Crime scene investigation: SMS spam data analysis

Authors:
Ilona Murynets;Roger Piqueras Jover
Affiliations:
AT&T Security Research Center, New York, NY, USA;AT&T Security Research Center, New York, NY, USA
Venue:
Proceedings of the 2012 ACM conference on Internet measurement conference
Year:
2012

Citing 8
Cited 2

An empirical study of spam traffic and the use of DNS black lists

Proceedings of the 4th ACM SIGCOMM conference on Internet measurement
Understanding the network-level behavior of spammers

Proceedings of the 2006 conference on Applications, technologies, architectures, and protocols for computer communications
Content based SMS spam filtering

Proceedings of the 2006 ACM symposium on Document engineering
Feature engineering for mobile (SMS) spam filtering

SIGIR '07 Proceedings of the 30th annual international ACM SIGIR conference on Research and development in information retrieval
Characterizing botnets from email spam records

LEET'08 Proceedings of the 1st Usenix Workshop on Large-Scale Exploits and Emergent Threats
Email Spam Filtering: A Systematic Review

Foundations and Trends in Information Retrieval
Social networks and context-aware spam

Proceedings of the 2008 ACM conference on Computer supported cooperative work
A behavior-based SMS antispam system

IBM Journal of Research and Development

The curse of 140 characters: evaluating the efficacy of SMS spam detection on android

Proceedings of the Third ACM workshop on Security and privacy in smartphones & mobile devices
Greystar: fast and accurate detection of SMS spam numbers in large cellular networks using grey phone space

SEC'13 Proceedings of the 22nd USENIX conference on Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

The Short Messaging Service (SMS), one of the most successful cellular services, generates millions of dollars in revenue for mobile operators. Estimates indicate that billions of text messages are traveling the airwaves daily. Nevertheless, text messaging is becoming a source of customer dissatisfaction due to the rapid surge of messaging abuse activities. Although spam is a well tackled problem in the email world, SMS spam experiences a yearly growth larger than 500%. In this paper we present, to the best of our knowledge, the first analysis of SMS spam traffic from a tier-1 cellular operator. Communication patterns of spammers are compared to those of legitimate cell-phone users and Machine to Machine (M2M) connected appliances. The results indicate that M2M systems exhibit communication profiles similar to spammers, which could mislead spam filters. Beyond the expected results, such as a large load of text messages sent out to a wide target list, other interesting findings are made. For example, the results indicate that the great majority of the spammers connect to the network with just a handful of different hardware models. We find the main geographical sources of messaging abuse in the US. We also find evidence of spammer mobility, voice and data traffic resembling the behavior of legitimate customers.