KR101779696B1 - Method and apparatus for detecting voice phishing - Google Patents

Method and apparatus for detecting voice phishing Download PDF

Info

Publication number
KR101779696B1
KR101779696B1 KR1020160016353A KR20160016353A KR101779696B1 KR 101779696 B1 KR101779696 B1 KR 101779696B1 KR 1020160016353 A KR1020160016353 A KR 1020160016353A KR 20160016353 A KR20160016353 A KR 20160016353A KR 101779696 B1 KR101779696 B1 KR 101779696B1
Authority
KR
South Korea
Prior art keywords
voice
portable terminal
phishing detection
voice phishing
party
Prior art date
Application number
KR1020160016353A
Other languages
Korean (ko)
Other versions
KR20170094967A (en
Inventor
홍동철
Original Assignee
홍동철
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 홍동철 filed Critical 홍동철
Priority to KR1020160016353A priority Critical patent/KR101779696B1/en
Publication of KR20170094967A publication Critical patent/KR20170094967A/en
Application granted granted Critical
Publication of KR101779696B1 publication Critical patent/KR101779696B1/en

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/12Detection or prevention of fraud
    • GPHYSICS
    • G10MUSICAL INSTRUMENTS; ACOUSTICS
    • G10LSPEECH ANALYSIS TECHNIQUES OR SPEECH SYNTHESIS; SPEECH RECOGNITION; SPEECH OR VOICE PROCESSING TECHNIQUES; SPEECH OR AUDIO CODING OR DECODING
    • G10L25/00Speech or voice analysis techniques not restricted to a single one of groups G10L15/00 - G10L21/00
    • G10L25/48Speech or voice analysis techniques not restricted to a single one of groups G10L15/00 - G10L21/00 specially adapted for particular use
    • G10L25/51Speech or voice analysis techniques not restricted to a single one of groups G10L15/00 - G10L21/00 specially adapted for particular use for comparison or discrimination
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W4/00Services specially adapted for wireless communication networks; Facilities therefor
    • H04W4/16Communication-related supplementary services, e.g. call-transfer or call-hold
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M2203/00Aspects of automatic or semi-automatic exchanges
    • H04M2203/60Aspects of automatic or semi-automatic exchanges related to security aspects in telephonic communication systems
    • H04M2203/6027Fraud preventions

Landscapes

  • Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Physics & Mathematics (AREA)
  • Audiology, Speech & Language Pathology (AREA)
  • Human Computer Interaction (AREA)
  • Health & Medical Sciences (AREA)
  • Acoustics & Sound (AREA)
  • Multimedia (AREA)
  • Computer Security & Cryptography (AREA)
  • Computational Linguistics (AREA)
  • Telephone Function (AREA)
  • Telephonic Communication Services (AREA)

Abstract

A voice phishing detection method and system are disclosed. The method of detecting a voice phishing according to an embodiment of the present invention includes the steps of detecting occurrence of a call event at a portable terminal, recording a voice of a counterpart through a counterpart voice recording function provided by the operating system as the occurrence of the call event is detected And transmitting the voice of the other party to the voice phishing detection server connected through the network to request voice phishing detection. The voice phishing detection server detects the voice phishing between the white voice database, Generating a voice phishing detection result through comparison and transmitting the voice phishing detection result to the portable terminal; and performing control on the portable terminal based on the voice phishing detection result in the portable terminal.

Figure R1020160016353

Description

[0001] METHOD AND APPARATUS FOR DETECTING VOICE PHISHING [0002]

The present invention relates to a voice phishing detection method and system capable of effectively detecting and blocking voice phishing based on a voice of the other party.

Phishing starts with the fact that the security of the general user is not very conscious. Voice phishing on the phone is a user's suspicion when the attacker, who is the sender, says that he is a famous phone company, such as a bank or post office. This type of attack is a method of deceiving users from outside regardless of the internal security level of the institution.

The process by which an attacker deceives a user is very simple. In other words, it is all the process of deceiving a user to make a call, pretend to be an organization, and introduce it. Your phone displays the phone number of the source, but you do not know if it really is the phone number of the agency.

As such, the above-mentioned voice phishing is an attack method that is easy to think and easy to access because the attack cost is low, but it is hard to find a proper countermeasure against voice phishing. As a result, voice phishing has become increasingly common even today as security technology has developed.

Especially, in order to increase the success rate of the cheating, the attacker can obtain the telephone records of the other party, the credit card details, various bill, information related to the project through various routes and utilize them for pretexting. At this time, a panopticon occurs between the victim and the attacker, and the victim is easily deceived because the attacker does not doubt about the action requesting information.

Korean Registered Patent No. 10-1033973 (Registered May 2, 2011)

The present invention provides a voice phishing detection method and system capable of detecting voice phishing through comparison between a voice of a partner recorded in a portable terminal and data constructed in a white voice database in response to occurrence of a call event.

The present invention also provides a voice phishing detection method capable of detecting voice phishing through comparison between data constructed in a black voice database and a voice of the other party, when data coinciding with the voice of the other party in voice phishing detection does not exist in the white voice database, System.

The present invention provides a voice phishing detection method and system in which a user can record a voice of his / her acquaintance using his / her portable terminal and register the voice in a white voice database.

In addition, the present invention provides a voice phishing detection method and system that can detect whether a malicious app is installed or a malicious app install request through inspection of a portable terminal when voice phishing is detected based on a peer voice.

According to another aspect of the present invention, there is provided a voice phishing detection method comprising the steps of: detecting a call event occurring in a portable terminal; detecting, by the occurrence of the call event, The method comprising the steps of: recording a voice of the other party through a function; transmitting voice of the other party to the voice phishing detection server connected through a network to request voice phishing detection; Generating a voice phishing detection result through comparison between the stored white voice database and the counterpart voice, and transmitting the voice phishing detection result to the portable terminal; and performing control on the portable terminal based on the voice phishing detection result in the portable terminal .

According to an embodiment of the present invention, the step of detecting the occurrence of the call event may detect the state of the portable terminal and the state of the portable terminal and detect the incoming call using a manifest file in the Android operating system of the portable terminal, have.

According to an embodiment of the present invention, the voice phishing detection method may further include the steps of: executing the malicious application checking module in the portable terminal when the voice phishing detection result indicating that the corresponding call is voice phishing is received; Checking whether there is a malicious application in the portable terminal or an application installation request from the outside through execution of the application; displaying the result of the check on the portable terminal or analyzing the malicious application installed in the portable terminal, And requesting a phishing detection server.

According to an embodiment of the present invention, the voice phishing detection method may further include the step of providing a recording button for recording the other party's voice as the occurrence of the call event is detected, , ≪ / RTI >

According to an embodiment of the present invention, the voice phishing detection method may further include the steps of: providing a white voice registration button for voice registration as the call event is generated; The method comprising the steps of: recording the counterpart voice; requesting the voice phishing detection server to transmit the unique information of the portable terminal and the recorded counterpart voice to request a white voice registration; The detection server may further include storing the voice of the other party received from the portable terminal and the unique information of the portable terminal in the white voice database.

According to an embodiment of the present invention, the voice phishing detection server further includes a black voice database storing a black voice corresponding to voice phishing, and the step of generating and transmitting the voice phishing detection result to the portable terminal comprises: Is not present in the white voice database, the voice phishing detection result may be generated based on whether or not the partner voice exists in the black voice database.

According to an embodiment of the present invention, the voice phishing detection method may further include the steps of: providing a black voice registration button when the call event is generated; The method of claim 1, further comprising the steps of: recording a partner voice and transmitting the voice to the voice phishing detection server to request a black voice registration; In the step of FIG.

According to an embodiment of the present invention, the voice phishing detection method further comprises the steps of: extracting meaningful word data from the recognized partner's voice after recognizing the partner's voice generated during the call if the detection result is not voice phishing; Comparing the extracted word data with a previously stored voice phishing identification keyword to detect voice phishing and controlling the corresponding call.

According to an embodiment of the present invention, the voice phishing detection method may include the steps of: providing a button for registering the recorded voice of the other party to the voice phishing detection server after the detected call is terminated, As shown in FIG.

In order to solve the above-mentioned problem, in a voice phishing detection system according to an embodiment of the present invention, when a call event is detected, a voice of the other party is recorded through a partner voice recording function provided by the operating system of the portable terminal, A portable terminal for transmitting voice over a network to request voice phasing detection, receiving a detection result corresponding to a voice phishing detection request through the network, and controlling the corresponding call based on the detection result, And a voice phishing detection server for transmitting the voice phishing detection result to the portable terminal through a comparison between the white voice database stored in the white voice database and the voice of the other party.

According to the embodiment of the present invention, the portable terminal can detect the status of the portable terminal and the incoming call using the manifest file in the Android operating system of the portable terminal set by the intent filter operating.

According to the embodiment of the present invention, when the voice phishing detection result indicating that the corresponding call is voice phishing is received, the portable terminal checks whether there is a malicious app in the portable terminal or whether there is an app install request from the outside, An analysis module for displaying a result of checking or processing of the malicious application checking module on the portable terminal or analyzing malicious apps installed on the portable terminal to the voice phishing detection server, . ≪ / RTI >

According to the embodiment of the present invention, the portable terminal provides a recording button for recording the partner's voice after the occurrence of the call event, and executes the partner's voice recording function according to the operation of the recording button, After recording the voice, it can be transmitted to the voice phishing detection server.

According to the embodiment of the present invention, the portable terminal provides a white voice registration button for voice registration upon the occurrence of the call event, The voice phishing detection server transmits the specific information of the portable terminal and the recorded voice of the other party to the voice phishing detection server to request white voice registration, And stores the matching voice in the white voice database.

According to an embodiment of the present invention, the voice phishing detection system further includes a black voice database in which black voice corresponding to voice phishing is stored, and the voice phishing detection server, when the opposite voice does not exist in the white voice database The voice phishing detection result may be generated based on whether or not the other party's voice exists in the black voice database.

According to the embodiment of the present invention, the portable terminal provides a black voice registration button when the call event is generated, and records the voice of the other party through execution of the partner voice recording function in response to the operation of the black voice registration button And transmits the black voice registration request to the voice phishing detection server to request black voice registration, and the voice phishing detection server can store the partner voice transmitted from the portable terminal in the black voice database according to the black voice registration request.

According to an embodiment of the present invention, a recording time may be set in the peer voice recording function.

According to an embodiment of the present invention, when the voice phishing detection result is not voice phishing, the portable terminal recognizes a partner voice generated during a call, extracts meaningful word data from the recognized partner voice, Data and a pre-stored voice phishing identification keyword to detect voice phishing and control the corresponding call.

According to the embodiment of the present invention, the portable terminal provides a button for registering the recorded voice of the other party to the voice phishing detection server and registering it as white voice or black voice after the detected call is terminated, The voice of the other party can be transmitted.

According to the embodiments of the present invention, the voice of the acquaintances is registered in the white voice database of the voice phishing detection server during the call with the acquaintances, and the comparison is made between voice recorded in the conversation and voice registered in the white voice database. By detecting phishing, you can increase your voice phishing detection rate.

1 is a network configuration diagram illustrating a voice phishing detection system according to an embodiment of the present invention.
2 is a block diagram illustrating a voice phishing detection device in accordance with an embodiment of the present invention.
3A and 3B are flowcharts illustrating a voice phishing detection method according to an embodiment of the present invention.

Hereinafter, specific embodiments of the present invention will be described with reference to the drawings. The following detailed description is provided to provide a comprehensive understanding of the methods, apparatus, and / or systems described herein. However, this is merely an example and the present invention is not limited thereto.

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENTS Hereinafter, exemplary embodiments of the present invention will be described in detail with reference to the accompanying drawings. In the following description, well-known functions or constructions are not described in detail since they would obscure the invention in unnecessary detail. The following terms are defined in consideration of the functions of the present invention, and may be changed according to the intention or custom of the user, the operator, and the like. Therefore, the definition should be based on the contents throughout this specification. The terms used in the detailed description are intended only to describe embodiments of the invention and should in no way be limiting.

1 is a network configuration diagram illustrating a voice phishing detection system according to an embodiment of the present invention.

As shown in FIG. 1, the voice phishing interception system may include a portable terminal 110 and a voice phishing detection server 120 connected through a network 130. The voice phishing detection server 120 also includes a white voice database 140 and a black voice database 150 for generating a voice phishing detection result based on the other party's voice among the conversations received from the portable terminal 110, And a detection database 160 in which information such as a telephone number, an identification keyword, and the like is stored.

The portable terminal 110 includes a voice phishing detection device 200 installed on the basis of a voice phishing blocking application for detecting voice phishing in conjunction with the voice phishing detection server 120 and controlling the function of the portable terminal 110 or blocking a call ).

The portable terminal 110 is executed by the voice phishing detecting device 200 to detect whether a malicious application exists in the portable terminal 110 or an external server (not shown) And a malicious application checking module 110a for checking whether the installation request is received and processing the malicious application checking module 110a. At this time, the malicious application checking module 110a can remove the malicious application if it exists, or block the application installation request.

The voice phishing detection device 200 of the portable terminal 110 may include a voice phishing identification keyword and a voice phishing telephone number list and may include a function provided by the operating system in the portable terminal 110, An event module and a counterpart voice recording function for recording the other party's voice during a call to detect the occurrence of a call event at the portable terminal 110 and record the partner's voice for a predetermined time after the call connection (during a call) And send it to the voice phishing detection server 120 to request voice phishing detection for the call. Here, the peer voice recording function may be "MediaRecord.Audiosource.VOICE_DOWNLINK ", and the event module may be a portable terminal (for example, 110 AndroidManifest.xml in the operating system of the Android operating system. That is, the voice phishing detection device 200 detects an action tag that checks the status of the inserted portable terminal 110 in the intent filter, and an action tag that is operated when a call connection (incoming call) Lt; / RTI >

In addition, the voice phishing detection device 200 receives the voice phishing detection result from the voice phishing detection server 120 in response to the voice phishing detection request, and can control the call based on the voice phishing detection result.

Meanwhile, when a voice phishing detection result is received from the voice phishing detection server 120, the voice phishing detection device 200 detects a voice word generated by recognizing the opposite voice generated through voice recognition during a call A comparison between the data and voice phishing identification keywords can detect if the call is voice phishing and control the call according to the detection of voice phishing.

In an embodiment of the present invention, the voice phishing identification keyword includes, but is not limited to, an account, a loan, a payment, an accident, and the like.

In addition, the voice phishing detection device 200 can update the pre-stored information and the application by checking the information for pre-stored voice blocking and the version of the application. Specifically, the voice phishing detection device 200 transmits version information to the voice phishing prevention service server 120, and based on the version checking result of the voice phishing protection service server 120, And can update the stored information and application.

In an embodiment of the present invention, the information stored in the voice phishing detection device 200 may be a voice phishing identification keyword and a voice phishing telephone number list.

Meanwhile, when the voice phishing detection result of voice phishing is received from the voice phishing detection server 120, the voice phishing detection device 200 executes the malicious app checking module 110a in the portable terminal 110, The malicious application is checked and processed to determine whether a malicious application exists in the mobile terminal 110 or an application installation request from the outside, and the result of checking or processing is displayed on the portable terminal 110, Phishing detection server 120 as described above.

Meanwhile, in the embodiment of the present invention, the portable terminal 110 is a mobile communication device with guaranteed portability and mobility, for example, a PCS (Personal Communication System), a GSM (Global System for Mobile communication), a PDC ), PHS (Personal Handyphone System), PDA (Personal Digital Assistant), IMT (International Mobile Telecommunication) -2000, CDMA (Code Division Multiple Access) -2000, W-CDMA A handheld-based wireless communication device such as a broadband Internet terminal, a smartphone, a smart pad, a tablet PC, and the like.

2 is a block diagram illustrating a voice phishing detection device 200 in accordance with an embodiment of the present invention.

2, the voice phishing detection apparatus 200 includes a call sensing unit 210, a counterpart voice processing unit 220, a voice recognition unit 220, a terminal control unit 230, a voice recognition unit 240, A voice phishing detection unit 250, an update unit 260, a memory 270, an emotion state sensing unit 280, and a character reading unit 290.

The call sensing unit 210 senses the occurrence of a call event on the basis of the event module provided by the portable terminal 110 and can operate the counterpart voice processing unit 220 according to the occurrence of a call event.

In addition, the call detecting unit 210 detects a call event in the portable terminal 110, and detects the incoming or outgoing phone number for the call connection and the phone number list stored in the memory 250, for example, It is possible to determine whether or not the other party's voice processing unit 220 operates through comparison between the address books. Specifically, the call connection detecting unit 210 may operate the other party's voice processing unit 220 when the incoming or outgoing phone number is not present in the address book stored in the memory 250. [

The other party's voice processing unit 220 displays a recording button for recording the other party's voice generated during a call in response to the occurrence of a call event, and executes the other party's voice recording function in the portable terminal 110 according to the operation of the recording button, Based voice phishing detection for the call by recording the voice call to the voice phishing detection server 120 for a preset time. Here, the recording time, e.g., 30 to 40 seconds, is set in the other party's voice recording function.

In addition, the counterpart voice processor 220 provides a registration button for white voice registration and black voice registration as a call event is generated, and executes a partner voice recording function in response to the operation of the registration button, And transmits it to the voice phishing detection server 120 together with the unique information of the portable terminal 110, for example, the mobile phone number, to request a white voice registration or request a black voice registration.

On the other hand, when a voice phishing detection result is received from the voice phishing detection server 120 in response to the voice phishing detection request, the counterpart voice processing unit 220 provides the corresponding command to the terminal control unit 230, It is possible to control the operation of the controller 110. Specifically, when the corresponding call is voice phishing as a result of the voice phishing detection, the other party's voice processing unit 220 provides the first command to the terminal control unit 230, and if not, detects voice phishing based on the keyword detection 2 command to the terminal control unit 230. [

The terminal control unit 230 may control the call, for example, according to the first command received from the other party's voice processing unit 220.

In addition, the terminal control unit 230 may include an execution module for executing a malicious application checking module 110a for checking whether a malicious application exists in the portable terminal 110 or an application installation request from the outside according to a first instruction word The voice phishing detection server 120 may further include a detection result processing module 234 for displaying malicious apps 232 and check results on the portable terminal 110 or analyzing malicious apps installed on the portable terminal 110 .

Here, the detection result processing module 234 can display information for informing that it is voice phishing and information corresponding to the check result on the call application by popping up.

The terminal control unit 230 operates the voice recognition unit 240 according to the second command received from the other party's voice processing unit 220 and can provide the voice phishing detection unit 250 with the telephone number connected to the voice recognition unit 240. [

Also, the terminal control unit 230 can control the portable terminal 110 for the call control and report function of the portable terminal 110 as voice phishing is detected. Specifically, the terminal control unit 230 may terminate the call of the portable terminal 110 upon detection of voice phishing, or may request a call connection to a preset phone number after termination of the call. In the embodiment of the present invention, the predetermined telephone number may be a telephone number registered by a user of the portable terminal 110 or a police telephone number.

Meanwhile, the terminal control unit 230 transmits the phone number of the other party to the voice phishing detection server 120 during the call according to the detection of the voice phishing, and transmits the voice phishing telephone number stored in the detection database 160 of the voice phishing detection server 120 You can update the list.

The voice recognition unit 240 recognizes a partner voice generated during a call connection, generates meaningful word data based on the recognized voice, and provides the generated voice data to the voice phishing detection unit 250. Specifically, the voice recognition unit 220 recognizes voice during a call using a voice recognition function of the mobile operating system in the portable terminal 110 or recognizes voice by using a voice recognition SDK module (installing an SDK module) And generate corresponding meaningful word data and provide it to the voice phishing detection unit 250.

The voice phishing detection unit 250 can detect whether or not voice phishing is performed on the call through comparison between the word data provided by the voice recognition unit 240 and the voice phishing identification keyword stored in the memory 260. Specifically, if the voice phishing identification keyword is included in the word data, the voice phishing detection unit 250 may detect the voice call as voice phishing and request the terminal control unit 230 to perform call control.

Also, the voice phishing detection unit 250 can detect whether or not voice phishing is performed on the call through comparison between the telephone number provided from the terminal control unit 230 and the voice phishing telephone number list stored in the memory 260. Specifically, if the telephone number to be connected is within the list of voice phishing telephone numbers stored in the memory 260, the voice phishing detecting unit 250 detects voice phishing and requests a call control to the terminal control unit 230 .

The update unit 260 may detect voice phishing identification keywords stored in the memory 260 and version information of a list of voice phishing telephone numbers when a call connection request is detected by the call detection unit 210 or a predetermined time elapses, Server 120. The voice phishing detection server 120 determines whether the voice phishing detection server 120 is the latest version by checking the version information. If the version is not the latest version, the voice phishing detection server 120 searches the voice phishing- And send it to the detection device 200 to update the information stored in the memory 260.

The memory 270 stores a voice phishing identification keyword and a voice phishing telephone number list for comparison with the word data generated by the voice recognition unit 240 through voice recognition.

In addition, the address book of the portable terminal 110 is stored in the memory 270.

The voice phishing identification keyword and the list of voice phishing telephone numbers stored in the memory 270 may be updated by the voice phishing detection server 120 or updated via the user's input.

The voice phishing detection apparatus 200 according to the embodiment of the present invention may further include an emotion state sensing unit 280 and a character reading unit 290. [

The emotion state sensing unit 280 may sense the emotional state of the other party on the basis of the voice generated through voice recognition in the voice recognition unit 240. [ Specifically, when the size of the voice continuously increases for a preset time, the emotion state sensing unit 280 senses that the emotion state of the other party is an excited state and then requests the terminal control unit 230 to perform call control according to the sensed state. have.

The terminal control unit 230 may control the portable terminal 110 for executing the call control and reporting functions according to the call control request of the emotion state sensing unit 280. [

The character reading unit 290 reads out the telephone number of the calling party and the data therein, as the character message such as SMS or MMS is received on the portable terminal 110, and performs voice phishing detection (250). ≪ / RTI > Accordingly, the voice phishing detection unit 250 detects whether the corresponding character is a voice phishing character by comparing the read out side telephone number and data with the voice phishing identification keyword and the voice phishing telephone number list stored in the memory 270 .

As the voice phishing character is detected, the voice phishing detection unit 250 may display a warning message on the portable terminal 110.

The voice phishing detection server 120 performs voice phishing detection using the voice phishing detection device 200 by comparing the voice of the other party received from the portable terminal 110 with the white voice database 140 and the black voice database 150, After generating the phishing detection result, the phishing detection result can be transmitted to the portable terminal 110. Specifically, the voice phishing detection server 120 extracts a pattern of a voice of the other party to be received, and determines whether or not a similar pattern within a preset error range exists in the white voice database 140, If there is no similar pattern to the extracted or generated pattern in the white voice database 140, whether or not a similar pattern exists within the predetermined error range exists in the black voice database 150, Can be generated. That is, if a pattern similar to the extracted pattern exists in the white voice database 140, the voice phishing detection server 120 determines that the call is a normal call, and then transmits a voice phishing detection result corresponding thereto And transmits the voice phishing detection result to the terminal 110. Otherwise, it is determined whether or not a pattern similar to the extracted pattern exists within the predetermined error range in the black voice database 150, and a voice phishing detection result can be generated based on the determination result have.

In addition, the voice phishing detection server 120 generates a pattern of the voice of the other party received in the voice registration request as the white voice registration request is received from the portable terminal 110, stores the pattern in the white voice database 140, As the black voice registration request is received from the portable terminal 110, a pattern for the other party's voice received in the voice registration request may be generated and stored in the black voice database 150.

Meanwhile, the voice phishing detection server 120 may check the integrity of the application based on the analysis request of the application of the voice phishing detection device 200, and may transmit the analysis result corresponding to the integrity to the portable terminal 110.

Meanwhile, the voice phishing detection server 120 may distribute the application corresponding to the voice phishing detection device 200, and may store and manage the voice phishing telephone number list and the voice phishing identification keyword. To this end, the detection database 160 of the voice phishing prevention service server 120 stores a voice phishing telephone number list and a voice phishing identification keyword.

The voice phishing detection server 120 checks the version of the voice phishing identification keyword and voice phishing telephone number list in the portable terminal 110 through communication with the portable terminal 110 connected through the network 130, If the installed version in the portable terminal 110 is low, the latest version of the voice phishing identification keyword and voice phishing telephone number list can be provided to the portable terminal 110 for updating.

The operation of the voice phishing detection system having the above configuration will be described with reference to FIGS. 3A and 3B.

3A and 3B are flowcharts illustrating an operation process of the voice phishing detection device 200 according to an embodiment of the present invention.

As shown in FIGS. 3A and 3B, when a call event is detected through the event module (step 302), the voice phishing detection device 200 determines whether the phone number of the other party in response to the call connection request is stored in the memory 270 It is determined whether or not it exists in the phishing phone number list (step 304).

If it is determined in step 304 that the voice phishing detection device 200 is present, the voice phishing detection device 200 displays an alarm for informing that the call connection request is voice phishing, on the display unit (not shown) of the portable terminal 110, The call connection request is terminated (step 306). That is, the terminal control unit 230 rejects the call connection request and blocks the telephone reception by the user.

On the other hand, if it is determined in step 304 that the voice phishing detection apparatus 200 does not exist, the voice phishing detection apparatus 200 records the voice of the other party based on the time set in the voice recording function of the other party after the call connection is successful (step 308).

Then, the voice phishing detection device 200 transmits the recorded voice to the voice phishing detection server 120 connected through the network 130 to request voice phasing detection (step 310).

Then, the voice phishing detection device 200 receives the voice phishing detection result from the voice phishing detection server 120 (step 312), and determines whether the corresponding call is voice phishing based on the received voice phishing detection result Step 314).

The voice phishing detecting device 200 executes the malicious app checking module 110a to determine whether the malicious app is present in the portable terminal 110 or whether the malicious app exists in the external or external It is determined whether there is an app install request from the server (step 316).

If it is determined in step 316 that a malicious application exists or an application installation request is received from an external source, the voice phishing detection device 200 notifies the malicious application checking module 110a of the malicious application through the malicious application checking module 110a, For example, terminate (step 318).

Then, the voice phishing detection device 200 transmits information about the malicious apps checked through the malicious application checking module 110a to the voice phishing detection server 130 to request an analysis, From phishing detection server 130 (step 320).

On the other hand, if it is determined in step 316 that the malicious application does not exist or there is no external installation request, the voice phishing detection device 220 controls the detected call (step 322).

As a result of the determination in step 314, if the voice phishing is not detected, the voice phishing detection device 200 operates the voice recognition unit 240 to recognize the voice of the other party, extracts word data of the other party based on the voice of the other party (step 324) And provides the extracted word data to the voice phishing detection unit 250.

Thereafter, the voice phishing detection unit 250 determines whether there is a voice phishing identification keyword matching the word data through comparison between the word data and the voice phishing identification keyword stored in the memory 260 (step 326).

If it is determined in step 326 that the voice phishing detection unit 250 exists, the voice phishing detection unit 250 requests the terminal control unit 230 to control the call (step 328).

The terminal control unit 230 terminates the call and transmits the other party's phone number in the call to the voice phishing detection server 120 or transmits the other party's phone number to the voice phishing (Step 330). Here, the preset telephone number may be a police telephone number or a number registered by a user.

Meanwhile, in the above-described embodiment of the present invention, if the other party's telephone number does not exist in the voice phishing telephone list, the other party's voice is recorded through the other party's voice recording function and then transmitted to the voice phishing detection server 120 However, after the occurrence of the call event is detected and the call is connected, the user can request the recording voice registration on the portable terminal 110 or request the black voice registration. The voice phishing detection server 120 matches the unique information of the portable terminal 110 received from the portable terminal 110 with the voice of the other party and stores the matching information in the white voice database 140. The portable terminal 110 To the black voice database 150. The black voice database 150 may store the voice of the other party.

In addition, the voice phishing detection apparatus 200 according to the embodiment of the present invention provides an interface, e.g., a button, which can register white or black voice after a call is terminated, To the voice phishing detection server 120 so as to request registration, and to execute the malicious application checking module 110a after the registration request.

The method of operation of the voice phishing detection device 200 described above may also be implemented in the form of a recording medium including instructions executable by a computer, such as program modules, being executed by a computer. Computer readable media can be any available media that can be accessed by a computer and includes both volatile and nonvolatile media, removable and non-removable media. In addition, the computer-readable medium may include both computer storage media and communication media. Computer storage media includes both volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules or other data. Communication media typically includes any information delivery media, including computer readable instructions, data structures, program modules, or other data in a modulated data signal such as a carrier wave, or other transport mechanism.

It will be understood by those of ordinary skill in the art that the foregoing description of the embodiments is for illustrative purposes and that those skilled in the art can easily modify the invention without departing from the spirit or essential characteristics thereof. It is therefore to be understood that the above-described embodiments are illustrative in all aspects and not restrictive. For example, each component described as a single entity may be distributed and implemented, and components described as being distributed may also be implemented in a combined form.

It is intended that the present invention covers the modifications and variations of this invention provided they come within the scope of the appended claims and their equivalents. .

110: Portable terminal
120: Voice phishing detection server
130: Network
140: white voice database
150: Black voice database
160: Database for detection
200: Voice phishing detection device
210:
220:
230:
240:
250: Voice phishing detection unit
260: Update section
270: Memory
280: emotion state sensing unit
290:

Claims (19)

Detecting a call event occurrence in the portable terminal,
Recording a voice of the other party through a partner voice recording function provided by an operating system in the portable terminal as the occurrence of the call event is detected;
Transmitting the recorded voice of the other party to a voice phishing detection server connected through a network to request voice phishing detection;
Generating a voice phishing detection result through comparison between a white voice database in which the voice phishing detection server stores the white voice and the opposite voice according to the request and transmitting the voice phishing detection result to the portable terminal;
And performing control on the portable terminal based on the voice phishing detection result in the portable terminal,
The step of performing control on the portable terminal includes:
Executing a malicious app checking module in the portable terminal when the voice phishing detection result indicating that the call is voice phishing from the voice phishing detection server is received,
Checking whether a malicious application exists in the portable terminal or an application installation request from the outside through execution of the malicious application checking module;
Displaying the check result on the portable terminal or requesting the voice phishing detection server to analyze the malicious apps installed on the portable terminal.
The method according to claim 1,
Wherein the step of detecting occurrence of the call event comprises:
Detecting a state of the portable terminal and a voice phishing detection method using the manifest file in the Android operating system of the portable terminal set by the intent filter operating upon recognizing the incoming call.

delete The method according to claim 1,
In the voice phishing detection method,
Further comprising the step of providing a recording button for recording the opposite party's voice as the occurrence of the call event is detected,
And recording the voice of the other party according to an operation of the record button.
The method according to claim 1,
In the voice phishing detection method,
Providing a white voice registration button for voice registration as the call event is generated;
Recording the voice of the other party through execution of the function in accordance with the operation of the white voice registration button;
Transmitting unique information of the portable terminal and the recorded voice of the other party to the voice phishing detection server to request white voice registration;
Further comprising the step of matching the partner's voice received from the portable terminal at the voice phishing detection server with the unique information of the portable terminal according to a request for the white voice registration and storing the matching voice in the white voice database.
The method according to claim 1,
The voice phishing detection server comprises:
And a black voice database in which black voice corresponding to voice phishing is stored,
Generating the voice phishing detection result and transmitting the voice phishing detection result to the portable terminal,
And if the counterpart voice is not present in the white voice database, generating the voice phishing detection result based on whether the counterpart voice exists in a black voice database.
The method according to claim 6,
In the voice phishing detection method,
Providing a black voice registration button upon the occurrence of the call event;
Recording the counterpart voice through execution of the counterpart voice recording function in response to the operation of the black voice registration button and transmitting the voice to the voice phishing detection server to request black voice registration;
And storing the voice of the other party received from the portable terminal in the black voice database in response to the black voice registration request at the voice phishing detection server.
The method according to claim 1,
In the voice phishing detection method,
If the detection result is not voice phishing, extracting meaningful word data from the recognized partner voice after recognizing the partner voice generated during the call;
Comparing the extracted word data with a previously stored voice phishing identification keyword to detect voice phishing and controlling the corresponding call.
The method according to claim 1,
In the voice phishing detection method,
Further comprising the step of providing a button for registering the recorded voice of the other party to the voice phishing detection server and registering the recorded voice as white voice or black voice after the detected call is terminated.
As the occurrence of a call event is detected, a voice of the other party is recorded through the partner voice recording function provided by the operating system of the portable terminal, the voice of the other party is transmitted through the network to request voice phishing detection, A portable terminal for receiving a detection result corresponding to a detection request and controlling the corresponding call based on the detection result;
A white voice database storing a white voice,
And a voice phishing detection server for transmitting the voice phishing detection result to the portable terminal through comparison between white voice stored in the white voice database and the counterpart voice,
The portable terminal includes:
An execution module for executing a malicious application checking module for checking whether a malicious application exists in the portable terminal or an application installation request from the outside when the voice phishing detection result indicating that the corresponding call is voice phishing is received, ,
And displaying an analysis result of the malicious apps checking module on the portable terminal or analyzing malicious apps installed on the portable terminal by the voice phishing detection server.
11. The method of claim 10,
The portable terminal includes:
A voice phishing detection system for detecting a status of the portable terminal and an intent filter operating on recognizing an incoming call using a manifest file in the Android operating system of the portable terminal.
delete 11. The method of claim 10,
The portable terminal includes:
And a recording button for recording the other party's voice after the occurrence of the call event is detected. According to the operation of the recording button, the partner's voice recording function is executed to record the partner's voice, Transmitting voice phishing detection system.
11. The method of claim 10,
The portable terminal includes:
A white voice registration button for voice registration according to the occurrence of the call event, and recording the other party's voice through execution of the partner voice recording function in accordance with the operation of the white voice registration button, And transmits the recorded voice of the other party to the voice phishing detection server to request white voice registration,
Wherein the voice phishing detection server matches the voice of the other party received from the portable terminal with the unique information of the portable terminal according to the white voice registration request and stores the matching voice in the white voice database.
11. The method of claim 10,
The voice phishing detection system comprises:
And a black voice database in which black voice corresponding to voice phishing is stored,
The voice phishing detection server comprises:
Wherein the voice phishing detection result is generated based on whether or not the partner voice exists in the black voice database when the partner voice is not present in the white voice database.
16. The method of claim 15,
The portable terminal includes:
A black voice registration button is provided in response to the call event, and the voice of the other party is recorded through execution of the partner voice recording function in response to the operation of the black voice registration button, and then transmitted to the voice phishing detection server, Requesting voice registration,
Wherein the voice phishing detection server stores the peer voice transmitted from the portable terminal in the black voice database according to the black voice registration request.
11. The method of claim 10,
Wherein the peer voice recording function has a recording time set.
11. The method of claim 10,
The portable terminal includes:
If the result of the voice phishing detection is not voice phishing, recognizing a partner voice generated during a call, extracting meaningful word data from the recognized partner voice, comparing the extracted word data with a previously stored voice phishing identification keyword, And detecting phishing to control said call.
11. The method of claim 10,
The portable terminal includes:
A button for transmitting the recorded voice of the other party to the voice phishing detection server and registering the voice of the other party as white voice or black voice after the detected call is terminated and transmitting the recorded voice of the other party according to the operation of the button Voice phishing detection system.
KR1020160016353A 2016-02-12 2016-02-12 Method and apparatus for detecting voice phishing KR101779696B1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
KR1020160016353A KR101779696B1 (en) 2016-02-12 2016-02-12 Method and apparatus for detecting voice phishing

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
KR1020160016353A KR101779696B1 (en) 2016-02-12 2016-02-12 Method and apparatus for detecting voice phishing

Publications (2)

Publication Number Publication Date
KR20170094967A KR20170094967A (en) 2017-08-22
KR101779696B1 true KR101779696B1 (en) 2017-09-19

Family

ID=59757904

Family Applications (1)

Application Number Title Priority Date Filing Date
KR1020160016353A KR101779696B1 (en) 2016-02-12 2016-02-12 Method and apparatus for detecting voice phishing

Country Status (1)

Country Link
KR (1) KR101779696B1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11769492B2 (en) 2018-04-06 2023-09-26 Samsung Electronics Co., Ltd. Voice conversation analysis method and apparatus using artificial intelligence

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR102198333B1 (en) * 2019-06-13 2021-02-08 류장수 Application for preventing voice fishing, system and method for monitoring fishing including the same
KR102105059B1 (en) * 2019-06-27 2020-04-27 (주)에스에스알 Method and Server for Preventing Voice Phishing and computer program for the same
KR102503027B1 (en) * 2020-10-27 2023-02-23 임성중 Voice phishing preventing mehtod and voice phishing preventing apparatus
KR102558383B1 (en) * 2022-02-24 2023-07-24 (주)메티스 Application for preventing voice phishing and preventing system for for preventing voice phishing therewith

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007096963A (en) * 2005-09-29 2007-04-12 Saxa Inc Telephone apparatus

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007096963A (en) * 2005-09-29 2007-04-12 Saxa Inc Telephone apparatus

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US11769492B2 (en) 2018-04-06 2023-09-26 Samsung Electronics Co., Ltd. Voice conversation analysis method and apparatus using artificial intelligence

Also Published As

Publication number Publication date
KR20170094967A (en) 2017-08-22

Similar Documents

Publication Publication Date Title
KR101779696B1 (en) Method and apparatus for detecting voice phishing
US9585006B2 (en) Express mobile device access provisioning methods, systems, and apparatus
KR101431596B1 (en) Apparatus and method for preventing voice phishing and user terminal for the same
US12010265B2 (en) Dynamically providing safe phone numbers for responding to inbound communications
CN106464502B (en) Method and system for authentication of a communication device
WO2019178817A1 (en) Product sales volume extraction and reporting method, payment method, and terminal apparatus
US20210406909A1 (en) Authorizing transactions using negative pin messages
JP2015111329A (en) Network service providing system, network service providing method, and program
CN107230060A (en) The method and apparatus that a kind of account is reported the loss
US20240028858A1 (en) System and method for generating a dynamic machine readable code
US11093945B1 (en) Electronic commerce fraud mitigation in a wireless communication network
KR20150003506A (en) Method and system for cutting malicious message in mobile phone, and mobile phone implementing the same
KR101749939B1 (en) Electronic payment certification server based on payment image matched with phone number, electronic payment system, electronic payment method and electronic payment application
CN106980778A (en) Information authentication method, device and terminal device
CN113015097A (en) Method, device and equipment for preventing telecommunication fraud
KR102156905B1 (en) method for verifying user of messenger account for preventing messenger phishing
Rao et al. Suspicious Call Detection and Mitigation Using Conversational AI
KR101060122B1 (en) Method and device for processing spam message
US20240195904A1 (en) Nlp-based call monitoring method for preventing voice phishing and apparatus therefor
KR20230102552A (en) Phishing Detection System Using Voice Call and Text Trap Server
KR20210020743A (en) method for verifying user of messenger account for preventing messenger phishing
KR20240037647A (en) System and method for application verification
KR101078669B1 (en) Event management system and method of portable terminal based on location information
KR20140142182A (en) Method for determining illegal use of card in cash card use security system and computer-readable recording medium storing the same
US20140229378A1 (en) Systems and methods for authentication notification

Legal Events

Date Code Title Description
A201 Request for examination
E902 Notification of reason for refusal
E701 Decision to grant or registration of patent right
GRNT Written decision to grant