MétaCan
Menu
Back to cohort
Record W4324007164 · doi:10.14722/ndss.2023.24416

Preventing SIM Box Fraud Using Device Model Fingerprinting

2023· article· en· W4324007164 on OpenAlex

Why this work is in the frame

A frame that forgets how it found something cannot be audited. These are the routes that admitted this work.

affAt least one author lists a Canadian institution in the pinned OpenAlex snapshot.

Bibliographic record

Venuenot available
Typearticle
Languageen
FieldComputer Science
TopicInternet Traffic Analysis and Secure E-voting
Canadian institutionsKootenay Association for Science & Technology
FundersInstitute for Information and Communications Technology PromotionKorean National Police AgencyMinistry of Science and ICT, South Korea
KeywordsComputer scienceComputer security

Abstract

fetched live from OpenAlex

SIM boxes have been playing a critical role in the underground ecosystem of international-scale frauds that steal billions of dollars from individual victims and mobile network operators across the globe.Many mitigation schemes have been proposed for these frauds, mainly aiming to detect fraud call sessions; however, one direct approach to this problem-the prevention of the SIM box devices from network use-has not drawn much attention despite its highly anticipated benefit.This is exactly what we aim to achieve in this paper.We propose a simple access control logic that detects when unauthorized SIM boxes use cellular networks for communication.At the heart of our defense proposal is the precise fingerprinting of device models (e.g., distinguishing an iPhone 13 from any other smartphone models on the market) and device types (i.e., smartphones and IoT devices) without relying on international mobile equipment identity, which can be spoofed easily.We empirically show that fingerprints, which were constructed from network-layer auxiliary information with more than 31K features, are mostly distinct among 85 smartphones and thus can be used to prevent the vast majority of illegal SIM boxes from making unauthorized voice calls.Our proposal, as the very first practical, reliable unauthorized cellular device model detection scheme, greatly simplifies the mitigation against SIM box frauds.* These two authors equally contributed.are useful for such attacks is that they provide a means of circumventing the billing system at the local MNOs.Recently, we have witnessed a surge of an emerging type of criminal activities with a renewed interest in SIM boxes [42],[52], [53].Organized crime groups have quickly learned that with SIM boxes, they can mount financial scamming operations targeting people in a certain nation while staying outside the legal boundaries of their targets.Scam calls made through SIM boxes show local phone numbers on the target's mobiles, rendering these calls much less suspicious than traditional VoIP-based scam calls.These financial scams typically have targets in developed countries (where the expected financial gain is large) while their operations take place in less regulated, attacker-chosen countries anywhere on Earth [9].Over 256,000 phone frauds, worth approximately $18.6 billion, occurred in China in 2020 [17], [30].Korea also has suffered a significant loss of approximately $0.6 billion due to scam calls [37].For simplicity, we will refer to those frauds using SIM boxes as "SIM box frauds" throughout this paper.

Fetched live from OpenAlex and de-inverted. Abstracts are not stored in this database: the inverted indexes are 8.6 GB of the frame’s 9.3 GB of text, and the host has 13 GB free.

Full frame distilled prediction

Teacher imitation

Not calibrated prevalence, not ground truth. Human validation pending. Learned from the 10,348 direct Codex labels and 10,348 direct Gemma labels. Candidate is the union of thresholded teacher heads; consensus is their intersection. These outputs are machine_predicted_unvalidated and are not human labels or direct frontier model labels.

metaresearch head score (Codex)0.001
metaresearch head score (Gemma)0.000
Version: codex-gemma-dda1882f352aValidation status: machine_predicted_unvalidated
Candidate categoriesnone
Consensus categoriesnone
DomainCandidate signal: none · Consensus signal: none
Study designCandidate signal: Simulation or modeling · Consensus signal: Simulation or modeling
GenreCandidate signal: Empirical · Consensus signal: none
Teacher disagreement score0.615
Threshold uncertainty score0.579

Codex and Gemma teacher scores by category

CategoryCodexGemma
Metaresearch0.0010.000
Meta-epidemiology (narrow)0.0000.000
Meta-epidemiology (broad)0.0000.000
Bibliometrics0.0000.001
Science and technology studies0.0000.000
Scholarly communication0.0000.000
Open science0.0010.001
Research integrity0.0000.000
Insufficient payload (model declined to judge)0.0000.000

Machine scores (provisional)

The two teacher heads of the student model, read on this work. A score orders the frame for review; it never asserts a category, and the validation status ships verbatim with every row.

Baseline scores from an immature model (maturity gate not passed, 7 training rounds). Scores rank; they never assert a category.

Opus teacher head0.041
GPT teacher head0.286
Teacher spread0.244 · how far apart the two teachers sit on this one work
Validation statusscore_only:v0-immature-baseline · verbatim from the scoring run: score_only means the number may rank works, and no category label ships from it