ABSTRACT

Security management against malicious intrusions and frauds in mobile telecommunication systems represents one of the most challenging problems for the wireless networking and mobile phone communities. Currently, mobile telephone carriers had been plagued by fraudulent use of cloned and stolen phone numbers. These fraudulent acts are costing them dearly in many countries, especially in countries where mobile phones can be rented freely and exchanged freely from some telecom carriers [1]. They are also witnessing, every year, a significant increase of their profit losses that are passed, unfortunately, to the mobile phone users. As a consequence, many of these mobile phone carriers are investing a large amount

CHAPMAN: “C4754_C023” — 2005/8/17 — 18:14 — page 360 — #2

of money in the R&D to develop efficient security management solutions to deal with their security concerns. In this chapter, we focus mainly on the cloning and subscription frauds. In a subscription fraud, an impostor may subscribe to the service provided by the mobile phone telecommunication company, with a prior intention of not paying for the service. The impostor can also steal, subscribe, or use, each month, a different mobile phone (e.g., using a different name/number). However, in all of these cases, these mobile phones will most likely have a common usage pattern. The cloning fraud is characterized by calls that were made by cloned phones where the calls will appear in a monthly billing statement of a legitimate phone. The cloning may occur via a simple radio that can capture the two identification numbers: ESN, Electronic Serial Number and MIN, Mobile Identification Number) of a legitimate phone. Here again, calls from cloned phones and calls from legitimate phones will most likely have different usage patterns, as usage pattern is specific to each mobile phone user. While it is true that cloning frauds can be significantly reduced using new hardware technologies, subscription frauds are hardware independent. Therefore, new software-based technologies must be developed and deployed to identify these malicious intruders. To the best of our knowledge little work has been done at the software level to deal with the cloning and subscription frauds problem [2-4].