Spam of Mobil LECTURE NOTES ON SMS By

advertisement
Department of Software
The University of Babylon
LECTURE NOTES ON SMS Spam of Mobil
By
Dr. Samaher Hussein Ali
College of Information Technology, University of Babylon, Iraq
Samaher@inet.uobabylon.edu.iq
20 December 2013
Def. of Spam
•
SMS service
Short Message Service (SMS) is a text messaging
(communication) service component of mobile communication systems.
• Using standardized communications protocols that allow The exchange of
short text messages between mobile phone devices
• SMS is the most widely used data application, with an estimated 3.5 billion
active users, or about 80% of all mobile phone subscribers
• Note 1:
Another Def. of SMS SPAM: Spam text messages are unsolicited and generally
unwanted commercial advertisements sent to wireless phones via text or
picture/video messaging. The Purposes of SMS spam
1. unsolicited advertising,
2. phishing ,
3. malware propagation ,
4. Tricking subscribers into calling premium numbers
20 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 13
Types of SMS Related Mobile
• SMS spoofing: SMS spoofing is when the identity of the sender is
taken over by a hacker. SMS messages are sent for free by the
hacker whilst the victim is charged for sending this fraudulent
traffic.
•
SMS faking: SMS faking is when the hacker gains unauthorised
access to the Mobile Network Operator’s network by faking the
Signaling Connection Control Part (SCCP) calling and called party
addresses.
• SMS flooding: SMS flooding takes place when unsolicited SMS
messages are sent to a user, which can cause a denial-of-service
condition in both the core network and radio access networks
20 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 13
The Main Differences Between Email Spam And SMS Spam
1. The billing relationship: Unlike email users, mobile subscribers
have a billing mechanism in place to pay for calls, messages, data
and premium rate services. An attack involving a premium rate
number can be highly profitable for the scammer.
2. The level of trust and willingness: Mobile phone subscribers tend
to trust the SMS messages they receive. Any message purporting
to be from a friend or trusted organization, such as a bank, is
generally opened, read and acted upon. Smartphone users are also
increasingly willing to download applications for mobile banking,
stock trading and entertainment.
3. Touchscreens: With the increasing number of touchscreen
smartphones now available, it is all too easy to accidentally click
on a link to a premium rate number or website.
20 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 13
The Disadvantages of SMS Spam
It can be particularly annoying for the recipient( For user ) because
 Unlike in email, some recipients may be charged a fee for every message
received, including spam.
 The fact that SMS engenders higher response rates as it is a trusted and personal
Service
 You can’t usually delete a cellphone text message before you open it
 There is a limited availability Of mobile phone spam-filtering software
 Mobile network operators are also suffering financially, Experiencing higher
network and operating costs and increased Customer care costs in addition to
damage to their brand and Threat of regulation.
20 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 13
Factors complicating SMS Spam Reduction
Fighting SMS spam is complicated by several factors,
1. including the lower rate of SMS spam (compared to more abused services such as Internet
email), which has allowed many users and service providers to ignore the issue,
2. Filtering SMS spam at the recipient device would be an imperfect solution in markets where
users are charged to receive messages, as the user maybe still be charged for the message once
the provider sent it, even if software on the device blocked it from appearing on the device's
display. This problem is not present in most of the world outside the U.S., however, where
users are not charged to receive messages.
3. Providers may fear liability should a legitimate message of an emergency nature be blocked.
On the other hand, in academic settings, Unlike email spam, which has available a large variety
Of datasets, For instance, the lack of Real and public databases can compromise the evaluation of
Different approaches. Private companies who are reluctant or unable to make Their customers’
data available for research purposes.
20 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 13
Types of mobile messaging attacks
1.
SMS Spam – This is the most basic form of attack where unsolicited messages
are sent to subscribers for mass advertising and Social Engineering Viral
Hoaxes.
2.
Premium rate fraud – Unsolicited messages that trick subscribers to call
premium rate numbers or sign up for subscription services that are charged to
the bill
3.
Phishing (including SMShing) – Unsolicited messages asking subscribers to
call certain numbers to extract confidential information, which is then used for
other purposes.
4.
VASP Abuse – Unsolicited messages sent to subscribers from services
providers for marketing purposes. In many countries this is regulated and
prosecutions against attackers have begun to increase.
20 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 13
The main Techniques to deal with SMS Spam
In general, there are three methods to deal with spam:
1.
Simple filtering
2.
SMS spam filtering is a relatively new task which inherits many issues and
solutions from Email spam filtering. However it poses its own specific challenges.
3.
IT suggests that proven technologies in email Spam filtering may be useful in
combating SMS spam.
as a result, the filtering is consider the best method and it contain two idea.
1. Black list phone numbers: This list contains all phone numbers that the user wants to
block them . In this case, the proposed technique will block the incoming SMS
messages that match these numbers.
2. Black list words: This list contains all words (spam words) that the user wants to
block them. In this case, the proposed technique will block the incoming SMS
messages that match these words.
20 December 2013
Dr. Samaher Hussein Ali
Notes of Lecture 13
Download