Voice over Internet protocol (VoIP) is a popular technology today as it helps reduce communication costs apart from offering other benefits such as superior functionality and reliability. Billing is one of the most fundamental components of a commercial VoIP service and it has a direct impact on all VoIP subscribers. The basic requirement of any VoIP billing function is that it needs to be highly reliable and trustworthy. As VoIP service providers depend on billing to charge their customers for all billable services, reliability of billing services is of paramount importance. On the other hand, VoIP subscribers expect the billing to be accurate so that they will be charged only for the calls they have made and for the duration they have called. Additionally, the VoIP billing should be resilient to fraud and be free of any inconsistency between what the service providers provide and what the customers receive. The existing VoIP billing mechanism is based on VoIP signaling. Session initiation protocol (SIP) is the most popular VoIP signaling protocol and it is utilized widely in commercial VoIP services. Consequently, any vulnerability in SIP could lead to billing issues in SIP-based VoIP systems. Toward asserting the importance of securing billing attacks, researchers from George Mason University, Virginia, USA, have come out with an extensive study on how the vulnerabilities of SIP can be exploited to compromise the reliability of the billing of SIP-based VoIP systems. The researchers have specifically focused on billing attacks that lead to inconsistencies between what the VoIP service providers offer and what the VoIP subscribers receive.
展开▼
