Development, Validation, and Deployment of Open RAN Solutions

24 June 2021

The TIP Open RAN Project Group has made significant progress, and its momentum is growing. Mavenir is a technology partner contributing to the project.

Read More

Top 3 Benefits of the RIC for All RAN

17 June 2021

As 5G gains momentum and new innovative mobile architectures are being adopted worldwide, a key component that will drive radio network automation and optimization is the RAN Intelligent Controller (RIC). Read this blog for the top three benefits of the RIC for all RAN.

Read More