[OpenSIPS-Users] Fraud Detection in OpenSIPS 1.12

Anton lav at ptcomm.ru
Sat Nov 15 22:02:05 CET 2014

This module is compatible with version Opensips 1.11.2?
if so, where to find it?

02.09.2014 20:26, Răzvan Crainea пишет:
> Hi all,
> The second topic discussed during the last IRC meeting[1] was about 
> building a Fraud Detection module that prevents PBX or accounts 
> hijacking.
> Basically the module will allow you to define different dialing 
> profiles (the destination you are dialing, how often, how many 
> parallel calls, etc.) - the profiles are statically defined via DB. 
> Such profile is assigned to a dialing entity (end-user, SIP trunk, 
> inbound gateway, etc.). These metrics can be further interpreted to 
> block or allow certain suspicious calls from that entity.
> The module will export a new command in the OpenSIPS script that can 
> be used to check whether the call should be allowed or not. The 
> command will return different error codes, depending on the severity: 
> 1 for the normal state (call should be allowed, no abnormalities 
> detected), -1 for warning (user is approaching to a critical limit) 
> and -2 for critical (thresholds are reached, call should not be 
> allowed). A usage example might be something like this:
> if (check_fraud("$rU", "$fU", "premium") < 0) {
>     switch($retcode) {
>     case -1:
>         xlog("WARNING: $fU called to $rU\n");
>         break;
>     case -2:
>         xlog("CRITICAL: $fU called to $rU - call denied\n");
>         send_reply("403", "Forbidden");
>         exit;
>     }
> }
> Moreover, the module will also trigger events (that can be handled by 
> event_routes or external applications) whenever those thresholds are 
> reached.
> The discussion was not closed during the meeting, so we need to gather 
> more ideas for the Fraud Detection module. What kind of features would 
> you like to see in this module? What use case scenarios you find 
> suitable for fraud detection? How would you like to use this feature?
> Feel free to give any feedback you find useful for this!
> [1] http://www.opensips.org/Community/IRCmeeting20140827
> Best regards,

More information about the Users mailing list