Department of Software The University of Babylon LECTURE NOTES ON SMS Spam of Mobil By Dr. Samaher Hussein Ali College of Information Technology, University of Babylon, Iraq Samaher@inet.uobabylon.edu.iq 20 December 2013 Def. of Spam • SMS service Short Message Service (SMS) is a text messaging (communication) service component of mobile communication systems. • Using standardized communications protocols that allow The exchange of short text messages between mobile phone devices • SMS is the most widely used data application, with an estimated 3.5 billion active users, or about 80% of all mobile phone subscribers • Note 1: Another Def. of SMS SPAM: Spam text messages are unsolicited and generally unwanted commercial advertisements sent to wireless phones via text or picture/video messaging. The Purposes of SMS spam 1. unsolicited advertising, 2. phishing , 3. malware propagation , 4. Tricking subscribers into calling premium numbers 20 December 2013 Dr. Samaher Hussein Ali Notes of Lecture 13 Types of SMS Related Mobile • SMS spoofing: SMS spoofing is when the identity of the sender is taken over by a hacker. SMS messages are sent for free by the hacker whilst the victim is charged for sending this fraudulent traffic. • SMS faking: SMS faking is when the hacker gains unauthorised access to the Mobile Network Operator’s network by faking the Signaling Connection Control Part (SCCP) calling and called party addresses. • SMS flooding: SMS flooding takes place when unsolicited SMS messages are sent to a user, which can cause a denial-of-service condition in both the core network and radio access networks 20 December 2013 Dr. Samaher Hussein Ali Notes of Lecture 13 The Main Differences Between Email Spam And SMS Spam 1. The billing relationship: Unlike email users, mobile subscribers have a billing mechanism in place to pay for calls, messages, data and premium rate services. An attack involving a premium rate number can be highly profitable for the scammer. 2. The level of trust and willingness: Mobile phone subscribers tend to trust the SMS messages they receive. Any message purporting to be from a friend or trusted organization, such as a bank, is generally opened, read and acted upon. Smartphone users are also increasingly willing to download applications for mobile banking, stock trading and entertainment. 3. Touchscreens: With the increasing number of touchscreen smartphones now available, it is all too easy to accidentally click on a link to a premium rate number or website. 20 December 2013 Dr. Samaher Hussein Ali Notes of Lecture 13 The Disadvantages of SMS Spam It can be particularly annoying for the recipient( For user ) because Unlike in email, some recipients may be charged a fee for every message received, including spam. The fact that SMS engenders higher response rates as it is a trusted and personal Service You can’t usually delete a cellphone text message before you open it There is a limited availability Of mobile phone spam-filtering software Mobile network operators are also suffering financially, Experiencing higher network and operating costs and increased Customer care costs in addition to damage to their brand and Threat of regulation. 20 December 2013 Dr. Samaher Hussein Ali Notes of Lecture 13 Factors complicating SMS Spam Reduction Fighting SMS spam is complicated by several factors, 1. including the lower rate of SMS spam (compared to more abused services such as Internet email), which has allowed many users and service providers to ignore the issue, 2. Filtering SMS spam at the recipient device would be an imperfect solution in markets where users are charged to receive messages, as the user maybe still be charged for the message once the provider sent it, even if software on the device blocked it from appearing on the device's display. This problem is not present in most of the world outside the U.S., however, where users are not charged to receive messages. 3. Providers may fear liability should a legitimate message of an emergency nature be blocked. On the other hand, in academic settings, Unlike email spam, which has available a large variety Of datasets, For instance, the lack of Real and public databases can compromise the evaluation of Different approaches. Private companies who are reluctant or unable to make Their customers’ data available for research purposes. 20 December 2013 Dr. Samaher Hussein Ali Notes of Lecture 13 Types of mobile messaging attacks 1. SMS Spam – This is the most basic form of attack where unsolicited messages are sent to subscribers for mass advertising and Social Engineering Viral Hoaxes. 2. Premium rate fraud – Unsolicited messages that trick subscribers to call premium rate numbers or sign up for subscription services that are charged to the bill 3. Phishing (including SMShing) – Unsolicited messages asking subscribers to call certain numbers to extract confidential information, which is then used for other purposes. 4. VASP Abuse – Unsolicited messages sent to subscribers from services providers for marketing purposes. In many countries this is regulated and prosecutions against attackers have begun to increase. 20 December 2013 Dr. Samaher Hussein Ali Notes of Lecture 13 The main Techniques to deal with SMS Spam In general, there are three methods to deal with spam: 1. Simple filtering 2. SMS spam filtering is a relatively new task which inherits many issues and solutions from Email spam filtering. However it poses its own specific challenges. 3. IT suggests that proven technologies in email Spam filtering may be useful in combating SMS spam. as a result, the filtering is consider the best method and it contain two idea. 1. Black list phone numbers: This list contains all phone numbers that the user wants to block them . In this case, the proposed technique will block the incoming SMS messages that match these numbers. 2. Black list words: This list contains all words (spam words) that the user wants to block them. In this case, the proposed technique will block the incoming SMS messages that match these words. 20 December 2013 Dr. Samaher Hussein Ali Notes of Lecture 13