| Monitoring Tools for Lawful Interception, Data Retention,
Fraud Detection, Voice Quality
Most service providers and carriers across the world comply to law enforcement agency requirements of lawful interception. The methods for interception of communications services has been evolving with technology, from traditional TDM to All-IP LTE-IMS technologies. Irrespective of the technology, the lawful intercept tools help to detect un-lawful activities, identify fraudulent calls, data retention, targeted surveillance, and study usage patterns. When "problem calls" occur infrequently but often enough, they can negatively affect profit, productivity and efficiency. However, to analyze "why or how such a problem occurred" when massive call volumes are involved, operators face the finding a needle in a haystack situation.
Generally, methods deployed to perform fraud detection, is to use monitoring tools non-intrusively. Lawful interception systems for IP and TDM may be used or conventional tools to capture unknown or abnormal calls based on the calling activity. GL’s capture, monitoring, and filtering tools can help to identify and drill-down to the “calls-of-interest” or “fraudulent calls”.
GL’s CDR Analysis (Call Data Record and Analysis) tools have been widely used by network operators and carriers to troubleshoot poor call quality problems, as modules or tools in “larger lawful intercept” solutions, to detect fraudulent calls, for traffic engineering, for call analysis, and for billing. These tools can detect, classify and selectively capture “calls-of-interest” from massive volume of calls.
The CDR Analysis system permits,
- scalable architecture allows up to STM-4 rate per server
- multiple servers can be stacked to increase call capturing capacity to 10's of thousands of calls
- supported protocols include - SIP, SIGTRAN, ED137, RTP, MEGACO, MGCP, Skinny (SCCP), LTE, IMS, Diameter, UMTS, GSM, CAP, MAP, INAP, SS7, ISDN, PPP, and CAS.
- signaling decode information on each call, including ladder diagrams
- detect call types (voice, sms, fax, video, …)
- store CDRs in database/ CSV file formats
- automatically record voice traffic for all calls or filtered calls
- continuous unlimited recording, limited only by hard disk or network storage space
- capture/playback audio – listen and record audio streams
- ability to store voice in PCM or WAV formats
- drill-down to problem calls using filters for post analysis
- analyze and identify customer calling patterns
- capture for extended periods of time from hours to months
- real-time call filtering - search for "calls of interest" while live capturing continues
- filter calls based on called number, calling number, or type of call
- monitor daily operations thru call statistics
- monitor usage of trunks on a daily or weekly basis
- provide insight into overall performance
As depicted in the diagram above, GL’s CDR Analysis system comprises of Protocol Analyzers (non-intrusive monitoring probes) and Packet Data Analyzers components.
GL’s Protocol Analysis probes are deployed in the network to non-intrusively monitor and capture the bi-directional calls on the network. These probes are available for all networks – IP, Wireless, Optical, TDM, and PSTN, and depending on the underlying network, suitable GL’s hardware platform may be used.
GL’s Packet Data Analyzers (PDA) work with probes to generate CDRs, record voice/video/fax/tones/digits on the established calls and perform analysis on captured data quality. PDA processes the captured packets/frames, identifies, and segregates calls based on signaling and traffic parameters. Sophisticated filters permit zooming and recording of specific calls of interest. All or filtered traffic can be recorded into a trace file.
Users can listen/record audio and video data of a session VoIP calls in real-time; perform speech-level analysis, fax analysis, video analysis, power, frequency, spectral, tone and digit analysis with ease and precision; get an exact picture of QOS (quality of the service) and the technical adherence of the system under test (adherence to the protocols specified by the standardizing authority).
For deploying probes for TDM network, refer to available T1 E1 hardware platforms and T3 E3 hardware platforms webpages.
For deploying probes for Optical network, refer to available Optical platforms webpage.
For deploying probes for Packet IP network, refer to available Packet/IP platforms webpage.
Use Cases in interception of telecommunication services
Requirement #1 – Post Call Analysis for Call Quality, Called / Calling Numbers, Mid Call Digits
- Capture continuously 24/7
- Drill-down to problem calls for post capture for analysis
- Filter records between certain time duration, MOS score, codec, called number, calling number, or calls with certain mid call digits
Requirement #2 – Calls of Interest for Troubleshooting, Fax Call Interception, SMS Call Interception, Targeted Calls Interception for law enforcement agencies
- Search for "calls of interest" while live capturing continues
- Identify different call types (voice, SMS, Fax, Location update, Supplementary Services, …)
- Filter and drill down to certain voice calls (incoming, outgoing, advertising)
- Record calls from un-identifiable source or unusual customer
- Identify and troubleshoot fraudulent calls
Requirement #3 – Traffic Engineering
- Historical storage and retrieval of call capture records
- Find calls by 'days of the week' Or by 'hour of the day' (24-hr period call analysis)
- Analyze the total and average call duration per hour, per week, or month
- Analyze and identify normal and unusual calling patterns
- Monitor daily operations through call statistics
- Monitor usage of trunks on a daily or weekly basis
Requirement #4 – Voice Quality
- Generate automated Call Quality Reports periodically and send email
- Identify factors that affect voice quality and network performance
- Call Volume and Duration over day, week, or month
- Call failure causes, answered or unanswered calls
- Session disconnect delay, post dial delay
- MOS scores - conversational and listening
- Average packet loss, jitter, and delay