02-10-2010, 01:26 PM
[attachment=4839]
Introduction
The mobile telecommunications sector is severely affected by security threats, with fraud attacks in roaming contexts one of the greatest causes of financial losses in the industry every year. Because of the evolution of the services provided by telecommunications operators, more and more elaborate attack techniques are being developed by international fraudsters. These activities impact directly on the companies involved and have repercussions regarding potential increases in tariffs. Therefore, it is necessary for providers, governments, and users to establish and facilitate technical, political, economic, and social measures to prevent fraud in roaming. Success in this undertaking will benefit
all parties except the wrongdoers. To illustrate the incidence and relevance of the issues dealt with in this article, some global statistics regarding current worldwide mobile communications are provided in Table 1.
It should also be noticed that the progressive deployment and integration of new broadband technologies (3G/4G) in the near future could help reduce fraud in the field of mobile communications. With these considerations in mind, this article presents an overview of the problem of fraud in roaming environments for mobile communications, as well as various strategies or techniques to tackle it. Two main contributions are made. First, fraud techniques and related protection methods are described and classified, and the advantages and drawbacks of each are reviewed. Second, because the visibility of fraud incidents influences customers’ perception of the reputations of the companies affected, the latter are reluctant to publicize details of such occurrences.
Little research has been carried out in this field, partly due to the low perception of the problem and also because of the lack of data available for analyzing the algorithms and techniques applied. Consequently, we seek to stimulate research in this area by highlighting the main problems, which to some extent overlap with those encountered in intrusion detection in the area of data networks.
Introduction
The mobile telecommunications sector is severely affected by security threats, with fraud attacks in roaming contexts one of the greatest causes of financial losses in the industry every year. Because of the evolution of the services provided by telecommunications operators, more and more elaborate attack techniques are being developed by international fraudsters. These activities impact directly on the companies involved and have repercussions regarding potential increases in tariffs. Therefore, it is necessary for providers, governments, and users to establish and facilitate technical, political, economic, and social measures to prevent fraud in roaming. Success in this undertaking will benefit
all parties except the wrongdoers. To illustrate the incidence and relevance of the issues dealt with in this article, some global statistics regarding current worldwide mobile communications are provided in Table 1.
It should also be noticed that the progressive deployment and integration of new broadband technologies (3G/4G) in the near future could help reduce fraud in the field of mobile communications. With these considerations in mind, this article presents an overview of the problem of fraud in roaming environments for mobile communications, as well as various strategies or techniques to tackle it. Two main contributions are made. First, fraud techniques and related protection methods are described and classified, and the advantages and drawbacks of each are reviewed. Second, because the visibility of fraud incidents influences customers’ perception of the reputations of the companies affected, the latter are reluctant to publicize details of such occurrences.
Little research has been carried out in this field, partly due to the low perception of the problem and also because of the lack of data available for analyzing the algorithms and techniques applied. Consequently, we seek to stimulate research in this area by highlighting the main problems, which to some extent overlap with those encountered in intrusion detection in the area of data networks.