In this paper, we present the design of Greystar, an innovative defense system for combating the growing SMS spam traffic in cellular networks. By exploiting the fact that most SMS spammers select targets randomly from the finite phone number space, Greystar monitors phone numbers from the grey phone space (which are associated with data only devices like laptop data cards and machine-to-machine communication devices like electricity meters) and employs a novel statistical model to detect spam numbers based on their footprints on the grey phone space. Evaluation using five month SMS call detail records from a large US cellular carrier shows that Greystar can detect thousands of spam numbers each month with very few false alarms and 15% of the detected spam numbers have never been reported by spam recipients. Moreover, Greystar is much faster in detecting SMS spam than existing victim spam reports, reducing spam traffic by 75% during peak hours.
|Original language||English (US)|
|Title of host publication||Proceedings of the 22nd USENIX Security Symposium|
|Number of pages||16|
|State||Published - 2013|
|Event||22nd USENIX Security Symposium - Washington, United States|
Duration: Aug 14 2013 → Aug 16 2013
|Name||Proceedings of the 22nd USENIX Security Symposium|
|Conference||22nd USENIX Security Symposium|
|Period||8/14/13 → 8/16/13|
Bibliographical noteFunding Information:
The work was supported in part by the NSF grants CNS-1017647 and CNS-1117536, the DTRA grant HDTRA1-09-1-0050. We thank Peter Coulter, Cheri Kerstetter and Colin Goodall for their useful discussions and constructive comments. Finally, we thank our shepherd, Patrick Traynor, for his many suggestions on improving the paper.