Re: SHAKEN/STIR Robocall Summit - July 11 2019 at FCC

[Paul Timmins <paul () telcodata us>]

Chris it would be trivial for this to be fixed, nearly overnight, by 
creating some liability on the part of carriers for illicit use of 
caller ID data on behalf of their customers.

But the carriers don't want that, so now we have to create tons of 
technical half solutions to solve a problem that would be neatly solved 
by carriers.


On 7/11/19 12:09 AM, Christopher Morrow wrote:
> There seem like a bunch of pretty simple 'correlations' one could
> make, that actually look a heck of a lot like 'netflow/log analysis
> for ddos detection':
>      o is this trunk sourcing calls to 'too many' of my subs in period-of-time-X
>      o is this trunk sourcing calls from a low distribution of ANI but
> a different distribution of CallerID
>      o is this trunk sourcing calls from unmatched (as a percent of
> total) ANI/CallerID
>
> I would think you could make similar correlations across the
> destinations on your phone-network:
>      o Is there one ANI or CallerID talking to 'all' (a bunch, more
> than X of type Y customer end point) of my endpoints?
>      o are there implausible callerid being used? (lots of 'NPA-NXX
> matches destination, yet from a very different geography?)