An ensemble classification model for detecting voice phishing in telecommunication networks and its integration into a visual analysis tool

buir.advisorDoğrusöz, Uğur
dc.contributor.authorÇalık, Hüseyin Eren
dc.date.accessioned2022-09-20T06:29:37Z
dc.date.available2022-09-20T06:29:37Z
dc.date.copyright2022-09
dc.date.issued2022-09
dc.date.submitted2022-09-19
dc.descriptionCataloged from PDF version of article.en_US
dc.descriptionThesis (Master's): Bilkent University, Department of Computer Engineering, İhsan Doğramacı Bilkent University, 2022.en_US
dc.descriptionIncludes bibliographical references (leaves 42-45).en_US
dc.description.abstractVoice phishing, a method of social engineering fraud performed over phone calls, has been a major problem globally since the use of phones became widespread. Traditional and modern methods to detect these fraud schemes include visual analysis of the customers’ behaviour, rule-based systems and machine learning models such as clustering, decision trees, shallow classifiers and deep learning models. Visual analysis depends only on human expertise and requires very high labor force to be effective. Rule-based systems are useful for extreme cases but are vulnerable to concept drifts. The-state-of-the-art methods generally utilize machine learning approaches. However, they require one or more of feature engineering done by experts, high computational power and privacy infringements. Therefore, in collaboration with Turkcell Technology, we aimed to develop a system that benefits from the advantages of the traditional methods while exploiting the effectiveness and efficiency of the state-of-the-art ones to tackle this issue. In doing so, we integrated an ensemble learning model to an existing visualization tool for detecting fraud users. This tool visualizes relational data as knowledge graphs, shows the informational data as texts and statistical data with charts and texts. Our ensemble learning model has two deep neural networks and one decision tree classifier. Multiple neural networks are used to reduce the variance and make a more stable model. One of them is composed of an input layer, two hidden layers with 200 nodes using Rectified Linear Unit (ReLU) activation function, each followed by a dropout layer and an output layer of one node with sigmoid activation function. We used dropout layers in this network to prevent over-fitting. The second neural network we built has 3 hidden layers instead with node numbers 64, 64 and 32, respectively, with ReLU as their activation function. To feed these models, a total of 34 features, 20 of which are raw, have been engineered with Turkcell fraud experts. The aggregation of the outputs is done by taking their average. We measured the success of our model by calculating the F1 Score as the class imbalance is high. Our model’s F1 score is 0.82 with a precision of 0.82 and a recall of 0.83. Also, with the integration of our model into this visualization tool, a framework was formed allowing mobile network operators to examine and detect fraud cases more efficiently and act accordingly.en_US
dc.description.provenanceSubmitted by Betül Özen (ozen@bilkent.edu.tr) on 2022-09-20T06:29:37Z No. of bitstreams: 1 B161321.pdf: 1568428 bytes, checksum: 1b6bbf7ab180d0bc81bc25eaad655f0f (MD5)en
dc.description.provenanceMade available in DSpace on 2022-09-20T06:29:37Z (GMT). No. of bitstreams: 1 B161321.pdf: 1568428 bytes, checksum: 1b6bbf7ab180d0bc81bc25eaad655f0f (MD5) Previous issue date: 2022-09en
dc.description.statementofresponsibilityby Hüseyin Eren Çalıken_US
dc.format.extentxiii, 50 leaves : charts (some color) ; 30 cm.en_US
dc.identifier.itemidB161321
dc.identifier.urihttp://hdl.handle.net/11693/110545
dc.language.isoEnglishen_US
dc.rightsinfo:eu-repo/semantics/openAccessen_US
dc.subjectTelecommunication networksen_US
dc.subjectCall graphsen_US
dc.subjectVisual network analysisen_US
dc.subjectGraph visualizationen_US
dc.subjectFraud detectionen_US
dc.subjectMachine learningen_US
dc.subjectDeep neural networksen_US
dc.titleAn ensemble classification model for detecting voice phishing in telecommunication networks and its integration into a visual analysis toolen_US
dc.title.alternativeTelekomünkasyon ağlarında sesli olta saldırılarının birleşik sınıflandırma modeli ile tespiti ve görsel analiz aracına entegrasyonuen_US
dc.typeThesisen_US
thesis.degree.disciplineComputer Engineering
thesis.degree.grantorBilkent University
thesis.degree.levelMaster's
thesis.degree.nameMS (Master of Science)

Files

Original bundle

Now showing 1 - 1 of 1
Loading...
Thumbnail Image
Name:
B161321.pdf
Size:
1.5 MB
Format:
Adobe Portable Document Format
Description:
Full printable version

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.69 KB
Format:
Item-specific license agreed upon to submission
Description: