TY - GEN
T1 - Isolating and analyzing fraud activities in a large cellular network via voice call graph analysis
AU - Jiang, Nan
AU - Jin, Yu
AU - Skudlark, Ann
AU - Hsu, Wen Ling
AU - Jacobson, Guy
AU - Prakasam, Siva
AU - Zhang, Zhi-Li
PY - 2012
Y1 - 2012
N2 - With widespread adoption and growing sophistication of mobile devices, fraudsters have turned their attention from landlines and wired networks to cellular networks. While security threats to wireless data channels and applications have attracted the most attention, voice-related fraud activities also represent a serious threat to mobile users. In particular, we have seen increasing numbers of incidents where fraudsters deploy malicious apps, e.g., disguised as gaming apps to entice users to download; when invoked, these apps automatically - and without users' knowledge - dial certain (international) phone numbers which charge exorbitantly high fees. Fraudsters also frequently utilize social engineering (e.g., SMS or email spam, Facebook postings) to trick users into dialing these exorbitant fee-charging numbers. In this paper, we develop a novel methodology for detecting voice-related fraud activities using only call records. More specifically, we advance the notion of voice call graphs to represent voice calls from domestic callers to foreign recipients and propose a Markov Clustering based method for isolating dominant fraud activities from these international calls. Using data collected over a two year period from one of the largest cellular networks in the US, we evaluate the efficacy of the proposed fraud detection algorithm and conduct systematic analysis of the identified fraud activities. Our work sheds light on the unique characteristics and trends of fraud activities in cellular networks, and provides guidance on improving and securing hardware/software architecture to prevent these fraud activities.
AB - With widespread adoption and growing sophistication of mobile devices, fraudsters have turned their attention from landlines and wired networks to cellular networks. While security threats to wireless data channels and applications have attracted the most attention, voice-related fraud activities also represent a serious threat to mobile users. In particular, we have seen increasing numbers of incidents where fraudsters deploy malicious apps, e.g., disguised as gaming apps to entice users to download; when invoked, these apps automatically - and without users' knowledge - dial certain (international) phone numbers which charge exorbitantly high fees. Fraudsters also frequently utilize social engineering (e.g., SMS or email spam, Facebook postings) to trick users into dialing these exorbitant fee-charging numbers. In this paper, we develop a novel methodology for detecting voice-related fraud activities using only call records. More specifically, we advance the notion of voice call graphs to represent voice calls from domestic callers to foreign recipients and propose a Markov Clustering based method for isolating dominant fraud activities from these international calls. Using data collected over a two year period from one of the largest cellular networks in the US, we evaluate the efficacy of the proposed fraud detection algorithm and conduct systematic analysis of the identified fraud activities. Our work sheds light on the unique characteristics and trends of fraud activities in cellular networks, and provides guidance on improving and securing hardware/software architecture to prevent these fraud activities.
KW - cellular network
KW - fraud
KW - malware
KW - mobile apps
UR - http://www.scopus.com/inward/record.url?scp=84864327089&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=84864327089&partnerID=8YFLogxK
U2 - 10.1145/2307636.2307660
DO - 10.1145/2307636.2307660
M3 - Conference contribution
AN - SCOPUS:84864327089
SN - 9781450313018
T3 - MobiSys'12 - Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services
SP - 253
EP - 266
BT - MobiSys'12 - Proceedings of the 10th International Conference on Mobile Systems, Applications, and Services
T2 - 10th International Conference on Mobile Systems, Applications, and Services, MobiSys'12
Y2 - 25 June 2012 through 29 June 2012
ER -