Currently,telecom fraud is expanding from the traditional telephone network to the Internet,and identifying fraudulent IPs is of great significance for reducing Internet telecom fraud and protecting consumer rights.Ho...Currently,telecom fraud is expanding from the traditional telephone network to the Internet,and identifying fraudulent IPs is of great significance for reducing Internet telecom fraud and protecting consumer rights.However,existing telecom fraud identification methods based on blacklists,reputation,content and behavioral characteristics have good identification performance in the telephone network,but it is difficult to apply to the Internet where IP(Internet Protocol)addresses change dynamically.To address this issue,we propose a fraudulent IP identification method based on homology detection and DBSCAN(Density-Based Spatial Clustering of Applications with Noise)clustering(DC-FIPD).First,we analyze the aggregation of fraudulent IP geographies and the homology of IP addresses.Next,the collected fraudulent IPs are clustered geographically to obtain the regional distribution of fraudulent IPs.Then,we constructed the fraudulent IP feature set,used the genetic optimization algorithm to determine the weights of the fraudulent IP features,and designed the calculation method of the IP risk value to give the risk value threshold of the fraudulent IP.Finally,the risk value of the target IP is calculated and the IP is identified based on the risk value threshold.Experimental results on a real-world telecom fraud detection dataset show that the DC-FIPD method achieves an average identification accuracy of 86.64%for fraudulent IPs.Additionally,the method records a precision of 86.08%,a recall of 45.24%,and an F1-score of 59.31%,offering a comprehensive evaluation of its performance in fraud detection.These results highlight the DC-FIPD method’s effectiveness in addressing the challenges of fraudulent IP identification.展开更多
基金funded by the National Natural Science Foundation of China under Grant No.62002103Henan Province Science Foundation for Youths No.222300420058+1 种基金Henan Province Science and Technology Research Project No.232102321064Teacher Education Curriculum Reform Research Priority Project No.2023-JSJYZD-011.
文摘Currently,telecom fraud is expanding from the traditional telephone network to the Internet,and identifying fraudulent IPs is of great significance for reducing Internet telecom fraud and protecting consumer rights.However,existing telecom fraud identification methods based on blacklists,reputation,content and behavioral characteristics have good identification performance in the telephone network,but it is difficult to apply to the Internet where IP(Internet Protocol)addresses change dynamically.To address this issue,we propose a fraudulent IP identification method based on homology detection and DBSCAN(Density-Based Spatial Clustering of Applications with Noise)clustering(DC-FIPD).First,we analyze the aggregation of fraudulent IP geographies and the homology of IP addresses.Next,the collected fraudulent IPs are clustered geographically to obtain the regional distribution of fraudulent IPs.Then,we constructed the fraudulent IP feature set,used the genetic optimization algorithm to determine the weights of the fraudulent IP features,and designed the calculation method of the IP risk value to give the risk value threshold of the fraudulent IP.Finally,the risk value of the target IP is calculated and the IP is identified based on the risk value threshold.Experimental results on a real-world telecom fraud detection dataset show that the DC-FIPD method achieves an average identification accuracy of 86.64%for fraudulent IPs.Additionally,the method records a precision of 86.08%,a recall of 45.24%,and an F1-score of 59.31%,offering a comprehensive evaluation of its performance in fraud detection.These results highlight the DC-FIPD method’s effectiveness in addressing the challenges of fraudulent IP identification.
