Skip to main content
SpringerLink
Log in

Interconnect bypass fraud detection: a case study

  • Published:
Annals of Telecommunications Aims and scope Submit manuscript

Abstract

The high asymmetry of international termination rates is fertile ground for the appearance of fraud in telecom companies. International calls have higher values when compared with national ones, which raises the attention of fraudsters. In this paper, we present a solution for a real problem called interconnect bypass fraud, more specifically, a newly identified distributed pattern that crosses different countries and keeps fraudsters from being tracked by almost all fraud detection techniques. This problem is one of the most expressive in the telecommunication domain, and it has some abnormal behaviours like the occurrence of a burst of calls from specific numbers. Based on this assumption, we propose the adoption of a new fast forgetting technique that works together with the Lossy Counting algorithm. We apply frequent set mining to capture distributed patterns from different countries. Our goal is to detect as soon as possible items with abnormal behaviours, e.g., bursts of calls, repetitions, mirrors, distributed behaviours and a small number of calls spread by a vast set of destination numbers. The results show that the application of different techniques improves the detection ratio and not only complements the techniques used by the telecom company but also improves the performance of the Lossy Counting algorithm in terms of run-time, memory used and sensibility to detect the abnormal behaviours. Additionally, the application of frequent set mining allows us to capture distributed fraud patterns.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5

Similar content being viewed by others

Notes

  1. https://www.sandvine.com/hubfs/downloads/solutions/revenue-assurance/interconnect-bypass-fraud-management/sandvine_sb_interconnect_bypass_fraud.pdf

  2. https://blugem.com/fraud-detection/

  3. https://www.mobileum.com/

  4. A small sample is available online. https://drive.google.com/open?id=1NXWpQitnUKhsGC97o8KU6HjFyszwJ2P2

References

  1. AlBougha MR (2016) Comparing data mining classification algorithms in detection of simbox fraud

  2. Ali MA, Azad MA, Centeno MP, Hao F, van Moorsel A (2019) Consumer-facing technology fraud: economics, attack methods and potential solutions. Futur Gener Comput Syst 100:408–427

    Article  Google Scholar 

  3. Alraouji Y, Bramantoro A (2014) International call fraud detection systems and techniques. In: Proceedings of the 6th International Conference on Management of Emergent Digital EcoSystems, pp 159–166

  4. Alsadi IS, Abuhamoud N (2018) Study to use neo4j to analysis and detection sim-box fraud. Journal of Pure and Applied Sciences 17(4)

  5. Association CFC et al (2017) Global fraud loss survey. Press Release

  6. Cormode G, Hadjieleftheriou M (2010) Methods for finding frequent items in data streams. VLDB J 19(1):3–20

    Article  Google Scholar 

  7. Cormode G, Korn F, Muthukrishnan S, Srivastava D (2008) Finding hierarchical heavy hitters in streaming data. ACM Trans Knowl Discov Data 1(4):2:1–2:48. https://doi.org/10.1145/1324172.1324174

    Article  Google Scholar 

  8. Elmi AH, Ibrahim S, Sallehuddin R (2013) Detecting sim box fraud using neural network. In: IT Convergence and security 2012. Springer, pp 575–582

  9. Gama J (2010) Knowledge discovery from data streams. Chapman and hall / CRC data mining and knowledge discovery series. CRC Press

  10. Jiang JYJ, Gillot D (2015) Advanced predictive intelligence for termination bypass detection and prevention. US Patent 9,002,320

  11. Kahsu H (2018) Sim-box fraud detection using data mining techniques: the case of ethio telecom. Ph.D. thesis AAU

  12. Kashir M, Bashir S (2019) Machine learning techniques for sim box fraud detection. In: 2019 International Conference on Communication Technologies (ComTech). IEEE, pp 4–8

  13. Laleh N, Azgomi MA (2009) A taxonomy of frauds and fraud detection techniques. In: International Conference on Information Systems, Technology and Management. Springer, pp 256–267

  14. Lefler AC, Plaza AG, Rios JLM (2018) Method, mobile switching centre, MSC, and a computer program product for detecting interconnect bypass. US Patent App. 15/570,014

  15. Li CW, Jea KF (2011) An adaptive approximation method to discover frequent itemsets over sliding-window-based data streams. Expert Syst Appl 38:13,386–13,404

    Article  Google Scholar 

  16. Manku GS, Motwani R (2002) Approximate frequency counts over data streams. In: Proceedings of the 28th International Conference on Very Large Data Bases, VLDB ’02. VLDB Endowment, pp 346–357. http://dl.acm.org/citation.cfm?id=1287369.1287400

  17. Marah HM, Elrajubi OM, Abouda AA (2015) Fraud detection in international calls using fuzzy logic. In: International Conference on Computer Vision and Image Analysis Applications. IEEE, pp 1–6

  18. Martino GDS, Navarin N, Sperduti A (2013) A lossy counting based approach for learning on streams of graphs on a budget. In: Proceedings of the Twenty-Third International Joint Conference on Artificial Intelligence. AAAI Press, pp 1294–1301

  19. Metwally A, Agrawal D, El Abbadi A (2005) Efficient computation of frequent and top-k elements in data streams. In: Proceedings of the 10th International Conference on Database Theory, ICDT’05. Springer, Berlin, pp 398–412

  20. Moreau Y, Verrelst H, Vandewalle J (1997) Detection of mobile phone fraud using supervised neural networks: a first prototype. In: International Conference on Artificial Neural Networks. Springer, pp 1065–1070

  21. Murynets I, Zabarankin M, Jover RP, Panagia A (2014) Analysis and detection of simbox fraud in mobility networks. In: IEEE INFOCOM 2014-IEEE Conference on computer communications. IEEE, pp 1519–1526

  22. Muthukrishnan S (2005) Data streams: algorithms and applications. Found Trends Theor Comput Sci 1(2):117–236

    Article  MathSciNet  Google Scholar 

  23. Nishina T, Iwanuma K (2019) Yamamoto, y.: a skipping FP-tree for incrementally intersecting closed itemsets in on-line stream mining. 2019 IEEE International Conference on Big Data and Smart Computing (BigComp), pp 1–4

  24. Reaves B, Shernan E, Bates A, Carter H, Traynor P (2015) Boxed out: blocking cellular interconnect bypass fraud at the network edge. In: 24Th {USENIX} Security Symposium ({USENIX} security 15), pp 833–848

  25. Rosas E, Analide C (2009) Telecommunications fraud: problem analysis-an agent-based KDD perspective. Aveiro: EPIA 2009

  26. Sahin M, Francillon A (2016) Over-the-top bypass: study of a recent telephony fraud. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. ACM, pp 1106–1117

  27. Subbulakshmi B, Nayaki AP (2018) Compact pattern stream tree algorithm

  28. Tewodros H (2018) Network traffic classification using machine learning: a step towards over-the-top bypass fraud detection. Ph.D Thesis

  29. Veloso B, Martins C, Espanha R, Azevedo R, Gama J (2020) Fraud detection using heavy hitters: a case study. In: Proceedings of the 35th Annual ACM Symposium on Applied Computing, pp 482–489

  30. Veloso B, Martins C, WEDO B, Espanha R, Azevedo R, Gama J Detecting bursts of activity from streams

  31. Webb GI, Vreeken J (2014) Efficient discovery of the most interesting associations. ACM Trans Knowl Discov Data (TKDD) 8(3):15

    Google Scholar 

  32. Worku T (2018) Predictive modeling for international roaming fraud detection in ethio telecom. Ph.D. thesis, Addis Ababa University

  33. Yulianto A, Bijaksana MA, Lhaksmana KM, et al. (2017) Fraud detection on international direct dial call using hybrid NBTree algorithm and Kullback Leibler divergence. In: 2017 5Th International Conference on Information and Communication Technology (ICoIC7). IEEE, pp 1–6

Download references

Acknowledgements

The authors acknowledge the project ML-ABA - Machine Learn based Adaptive Business Assurance, Individual Demonstration Projects, NUP: FCOMP-01-0202-FEDER-038204, a project co-funded by the Incentive System for Research and Technological Development, from the Thematic Operational Program Competitiveness of the national framework program - Portugal2020. We also acknowledge the support of the project FailStopper (DSAIPA / DS /0086/2018).

Author information

Authors and Affiliations

  1. INESCTEC, Porto, Portugal

    Bruno Veloso, Shazia Tabassum & João Gama

  2. Mobileum, Braga, Portugal

    Carlos Martins, Raphael Espanha & Raul Azevedo

Authors
  1. Bruno Veloso
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Shazia Tabassum
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Carlos Martins
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Raphael Espanha
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Raul Azevedo
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. João Gama
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bruno Veloso.

Additional information

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendix A: Results

Appendix A: Results

1.1 Opus Miner Results for data set 1

Table 6 Top 10 pairs of A-numbers sorted by leverage within interval 1 min
Full size table
Table 7 Top 10 pairs of A-numbers sorted by leverage within interval 5 min
Full size table
Table 8 Top 10 pairs of A-numbers sorted by leverage within interval 10 min
Full size table

1.2 Opus Miner Results for data set 2

Table 9 Top 10 pairs of A-numbers sorted by leverage within interval 1 min
Full size table
Table 10 Top 10 pairs of A-numbers sorted by leverage within interval 5 min
Full size table
Table 11 Top 10 pairs of A-numbers sorted by leverage within interval 10 min
Full size table

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Veloso, B., Tabassum, S., Martins, C. et al. Interconnect bypass fraud detection: a case study. Ann. Telecommun. 75, 583–596 (2020). https://doi.org/10.1007/s12243-020-00808-w

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s12243-020-00808-w

Keywords

Search

Navigation