This afternoon, postdoc Payas Gupta will be presenting “Phoneypot: Data Driven Understanding of Telephony Threats” at the 2015 Network and Distributed System Security Symposium (NDSS) in San Diego, CA. This presentation will be the culmination of a collaboration between Pindrop Security and Georgia Tech to create the first large scale phone honeypot for the purpose of detecting and tracking automated callers or “robocallers.”
Although there exist crowd sourced complaint datasets about telephony abuse, such complaints are often filed after a user receives multiple calls over a period of time, and sometimes they lack important information. Honeypot technologies can be used to augment telephony abuse intelligence and improve its quality.
PhoneypotTM is a large-scale telephony honeypot that allowed researchers to collect data from 1.3 million calls from 250K unique sources over a seven-week period. The phoneypot detected calling patterns for unwanted callers, such as debt collectors and telemarketers, as well as telephony denial-of-service attacks. This provides researchers with new insights into telephony abuse and attack patterns.
This work is already contributing to Pindrop’s phone fraud and unwanted call detection solutions. Pindrop’s research team is dedicated to continually improving in our ability to detect new and diverse threats in the phone channel and other voice-based medium.
Update: Payas Gupta’s research was named Best Paper at NDSS 2015. Read the full paper here.
Payas Gupta – New York University Abu Dhabi
Bharat Srinivasan – Georgia Institute of Technology
Vijay Balasubramaniyan – Pindrop Security
Mustaque Ahamad – Georgia Institute of Technology and New York University Abu Dhabi
About NDSS 2015
This 3.5-day event, attended annually by researchers and practitioners from industry, academia, and government, features presentations on original research and talks by industry leaders. Topics covered include distributed systems and networks, web security and privacy, intrusion detection and attack analysis, anonymity and cryptographic systems, security protocols and policies, languages and systems security, malware, spam and more. Learn more