On 22 February 2010 22:23, Mark Lindsey <lindsey at e-c-group.com> wrote:
Speaking of Dave's point about fraud analysis -- an advantage of watching the traffic in real-time is that you can do something about a suspicious call. ?If the fraud analyzer is clever enough, it could accept the RADIUS accounting-start records and record the status of all active calls. Then if the call looks suspicious (a two-hour call to Jamaica from a customer who never places other International calls) then do an IDS-style teardown by killing the call with a spoofed BYE.
No need to do it the dirty way - you can tear the call down with a CAP/OCI-P call to the AS. Nice and clean. I've seen a pre-pay call control application use this method to tear down the call when a user reached their credit limit. Real-time rating. Cheers, Aled.