scope:

This technical report provides analysis of calling party spoofing mitigation techniques in the converged Internet Protocol (IP) communication network environment. The scope includes the following:

• Summary description of the problems associated with originating party spoofing in IP communication networks.

• Provide an analysis of the following mitigation techniques:

• 3GPP P-Asserted Identity (PAI) trust model;

• Number Signaling and Validation Techniques (Secure Telephone Identity Revisited/Secure Handling of Asserted Identities Using Tokens [STIR/SHAKEN] Framework), including that of the Calling Party and International Gateway;Certificate Granularity (Service Provider versus "per TN");

• Blacklists (local and global);

• Whitelists (local and global);

• Honeypots;

• Post call notification (e.g., dial a "*" code after hanging up);

• Network verification of Session Initiation Protocol (SIP) PAI/FROM for IP Private Branch Exchange (PBX) call originations;

• Do Not Originate;

• Call Detail Records (CDR) Trace.

The mitigation techniques provided in this analysis also apply to illegitimate robocalls.

Purpose

The purpose of this document is to provide an analysis of the available and proposed mitigation techniques, and guidance on standard approaches for addressing originating party spoofing.