Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Dumping an open source Honeypot on Rachel: FTC reloads on liquidating robocallers

Michael Cooney | July 21, 2014
FTC sets rules for second robocall challenge at DEF CON.

The Federal Trade Commission today announced the rules for its second robocall exterminating challenge, known this time as Zapping Rachel Robocall Contest. "Rachel From Cardholder Services," was a large robocall scam the agency took out in 2012.

The Zapping Rachel contest will take place at DEF CON 22 in Las Vegas Aug. 7-10, and offers partakers $17,000 in cash prizes for developing open-source packages that could be used to build an advance robocall honeypot, circumvent or trick a honeypot, or analyze data from an existing honeypot, the FTC said.

The FTC said a robocall honeypot is an information system designed to attract robocalls and gather information about them, which can help researchers and investigators combat these illegal, prerecorded messages.

According to the FTC Zapping Rachel will consist of three stand-alone phases:

1. A "Creator" phase where contestants will build honeypots that can recognize inaccurate information in the calls they receive, such as spoofed caller IDs, and identify calls that are likely robocalls. In designing the honeypot, competitors may not include any feature that requires ongoing manual processing.

2. The "Attacker" phase will get contestants to think like robocallers and attempt to circumvent or trick a honeypot created for the contest. Each contestant will receive a list of 25 phone numbers that belong to a robocall honeypot set up on the Twilio platform. Contestants will also have free access to a Twilio account with $15 of credit, which could equate to 200 calls to any of the 25 numbers. The credit may also be applied toward other Twilio features. Contestants will attempt to circumvent the robocall honeypot. Merely spoofing the caller ID information (i.e., providing inaccurate or missing Caller ID data) will not be counted as circumvention of the robocall honeypot.

3. The third "Detective" phase asks contestants to analyze data and develop an algorithm to predict which calls from an existing honeypot are likely robocalls. Judges will score submissions based on functionality and accuracy, as well as innovation and creativity. Each phase 3 contender will receive two sets of call data from an existing robocall honeypot. The Sponsor will provide this data at the FTC's "Zapping Rachel" booth at DEF CON 22, beginning at 9:00 am (PDT) on August 7, 2014

The first data set will identify calls that, based on real-world information, are likely to have been a robocall (a call delivering a prerecorded message). Based on information provided in the first data set, Contestants will develop an algorithm and will predict which of the calls in the second data set are likely to be robocalls. In addition to submitting these predictions, each Contestant will submit all source code and a written description of the algorithm consisting of fewer than 250 words.

 

1  2  Next Page 

Sign up for CIO Asia eNewsletters.