Some North American networks are seeing aggressive scans on SIP ports. The operator personnel managed to trace and relate these to toll fraud. People are using tools to discover devices with open SIP ports, and direct illegal calls through them. Not my PhD thesis, but interesting stuff. Someone might find it useful.