A systemization of fraud in telephony networks, illustrated by a study of over-the-top bypass

Telephone networks form the oldest large scale network that has grown to touch over 7 billion people. Telephony is now merging many complex technologies and because numerous services enabled by these technologies can be monetized, telephony attracts a lot of fraud. This talk aims to systematically explore the fraud in telephony networks, by differentiating between the root causes, the vulnerabilities, the exploitation techniques, the fraud types and finally the way fraud benefits to the fraudsters. As a concrete example, we will present the Over-The-Top (OTT) bypass fraud, where the regular international phone calls (originated from PSTN or cellular networks) are hijacked and terminated over a smartphone application, instead of being terminated over the normal telecom infrastructure. We will evaluate the possible techniques to detect and measure this fraud and analyze its real impact on a small European country through a case study.