|
One of the tactics for fraud detection is to check for signs of questionable changes in
user behavior. It has been noted that the intentions of the mobile phone users cannot be
observed, but their intentions are reflected in the call data, which define usage patterns.
During mobile phone networks inspection, a large detected change in the behavior of
a subscriber can be treated in two waysthe subscriber's personal circumstance may
have possibly changed or the subscribers mobile phone may be a subject of a fraudulent attack.
In the former case, the subscriber becomes a target for what is known as `churn' where
a subscriber may move to another network operator providing services closer to his
current needs. Early detection of signs of customer dissatisfaction would help in fast rescue
operation being initiated.
A call from a discontented subscriber obtaining no service is the first indications that
an engineering department receives that a cell site has failed. Current behavior profiling
strategies already make use of information relating to cell sites visited during calls. A real time
detection system could profile the usage of individual cells, instantly relaying warnings if a cell
became unserviceable with minimal overhead.
It is easy for criminals to commit frauds and hard to trace them due to the nature of
mobile communication networks. One of the most common and costly frauds in
mobile communication is cloning fraud. A mobile phone is identified by two numbers,
Mobile Identification Number (MIN) and Electronic Serial Number (ESN) (Wu and
Park, 2000). Cloning occurs when a criminal makes use of a mobile communication scanner
to steal MIN and ESN from a legitimate subscriber and program them into another phone.
The illegitimate user can make unlimited calls, which will be billed to the legitimate user. |
