Page 184 - ITU Kaleidoscope 2016
P. 184

2016 ITU Kaleidoscope Academic Conference




          made identification and user feedbacks completely irrelevant.  mer can hide behind virtual private networks (VPNs) and Tor
                                                             networks to distribute the calls anonymously.
                                                             The PSTN has transformed from a closed national ecosystem
                2. THE RISE OF CALLER ID SPOOFING
                                                             to an open global ecosystem, therefore mutual trust and local
                                                             laws can no longer be relied upon to materially guard against
          The caller ID is a generic name for a supplementary service  the abuse of SS7’s inherent insecurities. There is a lack of ac-
          offered by the called party’s telephone company that presents  countability in phone identities. This is why we advocate for
          the calling party’s telephone number to the called party’s user  a standardized caller ID authentication scheme for the PSTN.
          equipment during an incoming call. It helps the called party  By securing the caller ID, not only would consumers benefit
          to decide whether to answer a call based on the caller’s phone  from being able to distinguish between verified and unveri-
          number, and, to call back the caller if the call could not be an-
                                                             fied caller IDs, it provides a foundation for many telephony
          swered. Since its introduction in the 1990s, the caller ID ser-
                                                             spam defenses (including law enforcement).
          vice has now become ubiquitous in almost every telephone
                                                             With the growing prevalence of phone fraud, calls from
          service. Today, the caller ID number is also used in other
                                                             billing, government, and banking institutions would also
          telephony services, such as the SMS and MMS, and, with
                                                             greatly benefit from providing authenticity of their caller
          the prevalence of smartphones, many smartphone apps and
                                                             IDs, such that their customers would feel greatly assured
          services also rely on the caller ID for identification.
                                                             doing business over the phone. Authenticated caller IDs may
          However, because the PSTN was traditionally regarded as a  also be useful for immediate customer identity verification,
          closed trusted network, it was designed with little security  without relying on (possibly stolen or guessable answers of)
          in mind. Telephone companies rely on the trust in other op-  security questions to verify the identity of customers. As
          erators to play by the rules. In the process of providing the  there are also scam calls that spoof the caller IDs of exist-
          caller’s telephone number, the originating exchange can con-  ing customers, which the malicious callers then trick the
          trol what caller ID number is sent on a call-by-call basis.  institution into emptying their customers’ bank account [14].
          Traditionally, a caller would need to gain control of a SS7  However, for any viable deployment of such feature, it re-
          switch in order to have the capability to customize the caller  quires ITU-T standardization to ensure mutual interoperabil-
          ID. In consumer telephony services, the caller ID is typically  ity. Therefore, standardization is key to building a PSTN
          managed by the caller’s Local Exchange Carrier (LEC), pre-  ecosystem that could rely on the trust of caller IDs.
          venting general users from spoofing the caller ID. It was also
          prohibitively expensive for individuals and small businesses
          to gain switch level access to the SS7 network, which kept the  3. HOW CALLER ID SPOOFING WORKS
          number of people with caller ID spoofing capability small.
          However, with the recent rise of IP access to the PSTN, cheap  The SS7 process of providing the caller ID or calling party
          IP-based client protocols (such as SIP [12]) are replacing the  number (CPN), is known as Calling Line Identification Pre-
          expensive traditional bulk telephone services (such as ISDN).  sentation (CLIP). In CLIP, the CPN is sent along with a call
          Cheap and accessible Voice-over-IP (VoIP) bulk telephony  request using the initial address message (IAM) to the desti-
          services are now becoming the norm.                nation exchange of the called party. The relevant details of
                                                             CLIP are defined in ITU-T Recommendation Q.731.3 [15],
          The PSTN is also moving toward being carried by the IP in-
                                                             Q.81.1 [16], Q.951.3 [17], and I.251.3 [18].
          frastructure (such as SIGTRAN [13]), however, the core SS7
          signaling protocols have not changed to ensure compatibil-  The CPN is either provided by the originating local ex-
          ity with legacy systems. Telephone companies still relied  change or by the calling party, where the CPN parameter
          upon trust in other switch operators to play by the rules. With  is inserted in the initial address message, which is sent as
          growing IP access to the PSTN, the SS7 network is no longer  part of the basic call procedures according to Recommenda-
          exclusive to traditional telephone carriers. Today, there are  tion Q.764 [19]. The IAM routes through transit exchange
          now many internet telephony service providers (ITSPs) that  switches until it reaches the destination exchange of the
          provide bulk telephony services over an Internet connection.  called party, in which the called party’s local exchange car-
          With the popularity of the cloud business model, access to  rier would convert and retransmit the CPN to a specific caller
          SS7 switch level capability is becoming more available to  ID format for the called party’s user equipment during the
          untrusted parties. Some ITSPs sell customizable caller ID  incoming call setup process.
          as a service feature, along with mass distribution technolo-  The parameter value of the CPN is placed within the op-
          gies such as voice broadcasting, voicemail broadcasting, and  tional part of the initial address message. The IAM follows
          SMS broadcasting, all provided over an Internet connection.  the ISUP (ISDN User Part) message format as defined in
          Further complicating matters, the Internet provides plenty of  Q.763 [20]. The CPN parameter follows a structured binary
          opportunities for a malicious caller to evade law enforcement  coding format as defined in Q.763.3.10 [20].
          through geography and technology. With an Internet connec-  To spoof the caller ID, the caller’s originating exchange or
          tion, a spammer can now cost-effectively distribute outbound  the calling party will declare the CPN parameter with false
          calls from an overseas location, beyond the jurisdiction of  information. In the US and many other jurisdictions, the
          law enforcement. To further prevent identification, the spam-  caller’s telephone service provider does not have any legal



                                                          – 166 –
   179   180   181   182   183   184   185   186   187   188   189