VoIP Systems
Overview
Analyzing logs from VoIP systems to detect unauthorized access, potential toll fraud, and other security incidents related to voice communication.
Sample products
- Extrahop
- Site24x7 VoIP Monitoring
- SolarWinds VoIP & Network Quality Manager
Use Case Categories
| Category | Description |
|---|---|
| VoIP Compliance Monitoring | Monitor VoIP compliance with regulatory requirements, industry standards, and service level agreements (SLAs) to ensure compliance with legal and regulatory mandates. Generate audit trails, compliance reports, and call detail records (CDRs) for VoIP usage, billing, and regulatory compliance. |
| Threat Detection | Entails identifying and mitigating a wide range of security threats that target VoIP systems, including unauthorized access, fraud, and various forms of cyberattacks. |
| VoIP Security Monitoring | Monitor VoIP security events, authentication logs, and access control mechanisms to detect and prevent VoIP security threats and attacks. Identify unauthorized access attempts, SIP scanning attacks, or toll fraud incidents to protect VoIP infrastructure from security breaches. |
Core Use Cases
| Alert Name | Description |
|---|---|
| Unauthorized Call Detection | Detects unauthorized or fraudulent calls made from the system. |
| International Call Spike | Identifies a sudden spike in international calls, which could indicate toll fraud. |
| Suspicious Call Patterns | Identifies patterns in call behavior that deviate from normal operational profiles. |
| Denial of Service (DoS) Attacks | Identifies DoS attacks aimed at disrupting VoIP services and degrading call quality. |
| Irregular Call Duration | Detects calls with durations that significantly deviate from typical patterns, indicating possible misuse. |
| Anomalous Call Volumes | Identifies unusual volumes of calls, which could indicate a security or operational issue. |
MITRE ATT&CK
T1595, T1498