Виявлення телефонних абонентів із аномальною поведінкою за допомогою аналізу властивостей мережі
Анотація
Актуальність. Використання мережі телефонних абонентів з метою шахрайства, продажу товарів та послуг, спаму призводить до щорічних фінансових втрат у мільярди доларів у всьому світі. Проблема вивчалася ще 1996р. і до сьогодні є актуальною, незважаючи на безліч способів протидії та захисту. Традиційні методи, такі як списки блокування та моніторинг частоти викликів, часто неефективні проти спамерів, які обходять ці системи, змінюючи моделі поведінки.
Мета. Метою роботи є вивчення використання мережевих властивостей абонентів, таких як коефіцієнти кластеризації, центральність та середня довжина найкоротшого шляху, як критерії для виявлення абонентів з аномальною поведінкою в динамічній телефонній мережі.
Методи дослідження. Моделювання та чисельний експеримент.
Результати. Дослідження показує, що глобальний коефіцієнт кластеризації є чутливою мірою виявлення присутності спамерів в мережі. Його значення знижується в кілька разів при появі спамерів. При класифікації абонентів на звичайний та спамер за допомогою моделі Random Forest, найважливішими властивостями є локальний коефіцієнт кластеризації, середня довжина найкоротшого шляху, ступінь та центральність абонента в мережі. За даними моделювання мережі телефонних абонентів було виявлено, що при розмірі вікна вимірювання у 4 дні показник точності класифікатора (F1 score) та точності виявлення спамерів (TPR) досягає значень 80%.
Висновки. Використання мережевих характеристик абонентів позитивно впливає на точність виявлення абонентів з аномальною поведінкою, але при цьому вимагає часу, щоб спамери та звичайні абоненти стали помітними за мережевими характеристиками.
Завантаження
Посилання
/Посилання
N. Davey, S. Field, R. Frank, P. Barson, and G. McAskey, “The detection of fraud in mobile phone networks”, Neural Network World, vol. 6, no. 4, pp. 477–484, 1996.
H. Li et al., “A Machine Learning Approach To Prevent Malicious Calls Over Telephony Networks”, in 2018 IEEE Symposium on Security and Privacy (SP), May 2018, pp. 53–69. DOI: 10.1109/SP.2018.00034. (Last accessed: 15.11.2024).
“FCC fines illegal robocalling company a record-breaking $300 MILLION after it made more than five billion calls to more than 500M phone numbers in a three-month span | Daily Mail Online.” Accessed: Aug. 16, 2024. URL: https://www.dailymail.co.uk/news/article-12371697/FCC-fines-illegal-robocalling-company-record-breaking-300-MILLION-five-billion-calls-500M-phone-numbers-three-month-span.html (Last accessed: 15.11.2024).
N. Jiang et al., “Isolating and analyzing fraud activities in a large cellular network via voice call graph analysis”, in Proceedings of the 10th international conference on Mobile systems, applications, and services, Low Wood Bay Lake District UK: ACM, Jun. 2012, pp. 253–266. DOI: 10.1145/2307636.2307660. (Last accessed: 15.11.2024).
H. Tu, A. Doupe, Z. Zhao, and G.-J. Ahn, “SoK: Everyone Hates Robocalls: A Survey of Techniques Against Telephone Spam”, in 2016 IEEE Symposium on Security and Privacy (SP), San Jose, CA: IEEE, May 2016, pp. 320–338. DOI: 10.1109/SP.2016.27. (Last accessed: 15.11.2024).
P. Patankar, G. Nam, G. Kesidis, and C. R. Das, “Exploring Anti-Spam Models in Large Scale VoIP Systems”, in 28th IEEE International Conference on Distributed Computing Systems (ICDCS 2008), 17-20 June 2008, Beijing, China, IEEE Computer Society, 2008, pp. 85–92. DOI: 10.1109/ICDCS.2008.71. (Last accessed: 15.11.2024).
F. Wang, Y. Mo, and B. Huang, “P2P-AVS: P2P Based Cooperative VoIP Spam Filtering”, in Proceedings of the 2007 IEEE Wireless Communications and Networking Conference, USA: IEEE Computer Society, 2007, pp. 3547–3552. DOI: 10.1109/WCNC.2007.650. (Last accessed: 15.11.2024).
N. Jiang, Y. Jin, A. Skudlark, and Z.-L. Zhang, “Greystar: fast and accurate detection of SMS spam numbers in large cellular networks using grey phone space”, in Proceedings of the 22nd USENIX Conference on Security, in SEC’13. USA: USENIX Association, 2013, pp. 1–16. DOI: 10.5555/2534766.2534768. (Last accessed: 15.11.2024).
A. Leontjeva, M. Goldszmidt, Y. Xie, F. Yu, and M. Abadi, “Early security classification of skype users via machine learning”, in Proceedings of the 2013 ACM workshop on Artificial intelligence and security, Berlin Germany: ACM, Nov. 2013, pp. 35–44. DOI: 10.1145/2517312.2517322. (Last accessed: 15.11.2024).
Y. Rebahi, D. Sisalem, and T. Magedanz, “SIP Spam Detection”, in International Conference on Digital Telecommunications (ICDT’06), Cote d’Azur, France: IEEE, 2006, pp. 68–68. DOI: 10.1109/ICDT.2006.69. (Last accessed: 15.11.2024).
N. Miramirkhani, O. Starov, and N. Nikiforakis, “Dial One for Scam: A Large-Scale Analysis of Technical Support Scams”, in Proceedings 2017 Network and Distributed System Security Symposium, San Diego, CA: Internet Society, 2017. DOI: 10.14722/ndss.2017.23163. (Last accessed: 15.11.2024).
S. Subudhi and S. Panigrahi, “Use of Possibilistic Fuzzy C-means Clustering for Telecom Fraud Detection”, in Computational Intelligence in Data Mining, vol. 556, H. S. Behera and D. P. Mohapatra, Eds., in Advances in Intelligent Systems and Computing, vol. 556. , Singapore: Springer Singapore, 2017, pp. 633–641. DOI: 10.1007/978-981-10-3874-7_60. (Last accessed: 15.11.2024).
S. Subudhi and S. Panigrahi, “Quarter-Sphere Support Vector Machine for Fraud Detection in Mobile Telecommunication Networks”, Procedia Computer Science, vol. 48, pp. 353–359, 2015, DOI: 10.1016/j.procs.2015.04.193. (Last accessed: 15.11.2024).
R. Zhang and A. Gurtov, “Collaborative Reputation-based Voice Spam Filtering”, in 2009 20th International Workshop on Database and Expert Systems Application, Linz, Austria: IEEE, 2009, pp. 33–37. DOI: 10.1109/DEXA.2009.95. (Last accessed: 15.11.2024).
D. Ucci, R. Perdisci, J. Lee, and M. Ahamad, “Building a Collaborative Phone Blacklisting System with Local Differential Privacy”, Jun. 16, 2020, arXiv: arXiv:2006.09287. URL: http://arxiv.org/abs/2006.09287 (Last accessed: 15.11.2024).
J. Daka and M. Nyirenda, “Smart Mobile Telecommunication Network Fraud Detection System Using Call Traffic Pattern Analysis and Artificial Neural Network”, vol. 12, pp. 43–50, Apr. 2023, DOI: 10.5923/j.ajis.20221202.01. (Last accessed: 15.11.2024).
Q. Zhao, K. Chen, T. Li, Y. Yang, and X. Wang, “Detecting telecommunication fraud by understanding the contents of a call”, Cybersecur, vol. 1, no. 1, p. 8, Dec. 2018, DOI: 10.1186/s42400-018-0008-5. (Last accessed: 15.11.2024).
Department of Computer Science and Engineering, Obafemi Awolowo University, Ile-Ife, Nigeria, B. O. Akinyemi, O. H. Odukoya, M. L. Sanni, G. Sewagnon, and G. A. Aderounmu, “Performance Evaluation of Machine Learning based Robocalls Detection Models in Telephony Networks” IJCNIS, vol. 14, no. 6, pp. 37–53, Dec. 2022, DOI: 10.5815/ijcnis.2022.06.04. (Last accessed: 15.11.2024).
M. Fire, G. Katz, and Y. Elovici, “Strangers intrusion detection-detecting spammers and fake profiles in social networks based on topology anomalies”, Human journal, vol. 1, no. 1, pp. 26–39, 2012.
C. Chaparro and W. Eberle, “Detecting Anomalies in Mobile Telecommunication Networks Using a Graph Based Approach”. URL: https://cdn.aaai.org/ocs/10377/10377-46053-1-PB.pdf. (Last accessed: 15.11.2024).
X. Hu, H. Chen, H. Chen, X. Li, J. Zhang, and S. Liu, “Mining Mobile Network Fraudsters with Augmented Graph Neural Networks”, Entropy, vol. 25, no. 1, p. 150, Jan. 2023, DOI: 10.3390/e25010150. (Last accessed: 15.11.2024).
S. Ji, J. Li, Q. Yuan, and J. Lu, “Multi-Range Gated Graph Neural Network for Telecommunication Fraud Detection”, in 2020 International Joint Conference on Neural Networks (IJCNN), Glasgow, United Kingdom: IEEE, Jul. 2020, pp. 1–6. DOI: 10.1109/IJCNN48605.2020.9207589. (Last accessed: 15.11.2024).
V. Danilevskiy and V. Yanovsky, “Statistical properties of telephone communication network”, arXiv preprint arXiv:2004.03172, 2020. (Last accessed: 15.11.2024).
S. Brin and L. Page, “The anatomy of a large-scale hypertextual Web search engine”, Computer Networks and ISDN Systems, vol. 30, no. 1, pp. 107–117, 1998, DOI: https://doi.org/10.1016/S0169-7552(98)00110-X. (Last accessed: 15.11.2024).
M. Newman, Networks, vol. 1. Oxford University Press, 2018. DOI: 10.1093/oso/9780198805090.001.0001. (Last accessed: 15.11.2024).
D. J. Watts and S. H. Strogatz, “Collective dynamics of ‘small-world’ networks”, Nature, vol. 393, no. 6684, pp. 440–442, Jun. 1998, DOI: 10.1038/30918. (Last accessed: 15.11.2024).
M. Danilevskyi, V. Yanovsky, and O. Matsiy, “Modeling and Analysis of a Dynamic Network of Telephone Subscribers Considering the Degree of Connectivity by Means of Contact Lists (Unpublished article)”, Bulletin of V.N. Karazin Kharkiv National University, series «Mathematical modeling. Information technology. Automated control systems».
C. Azarm, E. Acar, and M. van Zeelt, “On the Potential of Network-Based Features for Fraud Detection”, Feb. 19, 2024, arXiv: arXiv:2402.09495. URL: http://arxiv.org/abs/2402.09495 (Last accessed: 15.11.2024).
N. Davey, S. Field, R. Frank, P. Barson, and G. McAskey, “The detection of fraud in mobile phone networks”, Neural Network World, vol. 6, no. 4, pp. 477–484, 1996.
H. Li et al., “A Machine Learning Approach To Prevent Malicious Calls Over Telephony Networks”, in 2018 IEEE Symposium on Security and Privacy (SP), May 2018, pp. 53–69. DOI: 10.1109/SP.2018.00034. (Last accessed: 15.11.2024).
“FCC fines illegal robocalling company a record-breaking $300 MILLION after it made more than five billion calls to more than 500M phone numbers in a three-month span | Daily Mail Online.” Accessed: Aug. 16, 2024. URL: https://www.dailymail.co.uk/news/article-12371697/FCC-fines-illegal-robocalling-company-record-breaking-300-MILLION-five-billion-calls-500M-phone-numbers-three-month-span.html (Last accessed: 15.11.2024).
N. Jiang et al., “Isolating and analyzing fraud activities in a large cellular network via voice call graph analysis”, in Proceedings of the 10th international conference on Mobile systems, applications, and services, Low Wood Bay Lake District UK: ACM, Jun. 2012, pp. 253–266. DOI: 10.1145/2307636.2307660. (Last accessed: 15.11.2024).
H. Tu, A. Doupe, Z. Zhao, and G.-J. Ahn, “SoK: Everyone Hates Robocalls: A Survey of Techniques Against Telephone Spam”, in 2016 IEEE Symposium on Security and Privacy (SP), San Jose, CA: IEEE, May 2016, pp. 320–338. DOI: 10.1109/SP.2016.27. (Last accessed: 15.11.2024).
P. Patankar, G. Nam, G. Kesidis, and C. R. Das, “Exploring Anti-Spam Models in Large Scale VoIP Systems”, in 28th IEEE International Conference on Distributed Computing Systems (ICDCS 2008), 17-20 June 2008, Beijing, China, IEEE Computer Society, 2008, pp. 85–92. DOI: 10.1109/ICDCS.2008.71. (Last accessed: 15.11.2024).
F. Wang, Y. Mo, and B. Huang, “P2P-AVS: P2P Based Cooperative VoIP Spam Filtering”, in Proceedings of the 2007 IEEE Wireless Communications and Networking Conference, USA: IEEE Computer Society, 2007, pp. 3547–3552. DOI: 10.1109/WCNC.2007.650. (Last accessed: 15.11.2024).
N. Jiang, Y. Jin, A. Skudlark, and Z.-L. Zhang, “Greystar: fast and accurate detection of SMS spam numbers in large cellular networks using grey phone space”, in Proceedings of the 22nd USENIX Conference on Security, in SEC’13. USA: USENIX Association, 2013, pp. 1–16. DOI: 10.5555/2534766.2534768. (Last accessed: 15.11.2024).
A. Leontjeva, M. Goldszmidt, Y. Xie, F. Yu, and M. Abadi, “Early security classification of skype users via machine learning”, in Proceedings of the 2013 ACM workshop on Artificial intelligence and security, Berlin Germany: ACM, Nov. 2013, pp. 35–44. DOI: 10.1145/2517312.2517322. (Last accessed: 15.11.2024).
Y. Rebahi, D. Sisalem, and T. Magedanz, “SIP Spam Detection”, in International Conference on Digital Telecommunications (ICDT’06), Cote d’Azur, France: IEEE, 2006, pp. 68–68. DOI: 10.1109/ICDT.2006.69. (Last accessed: 15.11.2024).
N. Miramirkhani, O. Starov, and N. Nikiforakis, “Dial One for Scam: A Large-Scale Analysis of Technical Support Scams”, in Proceedings 2017 Network and Distributed System Security Symposium, San Diego, CA: Internet Society, 2017. DOI: 10.14722/ndss.2017.23163. (Last accessed: 15.11.2024).
S. Subudhi and S. Panigrahi, “Use of Possibilistic Fuzzy C-means Clustering for Telecom Fraud Detection”, in Computational Intelligence in Data Mining, vol. 556, H. S. Behera and D. P. Mohapatra, Eds., in Advances in Intelligent Systems and Computing, vol. 556. , Singapore: Springer Singapore, 2017, pp. 633–641. DOI: 10.1007/978-981-10-3874-7_60. (Last accessed: 15.11.2024).
S. Subudhi and S. Panigrahi, “Quarter-Sphere Support Vector Machine for Fraud Detection in Mobile Telecommunication Networks”, Procedia Computer Science, vol. 48, pp. 353–359, 2015, DOI: 10.1016/j.procs.2015.04.193. (Last accessed: 15.11.2024).
R. Zhang and A. Gurtov, “Collaborative Reputation-based Voice Spam Filtering”, in 2009 20th International Workshop on Database and Expert Systems Application, Linz, Austria: IEEE, 2009, pp. 33–37. DOI: 10.1109/DEXA.2009.95. (Last accessed: 15.11.2024).
D. Ucci, R. Perdisci, J. Lee, and M. Ahamad, “Building a Collaborative Phone Blacklisting System with Local Differential Privacy”, Jun. 16, 2020, arXiv: arXiv:2006.09287. URL: http://arxiv.org/abs/2006.09287 (Last accessed: 15.11.2024).
J. Daka and M. Nyirenda, “Smart Mobile Telecommunication Network Fraud Detection System Using Call Traffic Pattern Analysis and Artificial Neural Network”, vol. 12, pp. 43–50, Apr. 2023, DOI: 10.5923/j.ajis.20221202.01. (Last accessed: 15.11.2024).
Q. Zhao, K. Chen, T. Li, Y. Yang, and X. Wang, “Detecting telecommunication fraud by understanding the contents of a call”, Cybersecur, vol. 1, no. 1, p. 8, Dec. 2018, DOI: 10.1186/s42400-018-0008-5. (Last accessed: 15.11.2024).
Department of Computer Science and Engineering, Obafemi Awolowo University, Ile-Ife, Nigeria, B. O. Akinyemi, O. H. Odukoya, M. L. Sanni, G. Sewagnon, and G. A. Aderounmu, “Performance Evaluation of Machine Learning based Robocalls Detection Models in Telephony Networks” IJCNIS, vol. 14, no. 6, pp. 37–53, Dec. 2022, DOI: 10.5815/ijcnis.2022.06.04. (Last accessed: 15.11.2024).
M. Fire, G. Katz, and Y. Elovici, “Strangers intrusion detection-detecting spammers and fake profiles in social networks based on topology anomalies”, Human journal, vol. 1, no. 1, pp. 26–39, 2012.
C. Chaparro and W. Eberle, “Detecting Anomalies in Mobile Telecommunication Networks Using a Graph Based Approach”. URL: https://cdn.aaai.org/ocs/10377/10377-46053-1-PB.pdf. (Last accessed: 15.11.2024).
X. Hu, H. Chen, H. Chen, X. Li, J. Zhang, and S. Liu, “Mining Mobile Network Fraudsters with Augmented Graph Neural Networks”, Entropy, vol. 25, no. 1, p. 150, Jan. 2023, DOI: 10.3390/e25010150. (Last accessed: 15.11.2024).
S. Ji, J. Li, Q. Yuan, and J. Lu, “Multi-Range Gated Graph Neural Network for Telecommunication Fraud Detection”, in 2020 International Joint Conference on Neural Networks (IJCNN), Glasgow, United Kingdom: IEEE, Jul. 2020, pp. 1–6. DOI: 10.1109/IJCNN48605.2020.9207589. (Last accessed: 15.11.2024).
V. Danilevskiy and V. Yanovsky, “Statistical properties of telephone communication network”, arXiv preprint arXiv:2004.03172, 2020. (Last accessed: 15.11.2024).
S. Brin and L. Page, “The anatomy of a large-scale hypertextual Web search engine”, Computer Networks and ISDN Systems, vol. 30, no. 1, pp. 107–117, 1998, DOI: https://doi.org/10.1016/S0169-7552(98)00110-X. (Last accessed: 15.11.2024).
M. Newman, Networks, vol. 1. Oxford University Press, 2018. DOI: 10.1093/oso/9780198805090.001.0001. (Last accessed: 15.11.2024).
D. J. Watts and S. H. Strogatz, “Collective dynamics of ‘small-world’ networks”, Nature, vol. 393, no. 6684, pp. 440–442, Jun. 1998, DOI: 10.1038/30918. (Last accessed: 15.11.2024).
M. Danilevskyi, V. Yanovsky, and O. Matsiy, “Modeling and Analysis of a Dynamic Network of Telephone Subscribers Considering the Degree of Connectivity by Means of Contact Lists (Unpublished article)”, Bulletin of V.N. Karazin Kharkiv National University, series «Mathematical modeling. Information technology. Automated control systems».
C. Azarm, E. Acar, and M. van Zeelt, “On the Potential of Network-Based Features for Fraud Detection”, Feb. 19, 2024, arXiv: arXiv:2402.09495. URL: http://arxiv.org/abs/2402.09495 (Last accessed: 15.11.2024).
