Behavioral Analytics has made a noticeable impact in the generic threat detection community. However, the UC and RTC communities are greatly underserved with regard to machine learning and behavioral analytics-based solutions. With the wide varieties and inherent complexities of SIP and VoIP protocols, UC environments can only stand to benefit from the added value of behavioral analytics and machine learning. Many of the traditional security vendors have augmented their core competencies with behavioral analytics, allowing them to differentiate themselves from their competitors. Specific to the UC environment, behavior analysis combined with machine learning will become crucial for detecting many types of fraudulent activity.
Features & Benefits
- Telephony denial of service (T-DoS) attacks can take on many forms. Some can be identified by basic call volumetric violations. Others are far more clever, and disguise themselves in some cases by spreading the attack origination across many incoming calling numbers. This is where UCBA can be an integral component in the layered security detail, by determining malicious calling patterns and blocking those calls.
- One of the many benefits of using UCBA in your layered security approach is a well-defined baseline to establish “normal” activity. Deviations from this baseline can then be quickly identified and mitigated.
- Malicious exfiltration can be one of the more difficult actions to identify. In many cases traditional alarms will not be triggered. Being able to detect anomalies from normal daily operations is a key indicator of actions that may require deeper investigation.