An unsupervised neural network approach to profiling the behavior of mobile phone users for use in fraud detection

This paper discusses the current status of research on fraud detection unde rtaken as part of the European Commission-funded ACTS ASPeCT (Advanced Secu rity for Personal Communications Technologies) project, by Royal Holloway U niversity of London. Using a recurrent neural network technique, we uniform ly distribute prototypes over toll tickets. sampled from the U.K. network o perator, Vodafone. The prototypes, which continue to adapt to cater for sea sonal or long term trends, are used to classify incoming toll tickets to fo rm statistical behavior profiles covering both the short- and the long-term past. We introduce a new decaying technique. which maintains these profile s such that short-term information is updated on a per toll ticket basis wh ilst the update of the long-term behavior can be delayed and controlled by the user. The new technique ensures that the short-term history updates the long-term history applying an even weighting to each toll ticket. The beha vior profiles, maintained as probability distributions, form the input to a differential analysis utilizing a measure known as the Hettinger distance between them as an alarm criterion. Fine tuning the system to minimize the number of false alarms poses a significant task due to the low fraudulent, non-fraudulent activity ratio. We benefit from using unsupervised learning in that no fraudulent examples are required for training. This is very rele vant considering the currently secure nature of GSM where fraud scenarios, other than subscription fraud. have yet to manifest themselves. It is the a im of ASPeCT to be prepared for the would-be fraudster for both GSM and UMT S. (C) 2001 Academic Press.