BRUTUS - A Hybrid Detection Tool

ACTS project AC095, Advanced Security for Personal Communications Technologies (ASPeCT), is engaged in the advancement of security issues for the next generation of mobile communications UMTS. One of the work packages within this project is developing fraud detection and management tools. Prototypes of three different fraud detection tools have been developed, and demonstrated, using Rule-Based and Neural Network technologies. Last year ASPeCT introduced new fraud detection concepts for the GSM network building on the experience gained from fraud scenarios encountered on the Vodafone TACS network. Based on these findings we proposed various Rule-Based and Neural Network architectures to implement these ideas as separate fraud detection tools. The goal was to develop techniques that would work under GSM and later migrate to UMTS. This year we report back on the successes of the various methods and propose BRUTUS, a hybrid detection tool, built upon a generalisation of the existing fraud detection techniques. The new system migrates to other areas of electronic commerce and incorporates extra features for the purpose of business marketing and engineering. A common suite of experiments has been performed on the three systems using two sets of data. One dataset contained only fraudulent activity, transcribed into GSM Toll Ticket format from TACS. The second contained the Toll Tickets of new subscribers from the GSM network. We varied parameters that could be tuned in each of the systems in order to determine the number of subscribers raising alarms. Curves were produced showing the trade-off between the percentage of correctly identified fraudsters versus the percentage of new subscribers raising alarms. This ratio is extremely important as even a small percentage of new subscribers amounts to a significant number of individuals. BRUTUS utilises a management module, or Adaptive Critic, providing the user with a comprehensive analysing tool for pseudo real-time detection of behaviour changes. We provide details of the systems architecture of the individual components and the common framework within which they operate. Future direction for the project will be outlined with our current aims and suggestions for areas in which further work needs to be performed.