The Federal Trade Commission has put forth a contest to design and develop a system that can identify those annoying, unwanted, cold robotic calls (or ‘robocalls’ for short). For those of our friends who are thinking that these calls are internet-based or are conducted over Skype, Teamspeak or Ventrilo, you would be wrong. Though the calls have to deal with a computer in some way, but not entirely, a robocall is simply a phone call that uses a computerized auto-dialer to deliver a pre-recorded message – as if from a robot. They are mostly used for political campaigns, telemarketing and have sometimes been used for public service or emergency announcements.
The Federal Trade Commission will select five lucky people as a part of their contest labeled, “Robocalls: Humanity Strikes Back.” The first phase launched today (Wednesday, March 25th) and will be active until the 15th of June, 2015 and the final contest will end on the 9th of August, 2015.
— Anon.Dos (@anondos_) March 25, 2015
Jessica Rich, the head of the Federal Trade Commission’s Bureau of Consumer Protection, states that, “Following the success of our previous robocall challenges, we are once again seeking expertise from the public to put a new tool in consumers’ hands and to develop technology to help law enforcement and other partners investigate these calls. We are using many strategies to fight robocalls, including law enforcement, education, and crowd-sourced innovation.”
The five individuals that complete the first round will advance to the final round. The inventors will then compete, using their best work, and one will win the grand prize of twenty five thousand dollars.
In 2013, a sum of fifty thousand dollars was divided among three winners who created a robocall blocking system. Two of the inventions were able to disconnect the robocalls before they ended up at the consumer’s phone and the third one was able to create a database; but of course it needed the help of different people calling in and reporting numbers.
If you are willing to participate, you need to submit an email and they will update you with all the details. The registration due date is the 15th of June, 2015 by 7PM (PST).
Image Source: REUTERS / Chris Wattie – A sign is seen during a demonstration against last year’s election campaign on Parliament Hill in Ottawa March 5, 2012. An investigation into alleged dirty tricks during last year’s Canadian election campaign has been broadened after the number of complaints snowballed into the tens of thousands, the federal agency that runs elections said on Friday.
If you are wondering what the challenges are like, these were the challenges taken from the DEF CON 22 – they should help you to understand and maybe create a better solution:
Phase 1 challenged contestants to build a ‘honey pot’ that identifies inaccurate information in incoming calls, such as spoofed caller IDs, or determining which calls are likely robocalls. Jon’s honey pot uses a combination of an audio captcha filter, call detail analysis, and recording and transcription analysis to determine, on a sliding scale, the likelihood that an incoming call was a robocall.
Judges scored submissions based on functionality and accuracy, as well as innovation and creativity. To be eligible for prizes, contestants had to satisfy the eligibility requirements specified in the contests official rules. The winning solutions included an open source code and were designed to assist in the battle against robocallers, and the FTC was to post additional information about the submissions online.
The challenge was to circumvent an existing honey pot and prevent it from collecting information from incoming calls. So they devised ‘DROID RACHEL,’ this is an Android-based smart dialer featuring multi-layered honey pot detection and enabling highly targeted, distributed robocall campaigns. It recognizes and avoids numbers with less human characteristics, while focusing on target numbers within the same area code. With 1 billion Android devices in use, DROID RACHEL demonstrates the potential role of mobile devices in distributed voice phishing and SMS phishing campaigns.
Description of DROID RACHEL’s honey pot circumvention techniques:
- Carrier Check: DROID RACHEL is optimized to reach individuals, which are likely customers of AT&T or Verizon. Other carrier + VoIP landlines are ignored.
- C-Name Check: DROID RACHEL avoids numbers with placeholder “City State” CNAME records. High value targets have valid CNAME records.
- Type Check: DROID RACHEL prefers wireless numbers for higher response rates as well to support remotely configurable SMS campaigns.
- Area Code Check: DROID RACHEL matches the area code of the dialer with the target area code for significant higher response rates.
- Active Cell Phone Lines: A significant volume of telemarketing and fraud calls are sent from VoIP based systems today. DROID RACHEL uses higher trusted cellular phone lines.
- Distributed Attack(s): DROID RACHEL assumes the presence of traffic based detection; it may distribute an attack over millions of devices (across locations, actors, devices and time).
- SMS is a proven, widely used, alternative platform for soliciting, impersonating and defrauding individuals. DROID RACHEL can be expanded to use SMS exclusively or in combination with robocalls.
- Viral & Low Cost: DROID RACHEL can reach new devices (“actors”) as a for profit application or as malware. DROID RACHEL executes in the device’s idle background, during business hours.
The final phase challenged participants to analyze call data from an existing honey pot and develop algorithms that predict which calls are likely robocalls.
Image Source: Google Image – A comic showing FCC cracks down robocalls.
The winning solution focused on metrics such as the number of calls made, whether the number called was a toll-free number, and the time of the call to identify likely robocalls. Sean’s solution focused on time of call and number of calls made, while Dark Typhoon’s solution utilized additional metrics such as the area code and exchange numbers called.
Judges scored submissions based on functionality and accuracy, as well as innovation and creativity. To be eligible for prizes, contestants had to satisfy the eligibility requirements specified in the Official Rules. Complete rules and judging criteria are available on the contest webpage. The winning solutions include open-source code and are designed to assist in the battle against robocallers, and the FTC will post additional information about the submissions online in the coming weeks.
“We have long acknowledged that we need to pursue many different strategies in the ongoing battle against illegal robocallers, including but not limited to law enforcement, consumer education, and the stimulation of technological solutions. There is no silver bullet that will magically solve the problem on its own, but we continue to make progress on all fronts.” -Cheryl Warner, spokeswoman for the Federal Trade Commission.
SOURCES: Wikipedia SMS Phishing, The Daily Dot, National Post, CBC, Elections Canada, The Star, FTC, Cornell Law School, DM News, UPI, Concord Monitor, http://papers.ssrn.com/sol3/papers.cfm?abstract_id=1309780, US Senate, GovTrack, Don’t Call Me Shirley, JRN, CNN, Nomorobo, Wikipedia Voice Phishing