(Study on a method to protect unlawful caller ID change of VoIP) :

(Study on a method to protect unlawful caller ID change of VoIP) :

7 1 14 2 18 3 30

4 42 5 76 1. - 79

< 2-1> 2008 23 < 2-2> 28 < 3-1> 31 < 3-2> 32 < 3-3> PBX 33 < 3-4> 34 < 4-1> 71 < 4-2> VPN IP 75 < 4-3> H.323 75

[ 1-1] 17 [ 2-1] 26 [ 3-1] 36 [ 3-2] 36 [ 3-3] 37 [ 3-4] 38 [ 3-5] 39 [ 3-6] 40 [ 3-7] 41 [ 4-1] SIP/H.323 44 [ 4-2] 45 [ 4-3] 2 47 [ 4-4] VoIP 49 [ 4-5] No.7 50 [ 4-6] No.7 52 [ 4-7] No.7 53 [ 4-8] 54 [ 4-9] 55 [ 4-10] IP-PBX 57 [ 4-11] PBX 58 [ 4-12] VPN 59 [ 4-13] 60 [ 4-14] ( ) 61 [ 4-15] ( ) 62

[ 4-16] B2C (, / / ) 63 [ 4-17] B2B (, / / ) 64 [ 4-18] 67 [ 4-19] 68 [ 4-20] IP-PBX 68 [ 4-21] 69 [ 4-22] 72

(voice) (phishing)', 5 5,200 2 6,000 2,600. 2009,..,.,,.,,

.. o - - o - - -. o - - o - - o - -

,....,.,,.,.

The word Voice phishing is a compound word of voice and phishing which means fraud. Unlawful caller ID change is a crime that hides the caller by changing the caller ID or displaying the caller ID of specific organization. To protect that voice phishing criminal, korea government enforced a method that requires to insert an identification number of international call to the incoming international calls since 2009. Recently, voice phishing damage case is increased by using foreign originating VoIP or impersonating a public institution by unlawful change of caller ID. That becomes a critical social problem. Ordinary people is not easy to identify voice phishing phone calls because the indication of international call is not displayed at the cellular phone terminal in case of the originating call is VoIP. To protect vulnerable member of society from unlawful change of caller ID and solve the social problem, we need the analysis of incoming call path and improvement of system and method to protect unlawful change of caller ID. To do this, we analyze the caller ID change service and method of providing of international call of mainstay/special category telecommunications operators and study on the technical and systematical counterplan for voice phishing.

The scope of the project is following. o analysis of caller ID change service and incoming call path of VoIP of mainstay telecommunication operators o the study on the identification of international call and countermeasure on unlawful change of caller ID The result of this project is summarized as follows. o Study on improvement of system for countermeasure on unlawful change of caller ID - survey and analysis of system of national and foreign and cases of damage of voice phishing - Study on system to protect unlawful change of caller ID o Study on countermeasure on voice phishing by unlawful change of caller ID - study on the method to block the unlawful change of Caller ID - study on the method to block impersonation a public institution o study on countermeasure on voice phishing by international calls of VoIP - analysis of incoming paths of international VoIP calls of mainstay/special category telecommunications operators - study on the identification of international calls and displaying the identification information of international VoIP calls.

This study can be used as basic material to change system for the display/change of caller ID by an analysis of current status of unlawful change of caller ID and study on the method to block and prevent the damage of voice phishing. We want to minimize the voice phishing crime to prevent the damage in the country by drawing the countermeasure on the impersonation of public institution among the voice phishing which is currently causing severe damage to society. W hope to contribute the improvement and enforcement of telecommunication business act which is the related system with it by drawing of technical and systematical method which is related impersonation of public institution by unlawful change of caller ID. We can expect the prevention effect of voice phishing of international calls by using analysis of incoming path and displaying the international call identification information of international calls which are developed by this project. We can also expect the effect of prevent the damage of voice phishing by impersonation of public institution by using the result of the study of blocking/displaying of caller ID. Prevention of unlawful change of caller ID will protect the people from phone fraud which impersonates of public institution by reduction a large portion of the occurrence of voice phishing which became social problem.

CONTENTS

제 1 장서론

1 (voice) (phishing)', 5 5,200 2 6,000 2,600. 2009,. 2006 6 2009, 2011.,, ATM,..,..

., /.. o - - o - - o - - 2.,,,,.

.,,,,.,,..,. [ 1-1]

제 2 장발신번호표시변작대응을위한제도개선방안연구

1 1. (,, ). 5 5,200 2 6000 2,600. 2009,.,.,,. 2.,,,

....,. ARS...,.,,.,,.

,,,,,.,,,.(, ).,.,,.., ARS.,!,.

2 1., 060.. 2007 8,,...,., SMS. 2008 6, 5.

,,... < 2-1> 2008 54 2( ) 1 3 ( ) 4.,. 第 73 條 ( 罰則 ) 者 5 罰金 處. 54 2( ) 1 3 ( ) 4 --------- ------------------------------------ ------------------------------------ --------. < > 第 7 3 條 ( 罰則 ) ------------------------------------ ------------------------------. 1. 6. ( ) 1. 6. ( ) 7. 54 2 4 7. --------------------------------- ------------------------------------ ------------------------------------ --

,,,,,. -. 119, 119 119 119 - (15YY, 16YY),.,,.. -.. -,,.,

,. 2010 4 SMS,... 2. ATM, 2008 2009., 001, 002. KT 001, LG 002, SK 005, SK 006, 008. 2009 9,.

[ 2-1] (, ). 3 1. 070 060, 1000.,.,

.,, /,,. - (10Y~19YY) - (030) - (050) - (060) - (080) - (1588, 1644 ) - (Direct Inward Dialing)/ (Direct Out Dialing) - (FMC: Fixed Mobile Convergence) - - 01X.. 2..

.,..,., 2011 11 ( ). < 2-2> 84 ( ) 4 ( ) 84 ( ) 4 ( ) < > 5 ( 4 ),,. 1. 2. < > 6 4 5.

100 ( ) 100 ( ) 5 -------------------------------------------------. ------------------------------------------------. 1. ㆍ2. ( ) 1. ㆍ2. ( ) < > 3. 84 5

제 3 장발신번호표시변작에의한전화금융사기대응방안연구

1 1.,.. < 3-1> - - - : - : - : - : - : - : - : - : - : - : - SSW - (DOD) -.,

- : - : - : - : - : - :,.,.,,. DB DB. < 3-2> - - - : - : - - : - : - : - :

- : - :, - : - : -, - 1 1 - : - : -, PSTN - 1 1 - : - : / - ( / ), ( ) - : - : ( ),,, ( / ) IP-PBX,, IP-PBX IP-PBX IP-PBX., IP-PBX, IP-PBX. IP-PBX IP-PBX. < 3-3> PBX PBX, - PBX PBX - PBX PBX - PBX

- PBX check - (IP-PBX), - PBX CID - PBX - PBX - IP-PBX,, - DID, IP-PBX, Gateway.,,..,. ID/. H.323. < 3-4> - -, - SSW

-, - SSW - - -, - - Provisioning -, -. -, 2. IP-PBX (SoftSwitch, SIP Proxy Server, Gatekeeper) (IP-PBX/PBX).,,. IP-PBX IP-PBX., IP-PBX.

- - -, IP-PBX -, IP-PBX. [ 3-1] [ 3-2]

IP-PBX IP-PBX., telnet, IP-PBX.,, telent. [ 3-3],.,.

2 1.... - - IP / / [ 3-4]. -,

- - PBX - DID DOD, PBX. (PSTN),. [ 3-5]. - PSTN

- PSTN,.,. 2.. DB, IP. [ 3-6]

[ 3-7]. -, - DB -,

제 4 장인터넷전화국제호식별및식별정보표시방안연구

1.,..,.. 1. SIP/H.323. SIP/H.323 SIP(Session Initiation Protocol) H.323,.,

. [ 4-1] ➀,.,,. H.323 SIP. 4 SIP/H.323. [ 4-1] SIP/H.323 o - 00X.

,.,. [ 4-2] ➀ ➁,.,., IP, IP. IP.,. H.323 SIP. 4 SIP/H.323. [ 4-2]

o VoIP - 00X o, o, IP - IP - 00X IP,. 2 A, A B B. [ 4-3] ➀, ➁, ➂,,,. A B A IP

. A IP. A B IP IP A B IP. A B,. A IP B, B IP. A B IP IP. [ 4-3] 2 A o A VoIP B

o A, o A, IP A, IP B, B o B, o B, IP A B IP, 2. No.7. VoIP VoIP No.7 No.7 No.7. IP (H.323/SIP) No.7. [ 4-4] ➀

,. No.7. ISUP,. [ 4-4] VoIP o VoIP. No.7,

H.323 SIP, No.7. [ 4-5],. No.7,.. No.7 IP IP. [ 4-5] No.7 o VoIP

o, o, IP - No.7, IP, IP 3. No.7. VoIP No.7 [ 4-6] SIP H.323 No.7,,..,.

[ 4-6] No.7 o VoIP. No.7 (SIP, H.323), No.7, IP., IP No.7.

[ 4-7] No.7 o VoI o, o, IP - No.7, IP, IP

4...,. IP, IP. IP IP. [ 4-8] o IP

.,.. IP. IP IP. IP. [ 4-9] o IP

o, o, IP. (IP-PBX) IP-PBX IP-PBX IP. IP-PBX IP, IP IP. IP-PBX IP,,. IP-PBX IP. IP-PBX IP-PBX IP-PBX. IP-PBX IP. IP-PBX IP-PBX IP-PBX.

[ 4-10] IP-PBX IP-PBX o IP-PBX IP o IP-PBX, o IP-PBX, IP. PBX PBX G/W IP. IP. PBX IP

. [ 4-11] PBX PBX o PBX IP o, IP o, IP -, IP PBX, IP

5. VPN VPN IP IP, VPN IP/ IP. VPN IP VPN DPI. [ 4-12] VPN 2 1. CID 00X CID

.,,. [ 4-13] 2.. CID 00X CID. [ 4-14] CID

CID 00X-1234,. [ 4-14], CID. [ 4-14] ( ). SSW [ 4-15] SSW SSW CID 00X. CID.

[ 4-15], CID CID 00X-1234,. [ 4-15], CID. [ 4-15] ( ) 3. / SKT( ) KT(ShowMe). ( B2C ) (B2B ), / /.

. o ( (SKT), ShowMe (KT)), 2. / - B2C : SKT, KT,. - B2B :,. B2B (, ) CID [ 4-16] B2C (, / / )

[ 4-17] B2B (, / / ). o,. -,, o CID, /. o

/ - KT - SKT 1,560 -, o / -, -,.,., CID /

.., /. /.,. 3 1.... o

[ 4-18] o. - - -, - 00X+070,. o IP IP

[ 4-19] o IP / /, IP, IP [ 4-20] IP-PBX o. - IP, IP -, - 00X+070, - IP VPN. - IP-PBX IP. IP-PBX IP

, IP - IP-PBX.. o ( ) IP,, IP, SBC IP IP, IP [ 4-21]

o. - IP, IP -., -, - 00X+070, - IP-PBX IP. IP-PBX IP, IP - IP-PBX. - PSTN, PSTN. IP. IP, IP,

. 2.,. 00X 00XXX.. < 4-1> 1234 00X-1234 00X-1234 00X-1234 o. - (00X) -, 3.. CID,

. o, ( ) (SMS ), SMS [ 4-22]., ( :,, ).. o. -,., -,,

( ) -, -, - - -,. -, -, -, -. 00X. CID

(00X)+.. o. -,, (CID) -, -, - PSTN -, - - SIP - - -, 5

4. (VPN, Virtual Private Network),. VPN VPN IP IP. < 4-2> VPN IP IP IP 116.x.x.x 20000 00 129.x.x.x 30000 20110628:11:01:01 20110628:12:00:01 H.323,. < 4-3> H.323 ID abcd 02-123-45 67 IP 02-736-01 12 116.x.x.x 20110628:11:01:01 20110628:11:02:01

제 5 장결론

.,.,..,,.,,,. IP,

.,.,,..

부록

1. - 1. A VoIP SSW A SBC(Session Boarder Controller) SIP. A SBC C4 SSW GW PSTN PSTN. SBC VoIP. [ -1] A 2. B VoIP VoIP GK /, VoIP.

[ -2] B I SSW C4 SSW VoIP,, C4 SSW VoIP. [ -3] B II 3. C ( ) SSW C4 SSW,, C4SSW VoIP. VoIP VoIP.

[ -4] C 4. D SIP/H.323 SSW D SSW, (SG) (TG) C4 SSW C4SSW C5SSW. [ -5] D

5. E VoIP (SG) (TG) No.7,, VoIP (SIP, H.323 ). [ -6] E 6. F SSW CGS (MSC) MSC. [ -7] F

7. G SSW SSW. SSW No.7. [ -8] G 8. H SSW., C4SSW. SSW SSW No.7. [ -9] H

9. I No.7,, LE. [ -10] I 10. I SBC SSW MGW No.7. SSW (SIP) MGW No.7 No.7. [ -11] I

(2008),, 14 (2008), (2009), ( ), (2009), VPN ( ), 10 (2010), (2010),,,, (2010), :,, (2008), : ' (Voice Phising)',

(Study on a method to protect unlawful caller ID change of VoIP) 2011 12 2011 12 20 TEL: 02-750-1114 E-mail: webmaster@kcc.go.kr Homepage: www.kcc.go.kr