Behavior-Based Online Anomaly Detection for a Nationwide Short Message Service

Zahra Shaeiri | Javad Kazemitabar | Shahriar Bijani | Mohammad Talebi

---

URL :   http://research.shahed.ac.ir/WSR/WebPages/Report/PaperView.aspx?PaperID=116910
Date :  2019/01/23
Publish in :    Journal of Artificial Intelligence & Data Mining=Journal of AI and Data Mining

Link :  http://bizhani.com/publications/
Keywords :Short Message Service, Behavioral Profiling, Anomaly Detection, Apache Spark

Abstract :

---

As fraudsters understand the time window and act fast, real-time fraud management systems becomes necessary in Telecommunication Industry. In this work, by analyzing traces collected from a nationwide cellular network over a period of a month, an online behavior-based anomaly detection system is provided. Over time, users interactions with the network provides a vast amount of usage data. These usage data are modeled to profiles by which users can be identified. A statistical model is proposed that allocate a risk number to each upcoming record which reveals deviation from the normal behavior stored in profiles. Based on the amount of this deviation a decision is made to flag the record as normal or anomaly. If the activity is normal the associated profile is updated; otherwise the record is flagged as anomaly and it will be considered for further investigation. For handling the big data set and implementing the methodology we have used the Apache Spark engine which is an open source, fast and general-purpose cluster computing system for big data handling and analyzes. Experimental results show that the proposed approach can perfectly detect deviations from the normal behavior and can be exploited for detecting anomaly patterns.