Stopping TDoS attacks

enforcement agencies in multiple states. The teen had exploited a flaw in a leading mobile operating system to initiate the TDoS attack through compromised cell phones.

To stop these insidious attacks, CSD is funding two research projects designed to harden defenses against TDoS attacks.

The first project addresses the growing attack sophistication, frequency, call volume and complexity of call-number spoofing, says Massey.

Led by SecureLogix, a VoIP security specialist, the team is developing a prototype solution for complex TDoS attacks that will use a multi-level filter approach to analyze and assign a threat score to each incoming call in real time. That score will help distinguish legitimate from malicious calls and help mitigate an influx of malicious calls by terminating or redirecting them to a lower priority queue, to a partner service that could manage the calls or to an additional service that could verify each call’s legitimacy.

The prototype is based on an existing voice-security solution, which provides a base to build upon so it can be deployed in complex voice networks. It also has an integrated business rules management system and machine-learning engine that can be extended easily with limited software modifications.

SecureLogix will deploy the prototype at a customer location, within the cloud and at a service provider network. The company also is working with multiple pilot partners including a 911 emergency call center, other emergency responders and large financial organizations, to deploy and validate the prototype in operational practice.

In the second project, a research team led by the University of Houston is addressing the vulnerability of Emergency 911 and Next-Generation (NG) 911 systems to TDoS, Distributed Denial of Service (DDoS), and robocall attacks, all of which pose significant threats to public safety.

S&T notes that the research team includes SecureLogix, FirstWatch, the Industry Council for Emergency Response Technologies, and cybersecurity analysts who specialize in penetration tests of telephony systems.

The team has assessed and modeled threats to the emergency response and public-safety communication network posed by DoS attacks. It is developing an integrated defense mechanism that is cost-effective, easy-to-manage, TDoS-defense capable, and customizable for the unique characteristics of varying 911 infrastructures.

The platform monitors each incoming call’s signaling messages, metadata and voice contents to determine if it is suspicious. It then prioritizes the call according to an analysis of its content and audio to ensure real emergency calls are routed to 911 operators for immediate action. Additionally, the team developed a novel approach to check for synthetic voice to identify and address potential TDoS calls generated by phone bots.

In the not-too-distant future, these new defenses will help bring an end to TDoS attacks, thereby denying malicious actors a potent tool.