KAIST "Development of 'Simbaks' Identification Technology for Voice Phishing"
A technology that can distinguish between regular mobile phones and phones used by voice phishing criminals has been developed.
KAIST announced on the 21st that a research team led by Professor Yongdae Kim from the Department of Electrical Engineering developed a fundamental technology that enables mobile carriers to identify SIM boxes used in voice phishing.
Photo by Getty Images
All devices, including mobile phones, communicate their supported features to the mobile network when connecting. The research team proposed a method to distinguish mobile device models using about 1,000 of these features and demonstrated that they could classify over 100 different mobile device models. They also confirmed that when this technology was applied to SIM boxes used in voice phishing, it could clearly distinguish between regular mobile phones and SIM boxes.
Currently, mobile carriers use the International Mobile Equipment Identity (IMEI), a unique 15-digit number assigned to every device, to identify device types and models. The IMEI includes an 8-digit number called the Type Allocation Code (TAC), which represents the device model on the mobile network.
The key feature of this technology is that it can identify devices on the mobile network even if they have been tampered with to use a TAC from a different model, including malicious devices. This characteristic is useful for detecting SIM boxes currently exploited in voice phishing. Since SIM boxes support IMEI tampering, mobile carriers can mistakenly classify them as regular mobile phones. Using only the TAC, as done previously, cannot detect these SIM boxes. This new technology does not rely on the TAC for device model identification, so even if a SIM box tampers with it to connect to the mobile network, it can be effectively identified.
There is a significant difference between mobile phones and SIM boxes in their development process. Mobile communication chipset developers like Qualcomm and Samsung produce the latest chipsets with new features every year for the newest mobile phones. In contrast, SIM boxes, which focus mainly on phone functions, use relatively low-spec chipsets. Additionally, unlike SIM box manufacturers, mobile phone manufacturers implement various chipset features into their devices. These development differences lead to differences in the features supported by mobile phones and SIM boxes. The technology developed by the research team uses these device feature information as unique identifiers to classify device models. Test results confirmed that over 100 mobile phone models were well distinguished, and furthermore, mobile phones and SIM boxes were clearly differentiated. Therefore, this technology is expected to be sufficiently useful for detecting SIM boxes if applied by mobile carriers.
This research was accepted at the 'NDSS (Network and Distributed System Security) Symposium 2023,' one of the top security conferences.
Co-author Beomseok Oh, a KAIST researcher, said, "We have confirmed that mobile phones and SIM boxes are well distinguished using over 100 mobile devices," adding, "To apply this technology to actual voice phishing, verification using commercial data in cooperation with mobile carriers and further technological advancement are necessary."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
