Abstract:
Telecom policies in every country are determined by National Telecom Regulator (NTR). In many countries around the world, NTRs has imposed call termination taxes on national calls as well as international calls landing in that country. In many third world countries, every year almost 90 % international traffic by-passes regulatory check, causing a great revenue loss to the country. The use of illegal gateway to bypass the Voice Clearing Houses to terminate international traffic using VoIP gateways, GSM / local line branch exchanges or other related equipment is called “Grey traffic". Use of encryption techniques is the easiest way to hide the VoIP traffic from any Clearing house. In this paper we have described a way to identify this illegal activity over the Internet. We have used traffic analysis techniques coupled with statistical anomaly based Intrusion Detection system and behavior analysis to detect, segregate and qualify VoIP traffic into different categories (targeted, suspicious and Grey). We have performed traffic analysis for IP, IPSec, PPtP, TCP, UDP, TLS, SSL and any application layer encryption protocol for VoIP.
Network Police is a robust and dynamic application for PTA and other Telecommunication Companies facing the wrath of Grey Traffic. It has extensively and successfully been tested under stress conditions and results have been double checked through rigorous testing.
