The present disclosure relates generally to telecommunications, and more particularly to fast and accurate detection of SMS spam numbers via monitoring grey phone space.
The increase in use of mobile devices has brought with it an onslaught of unwanted Short Message Service (SMS) spam. It has been reported that the number of spam messages in the US increased 45% in 2011 to 4.5 billion messages. In 2012, according to some reports, more than 69% of the mobile users received text spam. The vast amount of SMS spam not only results in an annoying customer user experience but a significant cost to cellular service providers and customers.
One approach adopted by mobile carriers to identify unwanted SMS is based on user spam reports. In particular, users forward spam messages to short code 7726 (which corresponds to letters on telephone keypads and forms the word “SPAM” on most phones). Carriers then confirm these reported spam numbers and restrict them from future SMS activities. This method, however, suffers from low user report rate and user delays in reporting, resulting in significant detection delay. This method is also vulnerable to denial-of-service attacks since malicious users can game the system to disable legitimate users by sending fake spam reports to 7726. Other methods such as volumetrics used to detect spam numbers are often inapplicable in practice due to high false alarm rates, because many legitimate customers often exhibit similar SMS sending patterns, such as the numbers employed by schools, churches and other organizations for informing their members or subscribers of information. There are existing systems deployed at the Signaling System Number 7 (SS7) network to detect and filter spam messages by inspecting SMS message content and search for predefined spam signatures (e.g., keywords, strings or regular expressions). Nonetheless, spammers can evade detection by obfuscating text content. Some systems have been developed such as smartphone applications (referred to as apps) to classify spam messages on user mobile devices. However not all the devices, such as feature phones, support execution of such apps. In addition, many of those types of apps carry a large overhead which can drain battery power and reduce system resources. Furthermore, from a user's perspective this method is a late defense as the spam message has already arrived on a user's device. Depending on the user's message plan, the user may be charged for the message, become vulnerable to malware, and suffer the annoyance from receiving unsolicited and unwanted messages. Moreover, high volumes of spam messages may result in congestion and other impacts on network performance.