Modern Approaches to Prevent Fraud in Mobile

Communications Networks

Evgeny I. Tarmazakov#1, Dmitry S. Silnov#2

#
Institute of cyber intelligence systems; *Department of Computer Systems and Technologies
National Research Nuclear University MEPhI (Moscow Engineering Physics Institute)
Moscow, Russia
1
tarmazakov@mail.ru, 2ds@silnov.pro

Abstract – This article focuses on the effectiveness of modern II. MODERN METHODS OF COMBATING FRAUD
techniques of fraud prevention in the communications networks. According to the data provided by the Communications
The main security systems used to counteract the fraud, have
Fraud Control Association (CFCA) [6], mobile and fixed-line
been considered in the article. The basic methods and approaches
(e.g. analysis of individual events, control of the integrity of data
providers loose up to $ 38 billion a year. On average, the
flows and analysis of subscriber behavior profiles) to detect and telecommunications company implies loss of 7% of annual
prevent fraud have been reviewed in this publication. The key revenue as a result of the fraud. Table 1 presents detailed, total
challenge of fraud counteraction systems and solutions is that losses of companies for the year 2015 [1][2][5].
information about subscribers is allocated in different systems
that might lead to the problem of data synchronization. Fraud TABLE I. TOTAL LOSSES OF COMPANIES FOR 2015
detection and prevention approaches, which represent the The cost of a fraud in billions of
creation of a single centralized system for managing fraud, are dollars
Fraud type
described in the article. The major purpose is to identify the Globally Western North
intruders by analyzing an aggregated data from the adjacent Europe America
anti-fraud systems. This approach, based on the experiences of a International Revenue
10,75 2,07 3,21
number of anti-fraud systems, allows setting rules and patterns to Share Fraud (IRSF)
prevent intruders. In addition, a single fraud management Fraud
Interconnect Bypass Fraud 5,97 1,15 1,78
system enables the analyst to receive up-to-date aggregated data type
Premium Rate Service
on an unscrupulous client online. 3,74 0,72 1,12
Fraud
Subscription Fraud 8,05 2,4 1,55
Keywords – Telecom fraud; Fraud Detection; Pre-fraud state;
Fraud event; Fraud Management System; Telecommunication PBX Hacking / IP PBX
7,47 2,22 1,44
industry; Information Technology Hacking
Fraud Wangiri Fraud 1,77 0,53 0,34
I. INTRODUCTION methods Phishing 1,57 0,47 0,3
Every year mobile technologies penetrate more and more Abuse of Service Terms
fields of human activities and cover new industries. Many new 1,17 0,53 0,34
and Conditions
devices were demonstrated by leading manufacturers at the SMS Faking or Spoofing 0,79 0,23 0,15
international exhibition of mobile technologies (MWC -
Mobile World Congress) held in March 2017. In addition, the
largest mobile providers and manufacturers of There are two large groups of types of fraud. The first
telecommunications equipment presented their developments group reflects the fraud, which can be detected at an early
in the field of the new generation of mobile communication stage, in its original state. In order to detect this type of fraud,
5G. With the emergence of a new communication format, the an approach, based on the search for dissynchronization
number of devices communicating via mobile communication between network elements and systems, can be applied. The
channels will grow and, as a result, more and more types of latter is responsible for charging and paying for services. For
fraud will appear. instance, to identify phantom subscribers, a comparison of the
Therefore it is important to consider the following: firstly, HLR and Billing data systems can be used (see Fig. 1) [7].
criminals keep up to date; secondly, nowadays each subscriber Moreover, with the aim of a revelation of fraud at the
has several devices connected to the network, hence, there are beginning, solutions of the Platform Integrity class are applied,
many potential channels for any possible attack; and thirdly, it based on the reconciling data from various systems. Systems of
is necessary to detect fraud in time and identify new types of the Platform Integrity category allow to verify absolutely any
threats in order to provide timely protection for subscribers and data from different systems and devices. Fig. 2 shows a method
companies. of matching data to security policies derived from the systems.

379 978-1-5386-4340-2/18/$31.00 ©2018 IEEE

Authorized licensed use limited to: National Inst of Training & Indust Eng - Mumbai. Downloaded on August 12,2021 at 08:02:11 UTC from IEEE Xplore. Restrictions apply.

Fig. 1 The method for mapping data in a communications network to detect
phantom subscribers
Fig. 2 The method of data security compliance with the policies from different
systems
However, not all types of fraud are determined by their
initial state. And thus, it is possible to pick out a second, more
general group of types of fraud - fraudulent events. For the
detection of such events, an analysis of all events occurring in
the telecommunications provider's systems, including
payments, applications for connecting / disabling services, an
adjusting of accounts, etc., is required. The following
approaches are put in application to identify fraud of this
certain type: the analysis of separate individual events. As an
example, Sms-fraud could be mentioned. In detail, in this case
an each individual transaction (operation) is investigated and
checked by comparing the parameters with blacklists.
The following approaches are used to detect fraudulent
events:
A. Monitoring the integrity of data flows.
This approach is relevant when it is impossible to detect
fraud in more operational ways or when the fraud is related to
the telecom provider’s services received without an adequate
payment. The systems implementing this approach are called
Switch-To-Billing Measuring Systems, i.e. the systems for
recording payments.
380
Authorized licensed use limited to: National Inst of Training & Indust Eng - Mumbai. Downloaded on August 12,2021 at 08:02:11 UTC from IEEE Xplore. Restrictions apply.
B. Analysis of subscriber behavior profiles.
The most common method for determining fraud relies on
a non-standard behavior of subscribers, suspicious activities,
the exceeding of the established limits, etc.
Given the large number of solutions and systems offered by
different manufacturers, the provider can choose an
economically sound development strategy using different
approaches and tools of the fraud management. However, one
of the most important categories of OSS / BSS systems is the
Fraud Management System [4]. FMS is a fraud management
system, and its main functions are to detect, suppress and
prevent fraud to the carrier's resources. The system monitors
the intruder using mechanisms and algorithms specially
designed for various types of connections and services, and
reacts in case of calling a suspicious number, a non-existent
user, a call exceeding the threshold of cost or duration, and also
in the case of other types of fraud [7].
III. USING AGGREGATION OF ANTI-FRAUD SYSTEMS AS A
NEW METHOD OF COMBATING FRAUD
FMS automatically analyzes and prevents fraud. In some
cases, the system promptly informs the provider about the
request of a dishonest client, after which the operator checks
the information on the subscriber and his actions in the related
anti-fraud systems and makes the final decision to block the
subscriber or to render him the requested services. The real
challenge lies in the ability to quickly check all the necessary
information and to switch between the windows of different
systems when lots of related systems exist. Consequently, the
provider of the system, who daily confronts with fraud, is
forced to perform labor-consuming operations regarding the
accumulation and analysis of the information in order to take
correct preventive measure against the identified fraud case.
The task aims to solve the main problems encountered by
providers in the struggle against fraud so that a single fraud
management system is created, enabling to lock an unfair
customer in 2 clicks. A single fraud management system will
allow analysts to detect and suppress the actions of attackers
more quickly through an aggregation of related anti-fraud
systems, by setting up rules and detection patterns. The system
will provide the operator with an up-to-date data in an online
mode and empower to perform any action on the subscriber.
Furthermore, the aggregation of the archival data from related
systems will make it possible to generate more relevant and
consistent reporting data. Figure 3 presents a new approach of
combating the fraud, which includes the aggregation of anti-
fraud systems into a single centralized fraud management
system. As a result, timely blocked unscrupulous subscriber
will positively affect the financial performance of the company.

Fig. 3 The scheme of an aggregation of anti-fraud systems
IV. CONCLUSIONS
A new method in the fight against fraud, that is the creation
of a single centralized management system, will not only give
an opportunity the telecom providers to monitor all fraud
attempts in a single system, but also an opportunity to receive
timely, more detailed aggregated reporting on identified fraud
cases. Currently, the main business processes necessary to
prevent fraud are already being explored, for example, a
development of the architecture of a single fraud management
system, as well as a classification of fraud types to facilitate the
381
Authorized licensed use limited to: National Inst of Training & Indust Eng - Mumbai. Downloaded on August 12,2021 at 08:02:11 UTC from IEEE Xplore. Restrictions apply.
work of providers in the system. In order to increase the
effectiveness of the struggle against fraud, mobile providers
need a single fraud management system, which could allow
them to monitor centrally all fraud attempts and prevent them
in a timely manner. As more and more players in the
telecommunications industry appear on the market, the threat
of fraud will continue to grow, and, in the long run, mobile
providers will be increasingly attacked by unscrupulous
subscribers.
REFERENCES
[1] I. Howells, V. Scharf-Katz, P. Stapleton, “Fighting Future Fraud. A
Strategy for Using Big Data, Machine Learning, and Data Lakes to
Fight Mobile Communications Fraud”, USA, San Moteo, 2016, 8 p.
[2] K. Stanfield. Telecoms fraud: Where are we now?(2017) Available at:
https://www.vanillaplus.com/2017/03/10/25946-telecoms-fraud-now/
(accessed 16 November 2017).
[3] Smt. S. Rajani, M. Padmavathamma. “A Model for Rule Based Fraud
Detection in Telecommunications”. International Journal of
Engineering Research & Technology (IJERT) vol. 1 Issue 5, July -
2012 ISSN: 2278-018.
[4] Fraud Management System (FMS). A solution brief from HP. Network
and Service Provider Solutions. 5982-0874EN, 08/2003.
[5] I. Howells, V. Scharf-Katz, and P. Stapleton. “Fraud Types, Fraud
Methods, & Fraud Technology”, USA, San Moteo, 2016, 5 p.
[6] Communications Fraud Control Association (CFCA). Available at:
http://www.cfca.org/ (accessed 05 December 2017).
[7] (Metody bor''by s frodom na setjah svjazi) [Methods to combat fraud
on mobile networks]. Mir Telekoma, Moscow, 2014, Available at:
http://mirtelecoma.ru/magazine/elektronnaya-versiya/25/ (accessed 02
December 2017) (in Russian).