CN114285943A - Prevention and control method, device, equipment and computer program product for telephone fraud - Google Patents
Prevention and control method, device, equipment and computer program product for telephone fraud Download PDFInfo
- Publication number
- CN114285943A CN114285943A CN202111619434.6A CN202111619434A CN114285943A CN 114285943 A CN114285943 A CN 114285943A CN 202111619434 A CN202111619434 A CN 202111619434A CN 114285943 A CN114285943 A CN 114285943A
- Authority
- CN
- China
- Prior art keywords
- call
- type
- calling
- fraud
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 49
- 230000002265 prevention Effects 0.000 title claims abstract description 15
- 238000004590 computer program Methods 0.000 title claims abstract description 12
- 238000001514 detection method Methods 0.000 claims abstract description 87
- 238000012549 training Methods 0.000 claims description 16
- 230000003287 optical effect Effects 0.000 claims description 8
- 230000000694 effects Effects 0.000 claims description 3
- 230000003203 everyday effect Effects 0.000 claims description 3
- 238000007689 inspection Methods 0.000 claims description 3
- 238000012544 monitoring process Methods 0.000 description 10
- 238000010586 diagram Methods 0.000 description 9
- 238000012545 processing Methods 0.000 description 5
- 238000004458 analytical method Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 3
- 238000007781 pre-processing Methods 0.000 description 3
- 239000013307 optical fiber Substances 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 238000012546 transfer Methods 0.000 description 2
- 238000012795 verification Methods 0.000 description 2
- 238000003491 array Methods 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000007405 data analysis Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 230000011664 signaling Effects 0.000 description 1
- 238000007619 statistical method Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Images
Landscapes
- Telephonic Communication Services (AREA)
- Telephone Function (AREA)
Abstract
The embodiment of the invention discloses a method, a device, equipment and a computer program product for preventing and controlling telephone fraud, wherein the method comprises the following steps: acquiring the call characteristics of a calling party according to the current historical call ticket information of the calling party; determining a detection model matched with the call characteristics of the calling user; inputting the call characteristics into the matched detection model to obtain the type of the calling subscriber; and when the type of the calling user is determined to be the appointed fraud type, stopping the call of the called user number called by the current calling user. And inputting the conversation characteristics of the current calling user into the matched detection model to acquire the type of the current calling user, and stopping the conversation of the called number called by the calling user in time when the type of the current calling user is determined to be the appointed fraud type so as to realize the timely online prevention and control of the fraud telephone.
Description
Technical Field
The embodiment of the invention relates to the technical field of data processing, in particular to a method, a device, equipment and a computer program product for preventing and controlling telephone fraud.
Background
Telephone fraud is an organized high-tech crime, criminals compile false information through telephones, set cheating bureaus, carry out remote and non-contact fraud on victims, and induce the victims to bank transfer money to the criminals so as to cheat money. In recent years, telephone fraud crimes show a high momentum in the whole country, seriously infringe the vital interests of people and bring great hidden dangers to national security and social stability.
However, at present, the anti-fraud monitoring of the telephone through voice analysis mostly adopts a voice recognition mode, namely, fraud-related voice recognition needs to be performed by utilizing telephone recording information after the telephone is hung up, but the prevention and control mode for the telephone fraud has hysteresis at present, only after-analysis processing can be performed, and fraud-related monitoring and prevention and control cannot be performed in time.
Disclosure of Invention
The embodiment of the invention provides a method, a device, equipment and a computer program product for preventing and controlling telephone fraud, so as to realize effective prevention and control of telephone fraud.
In a first aspect, an embodiment of the present invention provides a method for preventing and controlling telephone fraud, including: acquiring the call characteristics of a calling party according to the historical ticket information of the current calling party;
determining a detection model matched with the call characteristics of the calling user;
inputting the call characteristics into the matched detection model to acquire the type of the calling user;
and when the type of the calling user is determined to be the appointed fraud type, stopping the call of the called user number called by the current calling user.
In a second aspect, an embodiment of the present invention provides a telephone fraud prevention and control apparatus, including: the calling user calling feature acquisition module is used for acquiring the calling feature of the calling user according to the current historical ticket information of the calling user;
the detection model determining module is used for determining a detection model matched with the call characteristics of the calling subscriber;
the type acquisition module of the calling party is used for inputting the call characteristics into the matched detection model to acquire the type of the calling party;
and the call stopping module is used for stopping the call of the called user number called by the current calling user when the type of the calling user is determined to be the appointed fraud type.
In a third aspect, an embodiment of the present invention provides an electronic device, where the electronic device includes:
one or more processors;
a storage device for storing one or more programs,
when executed by one or more processors, cause the one or more processors to implement the method as described above.
In a fourth aspect, embodiments of the present invention provide a computer readable product, which includes a computer program, and when executed by a processor, implements the method as described above.
According to the technical scheme of the embodiment of the invention, the conversation characteristics of the current calling user are input into the matched detection model to obtain the type of the current calling user, and when the type is determined to be the appointed fraud type, the conversation of the called number called by the calling user is stopped in time, so that the online prevention and control of the fraud telephone are realized in time.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings needed to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present invention and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained according to the drawings without inventive efforts.
FIG. 1A is a flow chart of a method for preventing and controlling phone fraud according to an embodiment of the present invention;
FIG. 1B is a schematic diagram illustrating an application architecture of a method for preventing and controlling phone fraud according to an embodiment of the present invention;
FIG. 1C is a schematic diagram of an application scenario of the method for preventing and controlling telephone fraud according to the third embodiment of the present invention;
FIG. 2 is a flowchart of the method for preventing and controlling telephone fraud according to the second embodiment of the present invention;
FIG. 3 is a schematic structural diagram of a telephone fraud prevention and control device provided in the third embodiment of the present invention;
fig. 4 is a schematic structural diagram of an electronic device according to a fourth embodiment of the present invention.
Detailed Description
The present invention will be described in further detail with reference to the accompanying drawings and examples. It is to be understood that the specific embodiments described herein are merely illustrative of the invention and are not limiting of the invention.
It should be further noted that, for the convenience of description, only some but not all of the relevant aspects of the present invention are shown in the drawings. Before discussing exemplary embodiments in more detail, it should be noted that some exemplary embodiments are described as processes or methods depicted as flowcharts. Although a flowchart may describe the operations (or steps) as a sequential process, many of the operations can be performed in parallel, concurrently or simultaneously. In addition, the order of the operations may be re-arranged. The process may be terminated when its operations are completed, but may have additional steps not included in the figure. The processes may correspond to methods, software implementations, hardware implementations, and so on. According to the technical scheme, the data acquisition, storage, use, processing and the like meet relevant regulations of national laws and regulations.
Example one
Fig. 1A is a flowchart of a method for preventing and controlling phone fraud according to an embodiment of the present invention, which is applicable to online real-time monitoring and controlling of phone fraud, and which can be executed by a device for preventing and controlling phone fraud according to an embodiment of the present invention, and the device can be implemented in software and/or hardware. As shown in fig. 1A, the method specifically includes the following operations:
step S101, obtaining the call characteristics of the calling subscriber according to the history ticket information of the current calling subscriber.
Optionally, before obtaining the call feature of the calling party according to the history ticket information of the current calling party, the method further includes: acquiring the telephone number of a current calling user; and inquiring from the call ticket database according to the telephone number of the current calling party to acquire the historical call ticket information of the current calling party.
Specifically, as shown in fig. 1B, the application architecture diagram of the present embodiment mainly includes a data source layer, a data access layer for big data, a bad number modeling layer, and a bad number application layer, as shown in fig. 1C, the application scenario diagram of the present embodiment supports interfacing with a phone bill data of an operator in a File Transfer Protocol (FTP) manner, after the data is received, a Remote Dictionary service (Remote Dictionary Server, Redis) interface Server sends the phone bill data to a preprocessing Server and a model engine Server for preprocessing and analysis, and an analysis result is displayed through a Web Server; the anti-fraud monitoring and identifying system consists of an interface server, a preprocessing server, a Web server and a model engine server, and realizes the main functions of fraud telephone statistical analysis, statistical report output and the like through a big data analysis technology.
The method comprises the steps of obtaining the telephone number of a current calling party through equipment in an anti-fraud monitoring and identifying system, and inquiring from a call bill database according to the telephone number of the current calling party to obtain historical call bill information of the current calling party. The data in the call ticket database mainly comes from signaling area data received by an O-domain call ticket interface machine and enterprise-level big data received by a B-domain call ticket interface machine. And after the history ticket information of the calling party is obtained, feature extraction is carried out according to the history ticket information, and the call feature of the calling party is obtained, wherein the call feature in the embodiment specifically comprises the following steps: the number of calling party, the number of calling numbers per day, the average call duration per time, the roaming state, the number of associated base stations, the international long distance ratio, the number of contacts commonly used in historical calls, the account opening time, the home location of the called party, and the like.
And step S102, determining a detection model matched with the call characteristics of the calling subscriber.
Specifically, in this embodiment, after the call feature of the calling user is obtained, a detection model matched with the call feature may be determined, and the type of the detection model in this embodiment specifically includes: a counterfeit phishing phone detection model, a counterfeit public inspection fraud phone detection model, a counterfeit online shopping fraud phone detection model, a counterfeit winning fraud phone detection model, a silent card fraud phone detection model or an internet friend fraud phone detection model. Of course, this embodiment is merely an example, and the specific type of the detection model is not limited.
In the present embodiment, each type of detection model is obtained by training in advance according to a sample, and each detection model corresponds to a different call characteristic, for example, for a fraudulent call detection model, the corresponding call characteristics are: the calling party has a high calling party ratio, typically 80 &; the number of calling numbers per day is usually within 160; the average call time of each time is between 20 and 100 seconds; the roaming call state is kept most of the time; the number of the associated base stations is small, and the base stations do not move frequently; the method has the advantages that international long distance conversation is basically avoided, and the international long distance ratio is close to 0; the number of the contacts commonly used for the historical calls is close to 0. For the counterfeit winning prize fraud phone detection model, the corresponding call characteristics are as follows: the number of the calling numbers is more than 3 every day; the average call duration of each time is between 15 and 240 seconds; short numbers are not drunk to make a call within 8 days, and international long-distance call is basically avoided; calling conversation is mainly carried out with a mobile phone user within 8 days; the number of the contacts commonly used for the historical calls is close to 0; the calling party is not frequently called, and mainly calls out the calling party; the package is low in grade and high in activity. Of course, in the present embodiment, the phishing fraud phone detection model and the phishing winning fraud phone detection model are only described as examples, and detailed description of other types of detection models is omitted.
And step S103, inputting the call characteristics into the matched detection model, and acquiring the type of the calling subscriber.
Specifically, after the call feature of the current calling user and the detection model matched with the call feature are obtained, the obtained call feature may be input into the matched detection model, and the detection model may detect the type of the current calling user after the call feature of the current calling user is obtained, and obtain the type of the current calling user, for example, when it is determined that the call feature matches with the phishing detection model, a detection result is obtained through detection by the phishing detection model, where the detection result may include: the type of the calling subscriber is a fraudulent phone or a normal phone.
It should be noted that different detection results are output for different detection models, so the types of the calling subscriber may specifically include: it should be noted that the embodiment is merely an example, and the specific content of the detection result is not limited.
And step S104, when the type of the calling user is determined to be the appointed fraud type, stopping the call of the called user number called by the current calling user.
Optionally, when it is determined that the type of the calling subscriber is the designated fraud type, the method of shutting down the call of the called subscriber number called by the current calling subscriber includes: when the type of the calling user is determined to be the designated fraud type, automatically shutting down the conversation of the called user number called by the current calling user, or when the type of the calling user is determined to be the designated fraud type, sending the designated fraud type to a call supervision platform and displaying the fraud type on the call supervision platform; and receiving a shutdown instruction sent by the call supervision platform, and shutting down the call of the called user number called by the current calling user according to the shutdown instruction.
Specifically, in the embodiment, when the type of the calling user is determined to be the designated fraud type, the server cannot interfere with the call of the calling user because the calling user may be a foreign user, but the called user of the present application is a domestic user, so that the called user of the current calling user can be obtained, and the call of the called user is terminated, thereby preventing and controlling the telephone fraud online in real time and avoiding the called user from suffering greater loss.
It should be noted that, in this embodiment, an automatic shutdown may be adopted, or a manual shutdown may be adopted, for example, for the anti-fraud monitoring and identifying system shown in fig. 1C, when it is determined that the current user type is a fraudulent imitation fraudster phone, if an automatic shutdown setting is performed on a user of a specified type in advance, since the short message system + shutdown interface is associated and bound with the operator platform, the anti-fraud monitoring and identifying system interrupts the call of the called user through the IP bearer network and the shutdown port. If the user of the specified type is not automatically shut down in advance, when the type of the current user is determined to be a phishing phone of a counterfeiter, the detection result is sent to a monitoring server corresponding to the fraud internet identifier, the public security and the provincial administration bureau and is displayed on the monitoring server, a manager can check the detection result, and when the fraud risk time is determined, a shut-down instruction is sent to a shut-down port through the monitoring server so that the call of the called user is terminated manually. Of course, the embodiment is only an example, and the specific shutdown mode of the called user is not described in detail, and as long as the effective prevention and control of the fraud telephone can be realized, the protection range of the application is all within the protection range of the application, and the detailed description is not repeated in the embodiment of the application.
According to the technical scheme of the embodiment of the invention, the conversation characteristics of the current calling user are input into the matched detection model to obtain the type of the current calling user, and when the type is determined to be the appointed fraud type, the conversation of the called number called by the calling user is stopped in time, so that the online prevention and control of the fraud telephone are realized in time.
Example two
Fig. 2 is a flowchart of a fraud prevention and control method provided in the embodiment of the present invention, and based on the above embodiment, before obtaining the call feature of the calling party according to the history ticket information of the current calling party, the embodiment further includes: obtaining sample call ticket data, training according to the sample call ticket data to obtain different types of detection models, wherein the method specifically comprises the following steps:
step S201, obtaining sample call ticket data, and training according to the sample call ticket data to obtain different types of detection models.
Optionally, before obtaining the call feature of the calling party according to the history ticket information of the current calling party, the method further includes: obtaining sample call ticket data; and training according to the sample call ticket data to obtain different types of detection models.
Optionally, training according to the sample ticket data to obtain different types of detection models includes: training by adopting a specified algorithm according to the sample call ticket data to obtain different types of detection models, wherein the specified algorithm comprises an eXtreme Gradient Boosting (Xgboost) algorithm or a Light Gradient Boosting Machine (LightGBM) algorithm.
Specifically, as shown in fig. 1B, before the current calling party is detected, sample call ticket data may be obtained through a data access layer of big data, and different types of detection models are obtained through a bad number modeling layer according to the sample call ticket data by training, where an algorithm used for training includes an Xgboost algorithm or a LightGBM algorithm.
Step S202, the call characteristics of the calling party are obtained according to the history ticket information of the current calling party.
Optionally, before obtaining the call feature of the calling party according to the history ticket information of the current calling party, the method further includes: acquiring the telephone number of a current calling user; and inquiring from the call ticket database according to the telephone number of the current calling party to acquire the historical call ticket information of the current calling party.
Step S203, determining a detection model matched with the call feature of the calling party.
And step S204, inputting the call characteristics into the matched detection model, and acquiring the type of the calling user.
Step S205, when the type of the calling user is determined to be the designated fraud type, the call of the called user number called by the current calling user is stopped.
Optionally, when it is determined that the type of the calling subscriber is the designated fraud type, the method of shutting down the call of the called subscriber number called by the current calling subscriber includes: when the type of the calling user is determined to be the designated fraud type, automatically shutting down the conversation of the called user number called by the current calling user, or when the type of the calling user is determined to be the designated fraud type, sending the designated fraud type to a call supervision platform and displaying the fraud type on the call supervision platform; and receiving a shutdown instruction sent by the call supervision platform, and shutting down the call of the called user number called by the current calling user according to the shutdown instruction.
It should be noted that, in this embodiment, when it is determined that the type of the current calling user is the designated fraud type, if it is determined that the current user calls for the first time, the current ticket data of the current user is used to correct the detection model obtained through training in a crawler verification manner. Of course, this embodiment is merely an example, and the specific verification method employed in this embodiment is not limited.
According to the technical scheme of the embodiment of the invention, the conversation characteristics of the current calling user are input into the matched detection model to obtain the type of the current calling user, and when the type is determined to be the appointed fraud type, the conversation of the called number called by the calling user is stopped in time, so that the online prevention and control of the fraud telephone are realized in time. And before detection, training is carried out through sample data by adopting a specified algorithm to obtain a detection model so as to ensure the accuracy of the detection model.
EXAMPLE III
FIG. 3 is a schematic structural diagram of a telephone fraud prevention and control apparatus provided in an embodiment of the present invention, the apparatus including: a calling user's call feature acquisition module 310, a detection model determination module 320, a calling user's type acquisition module 330, and a call shutdown module 340.
The calling feature obtaining module 310 is configured to obtain a calling feature of a calling subscriber according to history ticket information of the current calling subscriber;
a detection model determining module 320, configured to determine a detection model matched with the call feature of the calling user;
a calling subscriber type obtaining module 330, configured to input the call characteristics into the matched detection model, and obtain a type of the calling subscriber;
the call shutdown module 340 is configured to, when it is determined that the type of the calling user is the designated fraud type, shut down a call of a called user number called by the current calling user.
Optionally, the apparatus further includes a history ticket information obtaining module, configured to obtain a telephone number of the current calling party;
and inquiring from the call ticket database according to the telephone number of the current calling party to acquire the historical call ticket information of the current calling party.
Optionally, the call feature includes: calling party duty ratio, number of calling parties every day, average call duration each time, roaming state, number of associated base stations, international long distance duty ratio, number of historical call common contacts, account opening time, activity and called home.
Optionally, the call shutdown module is configured to, when it is determined that the type of the calling user is the designated fraud type, automatically shut down the call of the called user number called by the current calling user, or,
when the type of the calling user is determined to be the designated fraud type, the designated fraud type is sent to the call supervision platform and displayed on the call supervision platform;
and receiving a shutdown instruction sent by the call supervision platform, and shutting down the call of the called user number called by the current calling user according to the shutdown instruction.
Optionally, the device further comprises a detection model training module, configured to obtain sample ticket data;
and training according to the sample call ticket data to obtain different types of detection models.
Optionally, the types of detection models include: a counterfeit phishing phone detection model, a counterfeit public inspection fraud phone detection model, a counterfeit online shopping fraud phone detection model, a counterfeit winning fraud phone detection model, a silent card fraud phone detection model or an internet friend fraud phone detection model.
Optionally, the detection model training module is further configured to train according to the sample ticket data by using a specified algorithm to obtain different types of detection models, where the specified algorithm includes an extreme gradient boost Xgboost algorithm or an optical gradient booster LightGBM algorithm.
The device can execute the method for preventing and controlling the fraud telephone provided by any embodiment of the invention, and has corresponding functional modules and beneficial effects of the execution method. For technical details not described in detail in this embodiment, reference may be made to the method provided in any embodiment of the present invention.
Example four
Fig. 4 is a schematic structural diagram of an electronic device according to an embodiment of the present invention. FIG. 4 illustrates a block diagram of an exemplary electronic device 412 suitable for use in implementing embodiments of the present invention. The electronic device 412 shown in fig. 4 is only an example and should not bring any limitations to the functionality and scope of use of the embodiments of the present invention.
As shown in fig. 4, the electronic device 412 is in the form of a general purpose computing device. The components of the electronic device 412 may include, but are not limited to: one or more processors 416, a memory 428, and a bus 418 that couples the various system components (including the memory 428 and the processors 416).
The memory 428 is used to store instructions. Memory 428 can include computer system readable media in the form of volatile memory, such as Random Access Memory (RAM)430 and/or cache memory 432. The electronic device 412 may further include other removable/non-removable, volatile/nonvolatile computer system storage media. By way of example only, storage system 434 may be used to read from and write to non-removable, nonvolatile magnetic media (not shown in FIG. 4, commonly referred to as a "hard drive"). Although not shown in FIG. 4, a magnetic disk drive for reading from and writing to a removable, nonvolatile magnetic disk (e.g., a "floppy disk") and an optical disk drive for reading from or writing to a removable, nonvolatile optical disk (e.g., a CD-ROM, DVD-ROM, or other optical media) may be provided. In these cases, each drive may be connected to bus 418 by one or more data media interfaces. Memory 428 can include at least one program product having a set (e.g., at least one) of program modules that are configured to carry out the functions of embodiments of the invention.
A program/utility 440 having a set (at least one) of program modules 442 may be stored, for instance, in memory 428, such program modules 442 including, but not limited to, an operating system, one or more application programs, other program modules, and program data, each of which examples or some combination thereof may comprise an implementation of a network environment. The program modules 442 generally perform the functions and/or methodologies of the described embodiments of the invention.
The electronic device 412 may also communicate with one or more external devices 414 (e.g., keyboard, pointing device, display 424, etc.), with one or more devices that enable a user to interact with the electronic device 412, and/or with any devices (e.g., network card, modem, etc.) that enable the electronic device 412 to communicate with one or more other computing devices. Such communication may occur via input/output (I/O) interfaces 422. Also, the electronic device 412 may communicate with one or more networks (e.g., a Local Area Network (LAN), a Wide Area Network (WAN), and/or a public network, such as the internet) through the network adapter 420. As shown, network adapter 420 communicates with the other modules of electronic device 412 over bus 418. It should be appreciated that although not shown in FIG. 4, other hardware and/or software modules may be used in conjunction with the electronic device 412, including but not limited to: microcode, device drivers, redundant processing units, external disk drive arrays, RAID systems, tape drives, and data backup storage systems, among others.
The processor 416 executes various functional applications and data processing by executing instructions stored in the memory 428, for example, implementing the method for preventing fraudulent calls provided by the embodiment of the present invention: acquiring the call characteristics of a calling party according to the current historical call ticket information of the calling party; determining a detection model matched with the call characteristics of the calling user; inputting the call characteristics into the matched detection model to obtain the type of the calling subscriber; and when the type of the calling user is determined to be the appointed fraud type, stopping the call of the called user number called by the current calling user.
EXAMPLE five
Embodiments of the present invention provide a computer program product, including a computer program, which when executed by a processor, implements the method for preventing and controlling fraud calls, as provided in all inventive embodiments of the present application: acquiring the call characteristics of a calling party according to the current historical call ticket information of the calling party; determining a detection model matched with the call characteristics of the calling user; inputting the call characteristics into the matched detection model to obtain the type of the calling subscriber; and when the type of the calling user is determined to be the appointed fraud type, stopping the call of the called user number called by the current calling user.
Any combination of one or more computer-readable media may be employed. The computer readable medium may be a computer readable signal medium or a computer readable storage medium. A computer readable storage medium may be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or any combination of the foregoing. More specific examples (a non-exhaustive list) of the computer readable storage medium would include the following: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device.
A computer readable signal medium may include a propagated data signal with computer readable program code embodied therein, for example, in baseband or as part of a carrier wave. Such a propagated data signal may take many forms, including, but not limited to, electro-magnetic, optical, or any suitable combination thereof. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device.
Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.
Computer program code for carrying out operations for aspects of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, Smalltalk, C + +, or the like, as well as conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computer, partly on the user's computer, as a stand-alone software package, partly on the user's computer and partly on a remote computer or entirely on the remote computer or server. In the case of a remote computer, the remote computer may be connected to the user's computer through any type of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or the connection may be made to an external computer (for example, through the Internet using an Internet service provider).
It is to be noted that the foregoing is only illustrative of the preferred embodiments of the present invention and the technical principles employed. It will be understood by those skilled in the art that the present invention is not limited to the particular embodiments described herein, but is capable of various obvious changes, rearrangements and substitutions as will now become apparent to those skilled in the art without departing from the scope of the invention. Therefore, although the present invention has been described in greater detail by the above embodiments, the present invention is not limited to the above embodiments, and may include other equivalent embodiments without departing from the spirit of the present invention, and the scope of the present invention is determined by the scope of the appended claims.
Claims (10)
1. A method for preventing and controlling telephone fraud, the method comprising:
acquiring the call characteristics of a calling party according to the historical ticket information of the current calling party;
determining a detection model matched with the call characteristics of the calling user;
inputting the call characteristics into the matched detection model to acquire the type of the calling user;
and when the type of the calling user is determined to be the appointed fraud type, stopping the call of the called user number called by the current calling user.
2. The method of claim 1, wherein before obtaining the call feature of the calling subscriber according to the history ticket information of the current calling subscriber, the method further comprises:
acquiring the telephone number of a current calling user;
and inquiring from a call ticket database according to the telephone number of the current calling party to acquire the historical call ticket information of the current calling party.
3. The method of claim 1, wherein the call feature comprises: calling party duty ratio, number of calling parties every day, average call duration each time, roaming state, number of associated base stations, international long distance duty ratio, number of historical call common contacts, account opening time, activity and called home.
4. The method as claimed in claim 1, wherein said terminating the call of the called user number called by the current calling user upon determining that the type of the calling user is a designated fraud type comprises:
when the type of the calling user is determined to be the appointed fraud type, automatically shutting down the call of the called user number called by the current calling user, or,
when the type of the calling user is determined to be a designated fraud type, sending the designated fraud type to a call supervision platform, and displaying on the call supervision platform;
and receiving a shutdown instruction sent by a call supervision platform, and shutting down the call of the called user number called by the current calling user according to the shutdown instruction.
5. The method of claim 3, wherein before obtaining the call feature of the calling subscriber according to the history ticket information of the current calling subscriber, the method further comprises:
obtaining sample call ticket data;
and training according to the sample call ticket data to obtain different types of detection models.
6. The method of claim 5, wherein detecting the type of model comprises: a counterfeit phishing phone detection model, a counterfeit public inspection fraud phone detection model, a counterfeit online shopping fraud phone detection model, a counterfeit winning fraud phone detection model, a silent card fraud phone detection model or an internet friend fraud phone detection model.
7. The method of claim 5, wherein the training according to the sample ticket data to obtain different types of detection models comprises:
and training by adopting a specified algorithm according to the sample call ticket data to obtain different types of detection models, wherein the specified algorithm comprises an extreme gradient boost Xgboost algorithm or an optical gradient booster LightGBM algorithm.
8. A telephone fraud prevention and control apparatus, comprising:
the calling user calling feature acquisition module is used for acquiring the calling feature of the calling user according to the current historical ticket information of the calling user;
the detection model determining module is used for determining a detection model matched with the call characteristics of the calling subscriber;
the type acquisition module of the calling party is used for inputting the call characteristics into the matched detection model to acquire the type of the calling party;
and the call stopping module is used for stopping the call of the called user number called by the current calling user when the type of the calling user is determined to be the appointed fraud type.
9. An electronic device, characterized in that the electronic device comprises:
one or more processors;
a storage device for storing one or more programs,
when executed by the one or more processors, cause the one or more processors to implement the method of any one of claims 1-7.
10. A computer program product comprising a computer program, characterized in that the computer program realizes the method according to any of claims 1-7 when executed by a processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111619434.6A CN114285943A (en) | 2021-12-27 | 2021-12-27 | Prevention and control method, device, equipment and computer program product for telephone fraud |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202111619434.6A CN114285943A (en) | 2021-12-27 | 2021-12-27 | Prevention and control method, device, equipment and computer program product for telephone fraud |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN114285943A true CN114285943A (en) | 2022-04-05 |
Family
ID=80876657
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202111619434.6A Pending CN114285943A (en) | 2021-12-27 | 2021-12-27 | Prevention and control method, device, equipment and computer program product for telephone fraud |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114285943A (en) |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106791220A (en) * | 2016-11-04 | 2017-05-31 | 国家计算机网络与信息安全管理中心 | Prevent the method and system of telephone fraud |
| CN109600752A (en) * | 2018-11-28 | 2019-04-09 | 国家计算机网络与信息安全管理中心 | A kind of method and apparatus of depth cluster swindle detection |
| CN109698884A (en) * | 2017-10-24 | 2019-04-30 | 中国电信股份有限公司 | Fraudulent call recognition methods and system |
| CN110581924A (en) * | 2018-06-07 | 2019-12-17 | 中国电信股份有限公司 | Method and system for prompting risk of fraud |
-
2021
- 2021-12-27 CN CN202111619434.6A patent/CN114285943A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN106791220A (en) * | 2016-11-04 | 2017-05-31 | 国家计算机网络与信息安全管理中心 | Prevent the method and system of telephone fraud |
| CN109698884A (en) * | 2017-10-24 | 2019-04-30 | 中国电信股份有限公司 | Fraudulent call recognition methods and system |
| CN110581924A (en) * | 2018-06-07 | 2019-12-17 | 中国电信股份有限公司 | Method and system for prompting risk of fraud |
| CN109600752A (en) * | 2018-11-28 | 2019-04-09 | 国家计算机网络与信息安全管理中心 | A kind of method and apparatus of depth cluster swindle detection |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109544324B (en) | Credit anti-fraud method, system, device and computer-readable storage medium | |
| US20060218407A1 (en) | Method of confirming the identity of a person | |
| US8116731B2 (en) | System and method for mobile identity protection of a user of multiple computer applications, networks or devices | |
| US20150178736A1 (en) | Method and system for generating a fraud risk score using telephony channel based audio and non-audio data | |
| CN107819747B (en) | Telecommunication fraud association analysis system and method based on communication event sequence | |
| CN107767137A (en) | A kind of information processing method, device and terminal | |
| CN113596844A (en) | Early warning method, device, medium and electronic equipment based on data information | |
| CN109993044B (en) | Telecommunications fraud identification system, method, apparatus, electronic device, and storage medium | |
| CN108259680B (en) | Fraud call identification method and device and server for identifying fraud calls | |
| CN108134998A (en) | Information fraud method for early warning and system based on mobile big data | |
| CN111611612B (en) | Block chain-based integrating system, device, storage medium and operation method thereof | |
| CN109145590A (en) | A kind of function hook detection method, detection device and computer-readable medium | |
| CN112907243B (en) | Block chain transaction auditing method and device | |
| CN109087194A (en) | Invoice checking method, device, computer equipment and storage medium | |
| CN104183238A (en) | Old people voiceprint recognition method based on questioning and answering | |
| CN109688273A (en) | A kind of based reminding method, device, terminal and storage medium | |
| CN110365634B (en) | Abnormal data monitoring method, device, medium and electronic equipment | |
| CN111310612A (en) | Behavior supervision method and device | |
| CN110351415A (en) | Determination method, apparatus, equipment and the storage medium of harassing call number | |
| CN114285943A (en) | Prevention and control method, device, equipment and computer program product for telephone fraud | |
| CN112511696A (en) | System and method for identifying bad content of call center AI engine | |
| US20210058515A1 (en) | Systems and methods for enhancing automated customer service for a caller | |
| CN104754583A (en) | Electronic device having cheat-proof caller identification function and method therefor | |
| CN111601000B (en) | Communication network fraud identification method and device and electronic equipment | |
| CN114971017A (en) | Bank transaction data processing method and device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination |