WO2023085491A1 - Method and apparatus for determining malicious spam call based on artificial intelligence - Google Patents

Method and apparatus for determining malicious spam call based on artificial intelligence Download PDF

Info

Publication number
WO2023085491A1
WO2023085491A1 PCT/KR2021/017478 KR2021017478W WO2023085491A1 WO 2023085491 A1 WO2023085491 A1 WO 2023085491A1 KR 2021017478 W KR2021017478 W KR 2021017478W WO 2023085491 A1 WO2023085491 A1 WO 2023085491A1
Authority
WO
WIPO (PCT)
Prior art keywords
spam
call
malicious
artificial intelligence
learning
Prior art date
Application number
PCT/KR2021/017478
Other languages
French (fr)
Korean (ko)
Inventor
강필상
김지훈
Original Assignee
강필상
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 강필상 filed Critical 강필상
Publication of WO2023085491A1 publication Critical patent/WO2023085491A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/04Architecture, e.g. interconnection topology
    • G06N3/045Combinations of networks
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N3/00Computing arrangements based on biological models
    • G06N3/02Neural networks
    • G06N3/08Learning methods
    • G06Q50/40
    • G06Q50/50
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04MTELEPHONIC COMMUNICATION
    • H04M3/00Automatic or semi-automatic exchanges
    • H04M3/42Systems providing special services or facilities to subscribers
    • H04M3/436Arrangements for screening incoming calls, i.e. evaluating the characteristics of a call before deciding whether to answer it

Definitions

  • the present invention relates to a method and device for identifying malicious spam calls, and more particularly, to a method and device for identifying malicious spam calls based on artificial intelligence for determining spam through learning of a spam discrimination model.
  • Spam that is, a method of sending product information through text messages or phone calls targeting mobile phones, is widely used as a means of advertising because it is cost-effective.
  • Korea Patent Publication No. 10-2009-91443 discloses a device and method for preventing spam calls, a list method of comparing in a database and the results thereof to the user.
  • the main feature is a control unit that connects or blocks to
  • Korea Patent Publication No. 10-2016-22154 discloses a spam suspected phone guidance device and a spam suspected phone guidance method based on call volume analysis. The index is evaluated, and the unit is analyzed by the number of outgoing calls and outgoing messages during a day, week, or month.
  • the prior art is made in a way to block numbers not included here by providing a white list, and once set in the spam list, it is permanently set in the black list, and normal phone numbers are misidentified and processed as spam.
  • real-time data analysis was not performed, resulting in inaccurate spam judgment and processing.
  • spam discrimination is made by real-time data analysis, and an artificial intelligence-based malicious spam phone discrimination method that can increase spam discrimination accuracy through artificial intelligence-based learning on the number of abnormal outgoing calls and call duration is proposed. research became necessary.
  • An object of the present invention is an artificial intelligence-based malicious spam call identification method and an artificial intelligence-based malicious spam call detection method that can increase spam identification accuracy through artificial intelligence-based learning on the number of abnormal outgoing calls and call duration by real-time data analysis. It is to provide a spam call discrimination device.
  • a method for identifying malicious spam calls based on artificial intelligence includes the steps of collecting, by a collecting unit, a caller's number and a recipient's number for determining spam; Step, by the telephone control unit, checking whether the user has received a call received from the user through the user terminal; setting the duration time to 0 when the call is not received by the telephone control unit and collecting the duration time through the collecting unit by setting the duration time to call time when the call is received;
  • the learning unit performs learning using the collected caller ID, recipient ID, and duration as feature values;
  • the spam determination unit includes a step of determining whether spam is present based on the threshold value calculated by the learning.
  • the telephone control unit may further include collecting the calling party number and the called party number by requesting the collecting unit when the number is not a registered spam number.
  • the spam discrimination model is characterized in that spam or not is determined based on the learning result of the learning unit and an outlier (threshold), but learning can be performed using CNN (Convolutional Neural Networks) for normal data.
  • CNN Convolutional Neural Networks
  • the spam discrimination model is characterized by using a discriminator of a generative adversarial network (GAN) algorithm when discriminating whether spam is present using a threshold value obtained through CNN.
  • GAN generative adversarial network
  • the discriminator is characterized in that it discriminates real data (normal data) and fake data generated by the generator (abnormal data as training data for discriminating spam).
  • the spam discrimination model is divided into a malicious index evaluation model that can determine spam based on call time and a malicious situation evaluation model that detects outliers by identifying call volume characteristics for duration and gives a warning to the recipient, and learns and discriminates them. It is characterized in that this is made.
  • the malicious situation evaluation model is a model for detecting the call volume characteristics of calls determined to be malicious when a call determined by the malicious index evaluation model cannot be blocked or received, and gives a warning to the recipient after detecting a threshold value. It is characterized in that it is used as a supplement to the evaluation model.
  • the learning DB of the malicious index evaluation model can be an open source-based non-relational database for storing and managing unstructured data with a key-value structure, and by using key-value, TTL when key is input
  • key-value TTL
  • the method for identifying malicious spam calls based on artificial intelligence may be performed by a computer program stored in a computer-readable recording medium.
  • An artificial intelligence-based malicious spam call detection device performing the artificial intelligence-based malicious spam call detection method, wherein the artificial intelligence-based malicious spam call detection device includes a memory for storing one or more instructions; and a processor executing the one or more instructions stored in the memory, wherein the processor executes the one or more instructions to perform the artificial intelligence-based malicious spam call identification method.
  • the artificial intelligence-based malicious spam call discrimination device may control a call received from a user terminal, and may include: a phone control unit that automatically determines whether to receive or reject a call according to a result of spam discrimination; a collection unit that collects data on the recipient's number, caller's number, and duration (call time) to be used as learning data; A learning unit that performs learning of a spam discrimination model based on the collected data; Spam discrimination unit for determining whether or not the incoming call is spam based on the threshold value obtained as a result of learning; Spam notification unit for sending a warning notification for the corresponding spam phone number to the user terminal, which is the receiver, when the result of the determination of the spam determination unit is spam; It includes a database for storing data necessary for learning the spam discrimination model.
  • the method for identifying malicious spam calls based on artificial intelligence of the present invention has the advantage of being able to determine whether or not spam is present through an artificial intelligence-based spam discrimination model by utilizing real-time data instead of conventional daily, weekly, and monthly data to quickly and accurately determine whether or not there is malicious spam.
  • each data (number) can be spam managed periodically by the TTL value in real time without the need to determine spam for all (all) data at a certain period.
  • FIG. 1 is a flowchart of a method for identifying malicious spam calls based on artificial intelligence according to an embodiment of the present invention.
  • FIG. 2 is a block diagram showing the configuration of an apparatus for identifying malicious spam calls based on artificial intelligence according to an embodiment of the present invention.
  • FIG. 3 is a diagram showing an example of spam discrimination by comparing normal/abnormal number of calls based on a spam discrimination model.
  • FIG. 1 is a flowchart of a method for identifying malicious spam calls based on artificial intelligence according to an embodiment of the present invention.
  • the phone control unit 110 checks the incoming call when receiving a call to determine whether or not a registered spam number is pre-stored in the database 170 (S100 and S102).
  • the phone control unit 110 automatically determines it as a malicious spam/voice phishing number, blocks it, and then notifies the user (S104).
  • the collection unit 120 collects the caller's number and the recipient's number (S106).
  • the phone control unit 110 checks whether the user has received a call from the user through the user terminal (S108).
  • the phone control unit 110 sets the duration to 0 when a call is not received, and sets the duration to a call time when a call is received and collects the call through the collection unit 120 (S110 and S112).
  • the duration is a time interval from the time when the call is received to the time when the call is disconnected, that is, the time when the call is terminated.
  • the unit 140 continuously determines whether or not spam is spam based on a threshold value (S114).
  • the discrimination result of the spam discrimination model is out of the threshold value, it is determined as spam and a notification about malicious spam can be sent to the user by the spam notification unit 150 before receiving a call, during a call, or after a call is ended (S116). , S118).
  • the spam discrimination model continuously updates and stores the discrimination result in the database 170 and uses it as learning data during learning, thereby improving the discrimination accuracy of the model through periodic learning.
  • the spam discrimination model can determine whether or not it is spam based on the outlier (threshold value) based on the learning result.
  • Learning can be performed using neural network algorithms such as CNN (Convolutional Neural Networks). That is, a process of extracting feature values through CNN may be performed.
  • CNN Convolutional Neural Networks
  • the activation function of the last output layer of the fully connected layer must be set to the default option, linear.
  • the normal data is given to the predict function in the model where the normal data was trained, and the outliers of each normal data are obtained, and the range of the outliers obtained from each normal data is obtained.
  • the range of outliers obtained in this process becomes a threshold value for classifying normal and abnormal.
  • GAN generative adversarial network
  • GANs generative adversarial networks
  • the generative adversarial neural network is an unsupervised learning-based generative model that adversarially trains two networks with a generator and discriminator. Input data is input to the generator to create fake images similar to real images. can be learned to
  • a noise value may be input as the input data.
  • Noise values can follow any probability distribution. For example, it may be data generated with a zero-mean Gaussian.
  • the discriminator can learn to discriminate between real data (normal data) and fake data generated by the generator (training data for discriminating spam, abnormal data).
  • the discriminator can learn to have a high probability when real data is input, and to have a low probability when fake data is input. That is, the discriminator can gradually learn to discriminate between real data and fake data.
  • the spam discrimination model may include a malicious index evaluation model and a malicious situation evaluation model in detail, and learning and discrimination can be performed by classifying into these models.
  • spam can be judged based on the number of transmissions, all sender numbers are replaced with x in the learning stage, and the number of recipients is counted regardless of the number and has the value of y.
  • the malicious index evaluation model is a model for determining the malicious index and turning it into a DB (170) and operating the blocking module, and is a model for determining the characteristics of malicious calls and text messages. It is not a specific phone number, but a model for measuring the rapid change in any phone number within a unit of time.
  • the malicious situation evaluation model can determine spam based on the call duration, all caller IDs are replaced with x in the learning step, and the call duration is converted into an integer in seconds.
  • the malicious situation evaluation model determines the threshold (outlier) by identifying the call volume characteristics of calls determined to be malicious rather than measuring the change in call volume generated from a specific number when a call judged in the malignancy index evaluation model is not blocked or received.
  • the threshold outlier
  • it can contribute to improving the accuracy of spam identification in a situation where spam identification is ambiguous by being used as an aid to the malicious index evaluation model.
  • FIG. 3 shows an example of spam discrimination by comparing the number of normal/abnormal calls based on the malicious index evaluation model, which is a spam discrimination model, and the learning and discrimination results from the malicious index evaluation model are stored in the DB 170. By using it for additional blocking and warning of the source, the load of artificial intelligence can be reduced.
  • the learning DB 170 of the malignancy index evaluation model can be an open source-based non-relational database 170 for storing and managing unstructured data of the key-value structure of Redis, and key-value
  • TTL time to live
  • each data (number) can be periodically managed by the TTL value in real time without spam discrimination for all (all) data in a certain period.
  • a malicious situation evaluation model based on learning about call time is also a model of the same concept as the malicious index evaluation model, except that the input value is different.
  • the above-described artificial intelligence-based malicious spam phone detection method may be performed by a computer program (mobile application in the case of a mobile device) installed and executed in a user terminal.
  • FIG. 2 is a block diagram showing the configuration of an apparatus 100 for identifying malicious spam calls based on artificial intelligence according to an embodiment of the present invention.
  • the AI-based malicious spam call discrimination device 100 includes a phone control unit 110, a collection unit 120, a learning unit 130, a spam determination unit 140, a spam notification unit 150, An information protection unit 160 and a database 170 may be further included.
  • the phone control unit 110 may control calls received from the user terminal, and may automatically determine whether or not to receive or reject calls according to spam determination results.
  • the collection unit 120 may collect data on a called party number, a calling party number, and duration (call duration) to be used as learning data.
  • the learning unit 130 may perform learning of a spam discrimination model based on the collected data.
  • the spam determination unit 140 may determine whether an incoming call is spam based on a threshold obtained as a result of learning.
  • Spam notification unit 150 if spam as a result of the determination of spam determination unit 140, a warning notification for the corresponding spam phone number is transmitted in the form of a message to the user terminal as a receiver, and depending on whether the user is set, the phone control unit 110 You can also block calls automatically by requesting .
  • the information protection unit 160 may perform encryption and decryption to prevent forgery and falsification of personal sensitive information such as the sender number and receiver number, which are collected personal information, from external hacking.
  • a light-weight encryption algorithm is performed by giving identification information capable of identification to a user terminal receiving a number and utilizing the identification information as a private key.
  • the lightweight encryption algorithm is an encryption technology designed to be implemented in a limited environment such as a smart device, and includes symmetric key encryption algorithms such as HIGHT (HIGh security and light weight), LEA (Lightweight Encryption) and hash function LSH (Lightweight Secure Hash).
  • HIGHT HIGHT
  • LEA Lightweight Encryption
  • LSH Lightweight Secure Hash
  • a lightweight hash function is a hash function that consumes relatively low computing power designed to ensure the integrity of transmitted or received data, except for some features that require high computing power in standard cryptographic hash algorithms such as SHA-3. (one-way function).
  • the sponge makes the original message (in this case, the original data of the random key) into a certain size (padding), and then creates it with a specific standard size known only to the generator of the key (for example, the original message divided into specific bit sizes). It is implemented to exchange random data at the rear of the divided data (divided original message) by using several update functions, and to decode using the already known standard size on the other side.
  • the database 170 may continuously update and store data necessary for learning the spam discrimination model, that is, recipient number, sender number, and duration, and may also include necessary user personal information or event information.
  • the above-described device 100 for determining malicious spam calls based on artificial intelligence may be an artificial intelligence based malicious spam call determining server on a network or a computer program (mobile application in case of mobile) installed and executed in a user terminal.
  • the apparatus 100 for identifying malicious spam calls based on artificial intelligence may include a processor and a memory.
  • the computing device may further include a network interface (or communication interface) (not shown), a storage (not shown), and a bus (not shown).
  • the processor may control the overall operation of each component of the computing device.
  • the processor may include a central processing unit (CPU), a micro processor unit (MPU), a micro controller unit (MCU), or any type of processor well known in the art.
  • the processor may perform an operation for at least one application or program for executing the artificial intelligence-based malicious spam call identification method according to an embodiment of the present invention.
  • the processor may include one or more cores (not shown) and a graphic processing unit (not shown) and/or a connection path (eg, a bus) for transmitting and receiving signals to and from other components.
  • the processor includes a RAM (Random Access Memory, not shown) and a ROM (ROM: Read-Only Memory, not shown) that temporarily and/or permanently store signals (or data) processed inside the processor. may further include. Also, the processor may be implemented in the form of a system on chip (SoC) including at least one of a graphics processing unit, RAM, and ROM.
  • SoC system on chip
  • the processor may perform the above-described method for identifying malicious spam calls based on artificial intelligence by executing one or more instructions stored in memory.
  • a 'terminal' may be a wireless communication device that guarantees portability and mobility, and may be, for example, any type of handheld-based wireless communication device such as a smart phone, a tablet PC, or a laptop computer.
  • the 'terminal' may also be a wired communication device such as a PC capable of accessing other terminals or servers through a network.
  • a network refers to a connection structure capable of exchanging information between nodes such as terminals and servers, such as a local area network (LAN), a wide area network (WAN), and the Internet (WWW : World Wide Web), wired and wireless data communications network, telephone network, and wired and wireless television communications network.
  • LAN local area network
  • WAN wide area network
  • WWW World Wide Web
  • wireless data communication networks examples include 3G, 4G, 5G, 3rd Generation Partnership Project (3GPP), Long Term Evolution (LTE), World Interoperability for Microwave Access (WIMAX), Wi-Fi, Bluetooth communication, infrared communication, ultrasonic communication, visible light communication (VLC: Visible Light Communication), LiFi, and the like, but are not limited thereto.
  • 3GPP 3rd Generation Partnership Project
  • LTE Long Term Evolution
  • WIMAX World Interoperability for Microwave Access
  • Wi-Fi Bluetooth communication
  • infrared communication ultrasonic communication
  • VLC Visible Light Communication
  • LiFi and the like, but are not limited thereto.
  • the method for identifying malicious spam calls based on artificial intelligence of the present invention can be implemented as a computer program stored in a storage medium for execution through combination with a computer, or as a module mounted on computer hardware on which the computer program operates. .
  • the operation method of the method for identifying malicious spam calls based on artificial intelligence may be implemented in the form of program instructions that can be executed through various computer means and recorded on a computer readable medium.
  • the computer readable medium may include program instructions, data files, data structures, etc. alone or in combination.
  • Program instructions recorded on the medium may be those specially designed and configured for the present invention or those known and usable to those skilled in computer software. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic media such as floptical disks.
  • program instructions include high-level language codes that can be executed by a computer using an interpreter, as well as machine language codes such as those produced by a compiler.

Abstract

A method for determining a malicious spam call based on artificial intelligence, according to an embodiment of the present invention, comprises the steps of: a collection unit collecting a sender's number and a receiver's number for spam determination; a phone control unit checking, via a user terminal, whether or not a user has taken a call made to the user; the phone control unit collecting a duration via the collection unit by setting a duration to 0 if having not taken the call and setting the duration to a call time if having taken the call; a training unit training an artificial intelligence learning-based spam determination model by using the collected sender's number, receiver's number, and duration as feature values; and a spam determination unit determining whether or not being spam, on the basis of a threshold value calculated by the training.

Description

인공지능 기반 악성 스팸 전화 판별 방법 및 장치Artificial intelligence-based malicious spam phone detection method and device
본 발명은 악성 스팸 전화 판별 방법 및 장치에 관한 것으로, 더욱 상세하게는 스팸 판별 모델의 학습을 통하여 스팸 여부를 판별하는 인공지능 기반 악성 스팸 전화 판별 방법 및 장치에 관한 것이다.The present invention relates to a method and device for identifying malicious spam calls, and more particularly, to a method and device for identifying malicious spam calls based on artificial intelligence for determining spam through learning of a spam discrimination model.
한국인터넷진흥원은 현행법인 정보통신망이용촉진및정보보호등에관한법률을 기반으로, 휴대폰이나 유선 전화 등으로 수신자가 원치 않았음에도 불구하고 일방적으로 전송되는 영리 목적의 광고성 정보를 스팸으로 규정하여 금지하고 있으나, 광고성 스팸의 양은 매년 증가하고 있다.Based on the current law, the Promotion of Information and Communications Network Utilization and Information Protection, etc., the Korea Internet & Security Agency prohibits advertising information for commercial purposes that is transmitted unilaterally through cell phones or landlines even though the recipient did not want it as spam. However, the amount of advertising spam is increasing every year.
스팸, 즉 휴대폰을 대상으로 문자나 전화를 통해 상품에 대한 안내를 보내는 방식은 비용 대비 효과가 좋기 때문에 광고 수단으로 많이 활용된다.Spam, that is, a method of sending product information through text messages or phone calls targeting mobile phones, is widely used as a means of advertising because it is cost-effective.
이와 같은 스팸 전화를 방지하는 종래기술에 의하면, 한국공개특허 제10-2009-91443호에는 스팸전화 방지를 위한 장치 및 그 방법이 개시되어 있는 바, 데이터베이스에서 비교하는 리스트 방식과 이에 따른 결과를 사용자에게 연결하거나 차단하는 제어부가 주 특징이고, 한국공개특허 제10-2016-22154호에는 통화량 분석에 기반하는 스팸 의심 전화 안내 장치 및 스팸 의심 전화 안내 방법이 개시되어 있는 바, 전화 통화량에 근거하여 스팸지수를 평가하고, 단위는 일, 주, 월 동안의 발신 통화 건수 및 발신 메시지 건수로 분석하는 것이다.According to the prior art for preventing such spam calls, Korea Patent Publication No. 10-2009-91443 discloses a device and method for preventing spam calls, a list method of comparing in a database and the results thereof to the user. The main feature is a control unit that connects or blocks to, and Korea Patent Publication No. 10-2016-22154 discloses a spam suspected phone guidance device and a spam suspected phone guidance method based on call volume analysis. The index is evaluated, and the unit is analyzed by the number of outgoing calls and outgoing messages during a day, week, or month.
이와 같이 종래기술들은 화이트 리스트 제공에 의해 여기에 포함되지 않은 번호에 대해 차단하는 방식으로 이루어져 한번 스팸 리스트에 설정되면 영구적으로 블랙 리스트로 설정되어 정상적인 전화번호도 오인하여 스팸 처리되는 문제가 있으며, 또한 일, 주, 월 단위로 판단하는 경우 실시간 데이터 분석이 이루어지지 못하여 스팸 판단 및 처리가 정확하지 못한 문제가 있었다.In this way, the prior art is made in a way to block numbers not included here by providing a white list, and once set in the spam list, it is permanently set in the black list, and normal phone numbers are misidentified and processed as spam. In the case of determining on a daily, weekly, or monthly basis, real-time data analysis was not performed, resulting in inaccurate spam judgment and processing.
따라서, 전술한 문제를 해결하기 위하여 실시간 데이터 분석에 의해 스팸 판별이 이루어지고, 비정상적인 발신 횟수 및 통화시간에 대한 인공지능 기반 학습을 통하여 스팸 판별 정확도를 높일 수 있는 인공지능 기반 악성 스팸 전화 판별 방법에 대한 연구가 필요하게 되었다.Therefore, in order to solve the above-mentioned problem, spam discrimination is made by real-time data analysis, and an artificial intelligence-based malicious spam phone discrimination method that can increase spam discrimination accuracy through artificial intelligence-based learning on the number of abnormal outgoing calls and call duration is proposed. research became necessary.
본 발명의 목적은 실시간 데이터 분석에 의해 스팸 판별이 이루어지고, 비정상적인 발신 횟수 및 통화시간에 대한 인공지능 기반 학습을 통하여 스팸 판별 정확도를 높일 수 있는 인공지능 기반 악성 스팸 전화 판별 방법 및 인공지능 기반 악성 스팸 전화 판별 장치를 제공하는 것이다.An object of the present invention is an artificial intelligence-based malicious spam call identification method and an artificial intelligence-based malicious spam call detection method that can increase spam identification accuracy through artificial intelligence-based learning on the number of abnormal outgoing calls and call duration by real-time data analysis. It is to provide a spam call discrimination device.
본 발명의 일 실시예에 따른 인공지능 기반 악성 스팸 전화 판별 방법은, 수집부는 스팸 판별을 위한 발신자번호와 수신자번호를 수집하는 단계; 전화제어부는 사용자에게 걸려온 콜을 사용자가 받았는지 여부를 사용자단말기를 통하여 체크하는 단계; 상기 전화제어부는 콜을 받지 않은 경우 지속시간을 0으로 설정하고, 콜을 받은 경우에는 지속시간을 통화시간으로 설정하여 상기 수집부를 통하여 지속시간을 수집하는 단계; 학습부는 인공지능 학습 기반 스팸 판별 모델에서는 수집한 상기 발신자번호, 수신자번호 및 지속시간을 특징값(Feature)으로 하여 학습을 수행하는 단계; 스팸판별부는 상기 학습에 의해 산출된 임계값을 기준으로 스팸 여부를 판별하는 단계를 포함한다.A method for identifying malicious spam calls based on artificial intelligence according to an embodiment of the present invention includes the steps of collecting, by a collecting unit, a caller's number and a recipient's number for determining spam; Step, by the telephone control unit, checking whether the user has received a call received from the user through the user terminal; setting the duration time to 0 when the call is not received by the telephone control unit and collecting the duration time through the collecting unit by setting the duration time to call time when the call is received; In the artificial intelligence learning-based spam discrimination model, the learning unit performs learning using the collected caller ID, recipient ID, and duration as feature values; The spam determination unit includes a step of determining whether spam is present based on the threshold value calculated by the learning.
상기 전화제어부는 전화 수신시 수신 전화를 체크하여 데이터베이스에 기저장된 등록스팸번호 유무를 판단하는 단계; 상기 전화제어부는 등록스팸번호인 경우, 자동으로 악성 스팸번호로 판단하여 차단 후 사용자에게 알림을 전송하는 단계; 상기 전화제어부는 등록스팸번호가 아닌 경우, 상기 수집부에 요청하여 상기 발신자번호와 수신자번호를 수집하는 단계;를 더 포함한다.determining whether or not a registered spam number is pre-stored in a database by checking an incoming call when the phone control unit receives a call; If the phone control unit is a registered spam number, automatically determining it as a malicious spam number and sending a notification to the user after blocking; The telephone control unit may further include collecting the calling party number and the called party number by requesting the collecting unit when the number is not a registered spam number.
상기 스팸 판별 모델은 학습부의 학습 결과, 이상치(임계값)를 기준으로 스팸 여부를 판별하되, 정상 데이터에 대해서 CNN(Convolutional Neural Networks)을 활용하여 학습을 수행할 수 있는 것을 특징으로 한다.The spam discrimination model is characterized in that spam or not is determined based on the learning result of the learning unit and an outlier (threshold), but learning can be performed using CNN (Convolutional Neural Networks) for normal data.
상기 스팸 판별 모델은 CNN을 통해 얻어진 임계값을 이용하여 스팸 여부를 판별시에는 생성적 적대 신경망(GAN) 알고리즘의 판별기를 이용하는 것을 특징으로 한다.The spam discrimination model is characterized by using a discriminator of a generative adversarial network (GAN) algorithm when discriminating whether spam is present using a threshold value obtained through CNN.
상기 판별기는 실제 데이터(정상 데이터)와 생성기가 생성한 가짜 데이터(스팸 판별을 위한 학습용 데이터로서 비정상 데이터)를 판별하도록 하는 것을 특징으로 한다.The discriminator is characterized in that it discriminates real data (normal data) and fake data generated by the generator (abnormal data as training data for discriminating spam).
상기 스팸 판별 모델은 통화시간을 기준으로 스팸 여부를 판단할 수 있는 악성지수 평가 모델과 지속시간에 대한 통화량 특성을 파악하여 이상치 검출 후 수신자에게 경고를 주기 위한 악성상황 평가 모델로 구분하여 학습 및 판별이 이루어지는 것을 특징으로 한다.The spam discrimination model is divided into a malicious index evaluation model that can determine spam based on call time and a malicious situation evaluation model that detects outliers by identifying call volume characteristics for duration and gives a warning to the recipient, and learns and discriminates them. It is characterized in that this is made.
상기 악성상황 평가 모델은 상기 악성지수 평가 모델에서 판단된 전화를 차단하지 못하거나 수신했을시 악성으로 판단된 전화들의 통화량 특성을 파악하여 임계값 검출 후 수신자에게 경고를 주기 위한 모델로서, 상기 악성지수 평가 모델에 보조적으로 활용되는 것을 특징으로 한다.The malicious situation evaluation model is a model for detecting the call volume characteristics of calls determined to be malicious when a call determined by the malicious index evaluation model cannot be blocked or received, and gives a warning to the recipient after detecting a threshold value. It is characterized in that it is used as a supplement to the evaluation model.
상기 악성지수 평가 모델의 학습 DB는 키-값(key-value) 구조의 비정형 데이터를 저장하고 관리하기 위한 오픈 소스 기반의 비관계형 데이터베이스가 될 수 있으며, key-value를 활용하여, key 입력시 TTL(time to live) 값을 주어 일정 주기에 맞춰 번호의 스팸 여부를 초기화하거나 스팸 등록 여부를 재 판별함으로써, 인적 자원으로 관리해야 되는 자원의 소모도 줄여 자동으로 스팸 관리가 될 수 있게 하는 것을 특징으로 한다.The learning DB of the malicious index evaluation model can be an open source-based non-relational database for storing and managing unstructured data with a key-value structure, and by using key-value, TTL when key is input By giving a (time to live) value, resetting whether a number is spam or not registering spam according to a certain period, it is characterized by reducing the consumption of resources that need to be managed by human resources and enabling automatic spam management. do.
상기 인공지능 기반 악성 스팸 전화 판별 방법은 컴퓨터에서 판독 가능한 기록매체에 저장된 컴퓨터 프로그램에 의해 수행될 수 있다.The method for identifying malicious spam calls based on artificial intelligence may be performed by a computer program stored in a computer-readable recording medium.
상기 인공지능 기반 악성 스팸 전화 판별 방법을 수행하는 인공지능 기반 악성 스팸 전화 판별 장치에 있어서, 상기 인공지능 기반 악성 스팸 전화 판별 장치는 하나 이상의 인스트럭션을 저장하는 메모리; 및 상기 메모리에 저장된 상기 하나 이상의 인스트럭션을 실행하는 프로세서를 포함하고, 상기 프로세서는 상기 하나 이상의 인스트럭션을 실행하여 상기 인공지능 기반 악성 스팸 전화 판별 방법을 수행하는 것을 특징으로 한다.An artificial intelligence-based malicious spam call detection device performing the artificial intelligence-based malicious spam call detection method, wherein the artificial intelligence-based malicious spam call detection device includes a memory for storing one or more instructions; and a processor executing the one or more instructions stored in the memory, wherein the processor executes the one or more instructions to perform the artificial intelligence-based malicious spam call identification method.
상기 인공지능 기반 악성 스팸 전화 판별 장치는 사용자단말기에서 수신되는 콜을 제어할 수 있으며, 구체적으로 스팸 판별 결과에 따라 자동으로 통화 수신 또는 거절 여부를 결정하는 전화제어부; 학습 데이터로 활용될 수신자번호, 발신자번호, 지속시간(통화시간)에 대한 데이터를 수집하는 수집부; 수집된 데이터들을 토대로 스팸 판별 모델의 학습을 수행하는 학습부; 학습 결과로 얻어진 임계값을 기준으로 걸려온 전화에 대한 스팸 여부를 판별하는 스팸판별부; 상기 스팸판별부의 판별 결과 스팸인 경우, 해당 스팸 전화번호에 대한 경고 알림을 수신자인 사용자단말기로 전송하는 스팸알림부; 스팸 판별 모델의 학습에 필요한 데이터를 저장하는 데이터베이스를 포함한다.The artificial intelligence-based malicious spam call discrimination device may control a call received from a user terminal, and may include: a phone control unit that automatically determines whether to receive or reject a call according to a result of spam discrimination; a collection unit that collects data on the recipient's number, caller's number, and duration (call time) to be used as learning data; A learning unit that performs learning of a spam discrimination model based on the collected data; Spam discrimination unit for determining whether or not the incoming call is spam based on the threshold value obtained as a result of learning; Spam notification unit for sending a warning notification for the corresponding spam phone number to the user terminal, which is the receiver, when the result of the determination of the spam determination unit is spam; It includes a database for storing data necessary for learning the spam discrimination model.
본 발명의 인공지능 기반 악성 스팸 전화 판별 방법은 빠르고 정확한 악성 스팸 여부 판단을 위하여 종래의 일, 주, 월이 아닌 실시간 데이터를 활용하여 인공지능 기반 스팸 판별 모델을 통하여 스팸 여부를 판단할 수 있는 장점이 있다.The method for identifying malicious spam calls based on artificial intelligence of the present invention has the advantage of being able to determine whether or not spam is present through an artificial intelligence-based spam discrimination model by utilizing real-time data instead of conventional daily, weekly, and monthly data to quickly and accurately determine whether or not there is malicious spam. there is
또한, 스팸 등록된 번호에 대하여 데이터 관리에 대한 자원소모를 줄이기 위해 일정 주기에서 전체(모든) 데이터에 대한 스팸 판별이 필요없이 각각의 데이터(번호)가 실시간으로 TTL 값에 의해 주기적으로 스팸 관리될 수 있는 장점이 있다.In addition, in order to reduce resource consumption for data management for spam registered numbers, each data (number) can be spam managed periodically by the TTL value in real time without the need to determine spam for all (all) data at a certain period. There are advantages to being able to
도 1은 본 발명의 일 실시예에 따른 인공지능 기반 악성 스팸 전화 판별 방법의 순서도이다.1 is a flowchart of a method for identifying malicious spam calls based on artificial intelligence according to an embodiment of the present invention.
도 2는 본 발명의 일 실시예에 따른 인공지능 기반 악성 스팸 전화 판별 장치의 구성을 보인 블록도이다.2 is a block diagram showing the configuration of an apparatus for identifying malicious spam calls based on artificial intelligence according to an embodiment of the present invention.
도 3은 스팸 판별 모델 기반으로 정상/비정상 발신수 비교에 의한 스팸 판별하는 예시를 보여주는 도면이다.3 is a diagram showing an example of spam discrimination by comparing normal/abnormal number of calls based on a spam discrimination model.
이하에서는 도면을 참조하여 본 발명의 구체적인 실시예를 상세하게 설명한다. 다만, 본 발명의 사상은 제시되는 실시예에 제한되지 아니하고, 본 발명의 사상을 이해하는 당업자는 동일한 사상의 범위 내에서 다른 구성요소를 추가, 변경, 삭제 등을 통하여, 퇴보적인 다른 발명이나 본 발명 사상의 범위 내에 포함되는 다른 실시예를 용이하게 제안할 수 있을 것이나, 이 또한 본원 발명 사상 범위 내에 포함된다고 할 것이다. 또한, 각 실시예의 도면에 나타나는 동일한 사상의 범위 내의 기능이 동일한 구성요소는 동일한 참조부호를 사용하여 설명한다.Hereinafter, specific embodiments of the present invention will be described in detail with reference to the drawings. However, the spirit of the present invention is not limited to the presented embodiments, and those skilled in the art who understand the spirit of the present invention may add, change, delete, etc. other elements within the scope of the same spirit, through other degenerative inventions or the present invention. Other embodiments included within the scope of the inventive idea can be easily proposed, but it will also be said to be included within the scope of the inventive concept. In addition, components having the same function within the scope of the same idea appearing in the drawings of each embodiment are described using the same reference numerals.
도 1은 본 발명의 일 실시예에 따른 인공지능 기반 악성 스팸 전화 판별 방법의 순서도이다.1 is a flowchart of a method for identifying malicious spam calls based on artificial intelligence according to an embodiment of the present invention.
먼저, 본 발명의 인공지능 기반 악성 스팸 전화 판별 방법은 전화제어부(110)는 전화 수신시 수신 전화를 체크하여 데이터베이스(170)에 기저장된 등록스팸번호 유무를 판단한다(S100, S102).First, in the artificial intelligence-based malicious spam phone detection method of the present invention, the phone control unit 110 checks the incoming call when receiving a call to determine whether or not a registered spam number is pre-stored in the database 170 (S100 and S102).
전화제어부(110)는 등록스팸번호인 경우, 자동으로 악성 스팸/보이스피싱 번호로 판단하여 차단 후 사용자에게 알릴 수 있도록 한다(S104).If the number is registered spam, the phone control unit 110 automatically determines it as a malicious spam/voice phishing number, blocks it, and then notifies the user (S104).
전화제어부(110)는 등록스팸번호가 아닌 경우, 수집부(120)에 요청함에 따라 수집부(120)는 발신자번호와 수신자번호를 수집한다(S106).If the phone control unit 110 is not a registered spam number, as requested to the collection unit 120, the collection unit 120 collects the caller's number and the recipient's number (S106).
또한 전화제어부(110)는 사용자에게 걸려온 콜을 사용자가 받았는지 여부를 사용자단말기를 통하여 체크한다(S108).In addition, the phone control unit 110 checks whether the user has received a call from the user through the user terminal (S108).
전화제어부(110)는 콜을 받지 않은 경우, 지속시간을 0으로 설정하고, 콜을 받은 경우에는 지속시간을 통화시간으로 설정하여 상기 수집부(120)를 통하여 수집한다(S110, S112). The phone control unit 110 sets the duration to 0 when a call is not received, and sets the duration to a call time when a call is received and collects the call through the collection unit 120 (S110 and S112).
여기서 지속시간은 콜을 받은 시점부터 콜이 끊긴 시점 즉 콜 종료한 시점까지의 시간 구간으로 통화시간이 된다.Here, the duration is a time interval from the time when the call is received to the time when the call is disconnected, that is, the time when the call is terminated.
이후 학습부(130)의 인공지능 학습 기반 스팸 판별 모델에서는 수집한 발신자 번호, 수신자 번호, 지속시간을 특징값(Feature)으로 하여 학습을 수행하고, 학습부(130)의 학습 수행결과, 스팸판별부(140)는 스팸 여부를 임계값을 기준으로 지속적으로 판별할 수 있게 한다(S114).Afterwards, in the artificial intelligence learning-based spam discrimination model of the learning unit 130, learning is performed using the collected sender number, recipient number, and duration as feature values, and the learning unit 130's learning performance result, spam discrimination The unit 140 continuously determines whether or not spam is spam based on a threshold value (S114).
즉, 스팸 판별 모델의 판별 결과가 임계값을 벗어난 경우에는 스팸으로 판별하여 스팸알림부(150)에 의해 사용자에게 콜 수신전, 통화중 또는 통화 종료 후 악성 스팸에 대한 알림을 전송할 수 있다(S116, S118).That is, if the discrimination result of the spam discrimination model is out of the threshold value, it is determined as spam and a notification about malicious spam can be sent to the user by the spam notification unit 150 before receiving a call, during a call, or after a call is ended (S116). , S118).
또한, 스팸 판별 모델은 판별 결과를 지속적으로 데이터베이스(170)에 갱신하여 저장하고, 학습시 학습 데이터로 이용함으로써, 주기적인 학습에 의해 모델의 판별 정확도를 향상시킬 수 있다.In addition, the spam discrimination model continuously updates and stores the discrimination result in the database 170 and uses it as learning data during learning, thereby improving the discrimination accuracy of the model through periodic learning.
스팸 판별 모델은 학습 결과를 토대로 이상치(임계값)를 기준으로 스팸 여부를 판별할 수 있으며, 이를 위해 먼저 정상 데이터(예컨대 스팸이 아닌 통상적인 통화인 경우의 발신횟수 데이터 및 통화시간 데이터 등)에 대해서 CNN(Convolutional Neural Networks) 등과 같은 신경망 알고리즘을 활용하여 학습을 수행할 수 있다. 즉, CNN을 통해 특징값(feature)을 추출하는 과정이 이루어질 수 있다.The spam discrimination model can determine whether or not it is spam based on the outlier (threshold value) based on the learning result. Learning can be performed using neural network algorithms such as CNN (Convolutional Neural Networks). That is, a process of extracting feature values through CNN may be performed.
구체적으로 정상 데이터만 학습하므로 label은 모두 0으로 통일될 수 있고, 해당 모델은 label이 단일 label이기 때문에 분류의 목적이 아닌 이상치(outlier, 임계값)의 추출을 위해 사용된다.Specifically, since only normal data is learned, all labels can be unified to 0, and since the label is a single label, the model is used for extraction of outliers (threshold values), not for classification purposes.
이상치를 얻기 위해서는 full connected layer의 가장 마지막 output layer의 activation 함수를 default option인 linear로 지정해 주어야한다.To obtain outliers, the activation function of the last output layer of the fully connected layer must be set to the default option, linear.
학습 이후 정상데이터가 학습된 모델에 정상데이터를 predict 함수에게 주어 각 정상데이터들의 이상치를 구하고 각 정상데이터로부터 얻은 이상치의 범위를 구한다. 이 과정에서 얻어진 이상치의 범위가 정상과 비정상을 분류하는 임계값(threshold value)이 된다.After learning, the normal data is given to the predict function in the model where the normal data was trained, and the outliers of each normal data are obtained, and the range of the outliers obtained from each normal data is obtained. The range of outliers obtained in this process becomes a threshold value for classifying normal and abnormal.
또한 얻어진 임계값을 이용하여 스팸 여부를 판별시에는 생성적 적대 신경망(GAN) 알고리즘의 판별기를 이용할 수 있다.In addition, when determining spam using the obtained threshold, a discriminator of a generative adversarial network (GAN) algorithm can be used.
생성적 적대 신경망(GAN)은 기존의 딥러닝 네트워크와는 달리 여러 개의 심층 신경망으로 이루어진 구조이다.Unlike conventional deep learning networks, generative adversarial networks (GANs) are structured with multiple deep neural networks.
또한 생성적 적대 신경망은 생성기(Generator)와 판별기(Discriminator)로 두 네트워크를 적대적(Adversarial)으로 학습시키는 비지도 학습 기반 생성모델로서, 생성기에는 입력 데이터가 입력되어 실제 이미지와 유사한 가짜 이미지를 만들어내도록 학습될 수 있다. In addition, the generative adversarial neural network is an unsupervised learning-based generative model that adversarially trains two networks with a generator and discriminator. Input data is input to the generator to create fake images similar to real images. can be learned to
입력 데이터는 노이즈 값이 입력될 수 있다. 노이즈 값은 어떤 확률 분포를 따를 수 있다. 예컨대, 제로 평균 가우시안(Zero-Mean Gaussian)으로 생성된 데이터일 수 있다.A noise value may be input as the input data. Noise values can follow any probability distribution. For example, it may be data generated with a zero-mean Gaussian.
판별기는 실제 데이터(정상 데이터)와 생성기가 생성한 가짜 데이터(스팸 판별을 위한 학습용 데이터, 비정상 데이터)를 판별하도록 학습할 수 있다.The discriminator can learn to discriminate between real data (normal data) and fake data generated by the generator (training data for discriminating spam, abnormal data).
보다 구체적으로는, 실제 데이터를 입력하면 높은 확률이 나오도록, 가짜 데이터를 입력하면 확률이 낮아지도록 학습할 수 있다. 즉, 판별기는 실제 데이터와 가짜 데이터를 잘 판별하도록 점진적으로 학습할 수 있다.More specifically, it can learn to have a high probability when real data is input, and to have a low probability when fake data is input. That is, the discriminator can gradually learn to discriminate between real data and fake data.
또한 스팸 판별 모델은 세부적으로 악성지수 평가 모델과 악성상황 평가 모델을 포함할 수 있으며, 이 모델들로 구분하여 학습 및 판별이 이루어질 수 있다.In addition, the spam discrimination model may include a malicious index evaluation model and a malicious situation evaluation model in detail, and learning and discrimination can be performed by classifying into these models.
악성지수 평가 모델에서는 발신횟수를 기준으로 스팸 여부를 판단할 수 있으며, 모든 발신자번호는 학습단계에서 x로 치환되며 수신자번호는 번호와 상관없이 횟수만 count되어 y의 값을 갖는다.In the malicious index evaluation model, spam can be judged based on the number of transmissions, all sender numbers are replaced with x in the learning stage, and the number of recipients is counted regardless of the number and has the value of y.
즉 악성지수 평가모델은 악성지수를 판단하여 DB(170)화와 차단모듈을 작동시키지 위한 모델로 악성전화 및 문자의 특징을 판단하기 위한 모델이며, 기존의 방법과는 다르게 저장되어 있는 전화번호나 특정전화번호로 판단하는 것이 아닌, 어떤 전화번호든 시간 단위 안에서 급격한 변화량을 측정하기 위한 모델이다.In other words, the malicious index evaluation model is a model for determining the malicious index and turning it into a DB (170) and operating the blocking module, and is a model for determining the characteristics of malicious calls and text messages. It is not a specific phone number, but a model for measuring the rapid change in any phone number within a unit of time.
또한 악성상황 평가 모델은 통화시간을 기준으로 스팸 여부를 판단할 수 있으며, 모든 발신자번호는 학습 단계에서 x로 치환되며, 통화시간은 초 단위 정수형태로 변환된다.In addition, the malicious situation evaluation model can determine spam based on the call duration, all caller IDs are replaced with x in the learning step, and the call duration is converted into an integer in seconds.
나아가 악성상황 평가 모델은 악성지수 평가 모델에서 판단된 전화를 차단하지 못하거나 수신했을시 특정번호에서 발생하는 통화량의 변화를 측정하기보다는 악성으로 판단된 전화들의 통화량 특성을 파악하여 임계값(이상치) 검출 후 수신자에게 경고를 주기 위한 모델로서, 악성지수 평가 모델에 보조적으로 활용함으로써, 스팸 판별이 애매한 상황에서의 스팸 판별 정확도를 향상시키는데 기여할 수 있다.Furthermore, the malicious situation evaluation model determines the threshold (outlier) by identifying the call volume characteristics of calls determined to be malicious rather than measuring the change in call volume generated from a specific number when a call judged in the malignancy index evaluation model is not blocked or received. As a model for giving a warning to the recipient after detection, it can contribute to improving the accuracy of spam identification in a situation where spam identification is ambiguous by being used as an aid to the malicious index evaluation model.
또한 도 3에는 스팸 판별 모델인 악성지수 평가 모델을 기반으로 정상/비정상 발신수 비교에 의한 스팸 판별하는 예시를 보여 주고 있으며, 해당 악성지수 평가 모델에서의 학습 및 판별 결과를 DB(170)에 저장하여 상기 발신지에 대한 추가적인 차단 및 경고 시 활용함으로써, 인공지능의 부하를 줄일 수 있다.In addition, FIG. 3 shows an example of spam discrimination by comparing the number of normal/abnormal calls based on the malicious index evaluation model, which is a spam discrimination model, and the learning and discrimination results from the malicious index evaluation model are stored in the DB 170. By using it for additional blocking and warning of the source, the load of artificial intelligence can be reduced.
또한 악성지수 평가 모델의 학습 DB(170)는 Redis의 키-값(key-value) 구조의 비정형 데이터를 저장하고 관리하기 위한 오픈 소스 기반의 비관계형 데이터베이스(170)가 될 수 있으며, key-value를 활용하여 key 입력시 TTL(time to live) 값을 주어 한 번 악성으로 등록된 번호가 영원히 차단되는 종래의 방식을 탈피하고 일정 주기에 맞춰 번호의 스팸 여부를 초기화하거나 스팸 등록 여부를 재 판별함으로써, 인적 자원으로 관리해야 되는 자원의 소모도 줄여 자동으로 스팸 관리가 될 수 있게 한다.In addition, the learning DB 170 of the malignancy index evaluation model can be an open source-based non-relational database 170 for storing and managing unstructured data of the key-value structure of Redis, and key-value By using a TTL (time to live) value when entering a key, it breaks away from the conventional method in which a number once registered as malicious is blocked forever, and resets whether or not the number is spam or not registered as spam according to a certain period. In other words, spam can be managed automatically by reducing the consumption of resources that need to be managed by human resources.
이는 일정 주기에서 전체(모든) 데이터에 대한 스팸 판별이 필요없이 각각의 데이터(번호)가 실시간으로 TTL 값에 의해 주기적으로 스팸 관리될 수 있음을 의미한다.This means that each data (number) can be periodically managed by the TTL value in real time without spam discrimination for all (all) data in a certain period.
통화시간에 대한 학습을 기반으로 하는 악성상황 평가 모델도 input 값만 다를 뿐 상기 악성지수 평가 모델과 같은 개념의 모델이다.A malicious situation evaluation model based on learning about call time is also a model of the same concept as the malicious index evaluation model, except that the input value is different.
나아가 상술한 인공지능 기반 악성 스팸 전화 판별 방법은 사용자단말기에 설치되어 실행되는 컴퓨터 프로그램(모바일의 경우 모바일 어플리케이션)에 의해 수행될 수 있다.Furthermore, the above-described artificial intelligence-based malicious spam phone detection method may be performed by a computer program (mobile application in the case of a mobile device) installed and executed in a user terminal.
도 2는 본 발명의 일 실시예에 따른 인공지능 기반 악성 스팸 전화 판별 장치(100)의 구성을 보인 블록도이다.2 is a block diagram showing the configuration of an apparatus 100 for identifying malicious spam calls based on artificial intelligence according to an embodiment of the present invention.
인공지능 기반 악성 스팸 전화 판별 장치(100)는 도 2를 참조하면, 전화제어부(110), 수집부(120), 학습부(130), 스팸판별부(140), 스팸알림부(150), 정보보호부(160) 및 데이터베이스(170)를 더 포함할 수 있다.Referring to FIG. 2 , the AI-based malicious spam call discrimination device 100 includes a phone control unit 110, a collection unit 120, a learning unit 130, a spam determination unit 140, a spam notification unit 150, An information protection unit 160 and a database 170 may be further included.
전화제어부(110)는 사용자단말기에서 수신되는 콜을 제어할 수 있으며, 구체적으로 스팸 판별 결과에 따라 자동으로 통화 수신 또는 거절 여부를 결정할 수 있다. The phone control unit 110 may control calls received from the user terminal, and may automatically determine whether or not to receive or reject calls according to spam determination results.
수집부(120)는 학습 데이터로 활용될 수신자번호, 발신자번호, 지속시간(통화시간)에 대한 데이터를 수집할 수 있다.The collection unit 120 may collect data on a called party number, a calling party number, and duration (call duration) to be used as learning data.
학습부(130)는 수집된 데이터들을 토대로 스팸 판별 모델의 학습을 수행할 수 있다.The learning unit 130 may perform learning of a spam discrimination model based on the collected data.
스팸판별부(140)는 학습 결과로 얻어진 임계값을 기준으로 걸려온 전화에 대한 스팸 여부를 판별할 수 있다.The spam determination unit 140 may determine whether an incoming call is spam based on a threshold obtained as a result of learning.
스팸알림부(150)는 스팸판별부(140)의 판별 결과 스팸인 경우, 해당 스팸 전화번호에 대한 경고 알림을 수신자인 사용자단말기로 메시지 형태로 전송되고, 사용자 설정 여부에 따라 전화제어부(110)에 요청하여 콜을 자동으로 차단할 수도 있다. Spam notification unit 150, if spam as a result of the determination of spam determination unit 140, a warning notification for the corresponding spam phone number is transmitted in the form of a message to the user terminal as a receiver, and depending on whether the user is set, the phone control unit 110 You can also block calls automatically by requesting .
정보보호부(160)는 수집된 개인정보인 발신자번호, 수신자번호 등 개인의 민감한 정보를 외부 해킹 등으로부터 위변조 되는 것을 방지하기 위해 암복호화를 수행할 수 있다.The information protection unit 160 may perform encryption and decryption to prevent forgery and falsification of personal sensitive information such as the sender number and receiver number, which are collected personal information, from external hacking.
구체적으로, 번호를 수신하는 사용자단말기에 신분 증명이 가능한, 식별 정보(identification information)를 부여하여, 해당 식별 정보를 사설 암호 키(private key)로 활용하는 경량 암호 알고리즘을 수행한다. Specifically, a light-weight encryption algorithm is performed by giving identification information capable of identification to a user terminal receiving a number and utilizing the identification information as a private key.
경량 암호 알고리즘에는 스마트 기기 등의 제한된 환경에서 구현하기 위해 설계된 암호 기술로서, 대칭키 암호 알고리즘인 HIGHT(HIGh security and light weigHT), LEA(Lightweight Encryption)와 해시함수인 LSH(Lightweight Secure Hash) 등을 활용할 수 있다. The lightweight encryption algorithm is an encryption technology designed to be implemented in a limited environment such as a smart device, and includes symmetric key encryption algorithms such as HIGHT (HIGh security and light weight), LEA (Lightweight Encryption) and hash function LSH (Lightweight Secure Hash). can be utilized
이러한 경량 암호 알고리즘을 활용하여 수집된 데이터 등을 암/복호화 시킴으로써 해당 데이터의 외부 유출이나 외부 해킹으로 인한 불법적인 제어 등을 막을 수 있다. 경량 암호 알고리즘은 이러한 임베디드 컴퓨팅 환경에서 적합한 경량 해시 함수(lightweight hash function)를 사용하는 것이 바람직하다.By encrypting/decrypting the collected data using this lightweight encryption algorithm, it is possible to prevent illegal control due to external leakage or external hacking of the data. It is preferable to use a lightweight hash function suitable for such an embedded computing environment as a lightweight cryptographic algorithm.
경량 해시 함수란 SHA-3와 같은 표준적인 암호화 해시 알고리즘에서 일부 컴퓨팅 파워가 높게 소요되는 특징들을 제외하고도 송신 또는 수신되는 데이터의 무결성을 보장할 수 있도록 설계된 컴퓨팅 파워가 상대적으로 낮게 소모되는 해시 함수(일방향 함수)이다.A lightweight hash function is a hash function that consumes relatively low computing power designed to ensure the integrity of transmitted or received data, except for some features that require high computing power in standard cryptographic hash algorithms such as SHA-3. (one-way function).
보다 구체적으로는 이러한 경량 해시함수 중에서도 키가 없이(unkeyed) 데이터의 치환(permutation)이 가능하도록 하는 스폰지(Sponge) 알고리즘을 사용하는 것이 바람직하다.More specifically, among these lightweight hash functions, it is preferable to use a sponge algorithm that enables permutation of unkeyed data.
좀 더 구체적으로 스폰지는 원본 메시지(여기서는 랜덤키의 원본 데이터)를 일정한 크기로 만든 뒤(padding), 이를 키의 생성자만 알 수 있는 특정한 기준 크기(예를 들어 특정 비트 사이즈로 분할된 원본 메시지)로 복수 개로 분할한 뒤, 복수 개로 분할된 데이터(분할된 원본 메시지)의 후단에 랜덤한 데이터들을 여러 업데이트 함수를 활용하여 교환하고, 반대편에서는 이미 알고 있는 기준 크기를 활용하여 복호화도록 구현된다.More specifically, the sponge makes the original message (in this case, the original data of the random key) into a certain size (padding), and then creates it with a specific standard size known only to the generator of the key (for example, the original message divided into specific bit sizes). It is implemented to exchange random data at the rear of the divided data (divided original message) by using several update functions, and to decode using the already known standard size on the other side.
즉, 이러한 경량 해시함수를 활용하여, 해시함수의 보안성을 확보하면서, 일반적인 해시함수의 사용보다 상대적으로 적은 컴퓨팅 파워가 필요하도록 하여 결과적으로 단말기의 전력소모를 적게 하고, 오래 사용하도록 할 수 있다.That is, by using such a lightweight hash function, while securing the security of the hash function, relatively less computing power is required than the use of a general hash function, resulting in less power consumption of the terminal and long-lasting use. .
데이터베이스(170)는 스팸 판별 모델의 학습에 필요한 데이터 즉, 수신자번호, 발신자번호, 지속시간에 대해 지속적으로 업데이터 및 저장될 수 있으며, 이밖에도 필요한 사용자 개인정보나 이벤트 정보 등이 포함될 수 있다.The database 170 may continuously update and store data necessary for learning the spam discrimination model, that is, recipient number, sender number, and duration, and may also include necessary user personal information or event information.
상술한 인공지능 기반 악성 스팸 전화 판별 장치(100)는, 네트워크상의 인공지능 기반 악성 스팸 전화 판별 서버 또는 사용자단말기에 설치되어 실행되는 컴퓨터 프로그램(모바일의 경우 모바일 어플리케이션) 자체가 될 수도 있다.The above-described device 100 for determining malicious spam calls based on artificial intelligence may be an artificial intelligence based malicious spam call determining server on a network or a computer program (mobile application in case of mobile) installed and executed in a user terminal.
또한 인공지능 기반 악성 스팸 전화 판별 장치(100)는 프로세서 및 메모리를 포함할 수 있다. 실시예에서, 컴퓨팅 장치는 네트워크 인터페이스(또는 통신 인터페이스)(미도시), 스토리지(미도시), 버스(bus)(미도시)를 더 포함할 수 있다.In addition, the apparatus 100 for identifying malicious spam calls based on artificial intelligence may include a processor and a memory. In an embodiment, the computing device may further include a network interface (or communication interface) (not shown), a storage (not shown), and a bus (not shown).
일 실시예에서, 프로세서는 컴퓨팅 장치의 각 구성의 전반적인 동작을 제어할 수 있다. 프로세서는 CPU(Central Processing Unit), MPU(Micro Processor Unit), MCU(Micro Controller Unit), 또는 본 발명의 기술 분야에 잘 알려진 임의의 형태의 프로세서를 포함하여 구성될 수 있다.In one embodiment, the processor may control the overall operation of each component of the computing device. The processor may include a central processing unit (CPU), a micro processor unit (MPU), a micro controller unit (MCU), or any type of processor well known in the art.
실시예에서, 프로세서는 본 발명의 실시예에 따른 인공지능 기반 악성 스팸 전화 판별 방법을 실행하기 위한 적어도 하나의 애플리케이션 또는 프로그램에 대한 연산을 수행할 수 있다. 실시예에서, 프로세서는 하나 이상의 코어(core, 미도시) 및 그래픽 처리부(미도시) 및/또는 다른 구성 요소와 신호를 송수신하는 연결 통로(예: 버스(bus) 등)를 포함할 수 있다. In an embodiment, the processor may perform an operation for at least one application or program for executing the artificial intelligence-based malicious spam call identification method according to an embodiment of the present invention. In an embodiment, the processor may include one or more cores (not shown) and a graphic processing unit (not shown) and/or a connection path (eg, a bus) for transmitting and receiving signals to and from other components.
실시예에서, 프로세서는 프로세서 내부에서 처리되는 신호(또는, 데이터)를 일시적 및/또는 영구적으로 저장하는 램(RAM: Random Access Memory, 미도시) 및 롬(ROM: Read-Only Memory, 미도시)을 더 포함할 수 있다. 또한, 프로세서는 그래픽 처리부, 램 및 롬 중 적어도 하나를 포함하는 장치온칩(SoC: system on chip) 형태로 구현될 수 있다.In an embodiment, the processor includes a RAM (Random Access Memory, not shown) and a ROM (ROM: Read-Only Memory, not shown) that temporarily and/or permanently store signals (or data) processed inside the processor. may further include. Also, the processor may be implemented in the form of a system on chip (SoC) including at least one of a graphics processing unit, RAM, and ROM.
실시예에서, 프로세서는 메모리에 저장된 하나 이상의 인스트럭션(instruction)을 실행함으로써, 상술한 인공지능 기반 악성 스팸 전화 판별 방법을 수행할 수 있다.In an embodiment, the processor may perform the above-described method for identifying malicious spam calls based on artificial intelligence by executing one or more instructions stored in memory.
본 명세서에서 ‘단말기’는 휴대성 및 이동성이 보장된 무선 통신 장치일 수 있으며, 예를 들어 스마트폰, 태블릿 PC 또는 노트북 등과 같은 모든 종류의 핸드헬드(Handheld) 기반의 무선 통신 장치일 수 있다. 또한, ‘단말기’은 네트워크를 통해 다른 단말기 또는 서버 등에 접속할 수 있는 PC 등의 유선 통신 장치인 것도 가능하다. 또한, 네트워크는 단말기들 및 서버들과 같은 각각의 노드 상호 간에 정보 교환이 가능한 연결 구조를 의미하는 것으로, 근거리 통신망(LAN: Local Area Network), 광역 통신망(WAN: Wide Area Network), 인터넷 (WWW: World Wide Web), 유무선 데이터 통신망, 전화망, 유무선 텔레비전 통신망 등을 포함한다. In this specification, a 'terminal' may be a wireless communication device that guarantees portability and mobility, and may be, for example, any type of handheld-based wireless communication device such as a smart phone, a tablet PC, or a laptop computer. In addition, the 'terminal' may also be a wired communication device such as a PC capable of accessing other terminals or servers through a network. In addition, a network refers to a connection structure capable of exchanging information between nodes such as terminals and servers, such as a local area network (LAN), a wide area network (WAN), and the Internet (WWW : World Wide Web), wired and wireless data communications network, telephone network, and wired and wireless television communications network.
무선 데이터 통신망의 일례에는 3G, 4G, 5G, 3GPP(3rd Generation Partnership Project), LTE(Long Term Evolution), WIMAX(World Interoperability for Microwave Access), 와이파이(Wi-Fi), 블루투스 통신, 적외선 통신, 초음파 통신, 가시광 통신(VLC: Visible Light Communication), 라이파이(LiFi) 등이 포함되나 이에 한정되지는 않는다.Examples of wireless data communication networks include 3G, 4G, 5G, 3rd Generation Partnership Project (3GPP), Long Term Evolution (LTE), World Interoperability for Microwave Access (WIMAX), Wi-Fi, Bluetooth communication, infrared communication, ultrasonic communication, visible light communication (VLC: Visible Light Communication), LiFi, and the like, but are not limited thereto.
나아가 본 발명의 인공지능 기반 악성 스팸 전화 판별 방법은 컴퓨터와의 결합을 통해 실행시키기 위한 저장매체에 저장된 컴퓨터 프로그램으로 구현되거나, 이 컴퓨터 프로그램이 동작하는 컴퓨터 하드웨어에 탑재되는 모듈 형태로 구현될 수 있다.Furthermore, the method for identifying malicious spam calls based on artificial intelligence of the present invention can be implemented as a computer program stored in a storage medium for execution through combination with a computer, or as a module mounted on computer hardware on which the computer program operates. .
또한, 본 발명의 일 실시예에 따른 인공지능 기반 악성 스팸 전화 판별 방법의 동작 방법은, 다양한 컴퓨터 수단을 통하여 수행될 수 있는 프로그램 명령 형태로 구현되어 컴퓨터 판독 가능 매체에 기록될 수 있다. 상기 컴퓨터 판독 가능 매체는 프로그램 명령, 데이터 파일, 데이터 구조 등을 단독으로 또는 조합하여 포함할 수 있다. 상기 매체에 기록되는 프로그램 명령은 본 발명을 위하여 특별히 설계되고 구성된 것들이거나 컴퓨터 소프트웨어 당업자에게 공지되어 사용 가능한 것일 수도 있다. 컴퓨터 판독 가능 기록 매체의 예에는 하드 디스크, 플로피 디스크 및 자기 테이프와 같은 자기 매체(magnetic media), CD-ROM, DVD와 같은 광기록 매체(optical media), 플롭티컬 디스크(floptical disk)와 같은 자기-광 매체(magneto-optical media), 및 롬(ROM), 램(RAM), 플래시 메모리, SSD(Solid State Drive) 등과 같은 프로그램 명령을 저장하고 수행하도록 특별히 구성된 하드웨어 장치가 포함된다. 프로그램 명령의 예에는 컴파일러에 의해 만들어지는 것과 같은 기계어 코드뿐만 아니라 인터프리터 등을 사용해서 컴퓨터에 의해서 실행될 수 있는 고급 언어 코드를 포함한다.In addition, the operation method of the method for identifying malicious spam calls based on artificial intelligence according to an embodiment of the present invention may be implemented in the form of program instructions that can be executed through various computer means and recorded on a computer readable medium. The computer readable medium may include program instructions, data files, data structures, etc. alone or in combination. Program instructions recorded on the medium may be those specially designed and configured for the present invention or those known and usable to those skilled in computer software. Examples of computer-readable recording media include magnetic media such as hard disks, floppy disks and magnetic tapes, optical media such as CD-ROMs and DVDs, and magnetic media such as floptical disks. - includes hardware devices specially configured to store and execute program instructions, such as magneto-optical media, and ROM, RAM, flash memory, SSD (Solid State Drive), and the like. Examples of program instructions include high-level language codes that can be executed by a computer using an interpreter, as well as machine language codes such as those produced by a compiler.
[부호의 설명][Description of code]
100 : 인공지능 기반 악성 스팸 전화 판별 장치100: AI-based malicious spam call discrimination device
110 : 전화제어부110: telephone control unit
120 : 수집부120: collection unit
130 : 학습부130: learning unit
140 : 스팸판별부140: spam detection unit
150 : 스팸알림부150: spam notification unit
160 : 정보보호부160: Information Protection Department
170 : 데이터베이스170: database

Claims (11)

  1. 수집부는 스팸 판별을 위한 발신자번호와 수신자번호를 수집하는 단계;Collecting, by the collecting unit, the sender's number and the recipient's number for determining spam;
    전화제어부는 사용자에게 걸려온 콜을 사용자가 받았는지 여부를 사용자단말기를 통하여 체크하는 단계;Step, by the telephone control unit, checking whether the user has received a call received from the user through the user terminal;
    상기 전화제어부는 콜을 받지 않은 경우 지속시간을 0으로 설정하고, 콜을 받은 경우에는 지속시간을 통화시간으로 설정하여 상기 수집부를 통하여 지속시간을 수집하는 단계;setting the duration time to 0 when the call is not received by the telephone control unit and collecting the duration time through the collecting unit by setting the duration time to call time when the call is received;
    학습부는 인공지능 학습 기반 스팸 판별 모델에서는 수집한 상기 발신자번호, 수신자번호 및 지속시간을 특징값(Feature)으로 하여 학습을 수행하는 단계; 및In the artificial intelligence learning-based spam discrimination model, the learning unit performs learning using the collected caller ID, recipient ID, and duration as feature values; and
    스팸판별부는 상기 학습에 의해 산출된 임계값을 기준으로 스팸 여부를 판별하는 단계를 포함하는 인공지능 기반 악성 스팸 전화 판별 방법.An artificial intelligence-based malicious spam call identification method comprising the step of determining whether a spam determination unit is spam based on the threshold value calculated by the learning.
  2. 청구항 1에 있어서,The method of claim 1,
    상기 전화제어부는 전화 수신시 수신 전화를 체크하여 데이터베이스에 기저장된 등록스팸번호 유무를 판단하는 단계;determining whether or not a registered spam number is pre-stored in a database by checking an incoming call when the phone control unit receives a call;
    상기 전화제어부는 등록스팸번호인 경우, 자동으로 악성 스팸번호로 판단하여 차단 후 사용자에게 알림을 전송하는 단계; 및If the phone control unit is a registered spam number, automatically determining it as a malicious spam number and sending a notification to the user after blocking; and
    상기 전화제어부는 등록스팸번호가 아닌 경우, 상기 수집부에 요청하여 상기 발신자번호와 수신자번호를 수집하는 단계를 더 포함하는 인공지능 기반 악성 스팸 전화 판별 방법.and collecting, by the phone control unit, the calling party number and the called party number by making a request to the collecting unit when the number is not a registered spam number.
  3. 청구항 1에 있어서,The method of claim 1,
    상기 스팸 판별 모델은 학습부의 학습 결과, 이상치(임계값)를 기준으로 스팸 여부를 판별하되, 정상 데이터에 대해서 CNN(Convolutional Neural Networks)을 활용하여 학습을 수행할 수 있는 것을 특징으로 하는 인공지능 기반 악성 스팸 전화 판별 방법.The spam discrimination model determines whether or not spam is based on the learning result of the learning unit and the outlier (threshold), but artificial intelligence-based learning can be performed using CNN (Convolutional Neural Networks) for normal data. How to identify malicious spam calls.
  4. 청구항 3에 있어서in claim 3
    상기 스팸 판별 모델은 CNN을 통해 얻어진 임계값을 이용하여 스팸 여부를 판별시에는 생성적 적대 신경망(GAN) 알고리즘의 판별기를 이용하는 것을 특징으로 하는 인공지능 기반 악성 스팸 전화 판별 방법.Wherein the spam discrimination model uses a discriminator of a generative adversarial network (GAN) algorithm when discriminating whether or not spam is obtained using a threshold value obtained through CNN.
  5. 청구항 4에 있어서,The method of claim 4,
    상기 판별기는 실제 데이터(정상 데이터)와 생성기가 생성한 가짜 데이터(스팸 판별을 위한 학습용 데이터로서 비정상 데이터)를 판별하도록 하는 것을 특징으로 하는 인공지능 기반 악성 스팸 전화 판별 방법.The method of identifying malicious spam calls based on artificial intelligence, characterized in that the discriminator discriminates between real data (normal data) and fake data generated by the generator (abnormal data as training data for spam discrimination).
  6. 청구항 1에 있어서,The method of claim 1,
    상기 스팸 판별 모델은 통화시간을 기준으로 스팸 여부를 판단할 수 있는 악성지수 평가 모델과 지속시간에 대한 통화량 특성을 파악하여 이상치 검출 후 수신자에게 경고를 주기 위한 악성상황 평가 모델로 구분하여 학습 및 판별이 이루어지는 것을 특징으로 하는 인공지능 기반 악성 스팸 전화 판별 방법.The spam discrimination model is divided into a malicious index evaluation model that can determine spam based on call time and a malicious situation evaluation model that detects outliers by identifying call volume characteristics for duration and gives a warning to the recipient, and learns and discriminates them. An artificial intelligence-based malicious spam call discrimination method, characterized in that this is made.
  7. 청구항 6에 있어서,The method of claim 6,
    상기 악성상황 평가 모델은 상기 악성지수 평가 모델에서 판단된 전화를 차단하지 못하거나 수신했을시 악성으로 판단된 전화들의 통화량 특성을 파악하여 임계값 검출 후 수신자에게 경고를 주기 위한 모델로서, 상기 악성지수 평가 모델에 보조적으로 활용되는 것을 특징으로 하는 인공지능 기반 악성 스팸 전화 판별 방법.The malicious situation evaluation model is a model for detecting the call volume characteristics of calls determined to be malicious when a call determined by the malicious index evaluation model cannot be blocked or received, and gives a warning to the recipient after detecting a threshold value. A method for identifying malicious spam calls based on artificial intelligence, characterized in that it is used as an aid to the evaluation model.
  8. 청구항 6에 있어서,The method of claim 6,
    상기 악성지수 평가 모델의 학습 DB는 키-값(key-value) 구조의 비정형 데이터를 저장하고 관리하기 위한 오픈 소스 기반의 비관계형 데이터베이스가 될 수 있으며, key-value를 활용하여, key 입력시 TTL(time to live) 값을 주어 일정 주기에 맞춰 번호의 스팸 여부를 초기화하거나 스팸 등록 여부를 재 판별함으로써, 인적 자원으로 관리해야 되는 자원의 소모도 줄여 자동으로 스팸 관리가 될 수 있게 하는 것을 특징으로 하는 인공지능 기반 악성 스팸 전화 판별 방법.The learning DB of the malicious index evaluation model can be an open source-based non-relational database for storing and managing unstructured data with a key-value structure, and by using key-value, TTL when key is input By giving a (time to live) value, resetting whether a number is spam or not registering spam according to a certain period, it is characterized by reducing the consumption of resources that need to be managed by human resources and enabling automatic spam management. A method for identifying malicious spam calls based on artificial intelligence.
  9. 청구항 1 내지 청구항 8 중 어느 한 항의 인공지능 기반 악성 스팸 전화 판별 방법을 수행하는 컴퓨터에서 판독 가능한 기록매체에 저장된 컴퓨터 프로그램.A computer program stored in a computer-readable recording medium that performs the artificial intelligence-based malicious spam call discrimination method according to any one of claims 1 to 8.
  10. 청구항 1 내지 청구항 8 중 어느 한 항의 인공지능 기반 악성 스팸 전화 판별 방법을 수행하는 인공지능 기반 악성 스팸 전화 판별 장치에 있어서, An artificial intelligence-based malicious spam call discrimination apparatus for performing the artificial intelligence-based malicious spam call discrimination method according to any one of claims 1 to 8, comprising:
    상기 인공지능 기반 악성 스팸 전화 판별 장치는The artificial intelligence-based malicious spam call discrimination device
    하나 이상의 인스트럭션을 저장하는 메모리; 및a memory that stores one or more instructions; and
    상기 메모리에 저장된 상기 하나 이상의 인스트럭션을 실행하는 프로세서를 포함하고,a processor to execute the one or more instructions stored in the memory;
    상기 프로세서는 상기 하나 이상의 인스트럭션을 실행하여 상기 인공지능 기반 악성 스팸 전화 판별 방법을 수행하는 것을 특징으로 하는 인공지능 기반 악성 스팸 전화 판별 장치.The artificial intelligence-based malicious spam call discrimination device according to claim 1 , wherein the processor performs the artificial intelligence-based malicious spam call discrimination method by executing the one or more instructions.
  11. 청구항 10에 있어서, The method of claim 10,
    상기 인공지능 기반 악성 스팸 전화 판별 장치는The artificial intelligence-based malicious spam call discrimination device
    사용자단말기에서 수신되는 콜을 제어할 수 있으며, 구체적으로 스팸 판별 결과에 따라 자동으로 통화 수신 또는 거절 여부를 결정하는 전화제어부;A telephone control unit capable of controlling a call received from a user terminal, and specifically determining whether to receive or reject a call automatically according to a spam determination result;
    학습 데이터로 활용될 수신자번호, 발신자번호, 지속시간(통화시간)에 대한 데이터를 수집하는 수집부;a collection unit that collects data on the recipient's number, caller's number, and duration (call time) to be used as learning data;
    수집된 데이터들을 토대로 스팸 판별 모델의 학습을 수행하는 학습부;A learning unit that performs learning of a spam discrimination model based on the collected data;
    학습 결과로 얻어진 임계값을 기준으로 걸려온 전화에 대한 스팸 여부를 판별하는 스팸판별부;Spam discrimination unit for determining whether or not the incoming call is spam based on the threshold value obtained as a result of learning;
    상기 스팸판별부의 판별 결과 스팸인 경우, 해당 스팸 전화번호에 대한 경고 알림을 수신자인 사용자단말기로 전송하는 스팸알림부; 및Spam notification unit for sending a warning notification for the corresponding spam phone number to the user terminal, which is the receiver, when the result of the determination of the spam determination unit is spam; and
    스팸 판별 모델의 학습에 필요한 데이터를 저장하는 데이터베이스를 포함하는 인공지능 기반 악성 스팸 전화 판별 장치.An artificial intelligence-based malicious spam phone discrimination device that includes a database storing data necessary for learning a spam discrimination model.
PCT/KR2021/017478 2021-11-10 2021-11-25 Method and apparatus for determining malicious spam call based on artificial intelligence WO2023085491A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR1020210153637A KR102558735B1 (en) 2021-11-10 2021-11-10 Method and device for identifying malicious spam calls based on artificial intelligence
KR10-2021-0153637 2021-11-10

Publications (1)

Publication Number Publication Date
WO2023085491A1 true WO2023085491A1 (en) 2023-05-19

Family

ID=86336202

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2021/017478 WO2023085491A1 (en) 2021-11-10 2021-11-25 Method and apparatus for determining malicious spam call based on artificial intelligence

Country Status (2)

Country Link
KR (1) KR102558735B1 (en)
WO (1) WO2023085491A1 (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20090096111A (en) * 2008-03-07 2009-09-10 김준식 Method and apparatus for processing spam
KR20090121170A (en) * 2008-05-21 2009-11-25 주식회사 다산네트웍스 Call processing method and phone for preventing a spam call
KR20100033565A (en) * 2008-09-22 2010-03-31 주식회사 케이티테크 Method and device for registration and application of spam phone number
KR20100056687A (en) * 2008-11-20 2010-05-28 삼성전자주식회사 Appratus and method for managementing spam number in mobele communication terminal
KR101764920B1 (en) * 2016-04-26 2017-08-04 주식회사 나우드림 Method for determining spam phone number using spam model

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20090091443A (en) 2008-02-25 2009-08-28 박승준 Spam calls prevention system and method thereof
KR101633861B1 (en) 2014-08-19 2016-07-01 주식회사 후후앤컴퍼니 Apparatus for guiding suspecious spam call based on analysis of call traffic and method thereof

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20090096111A (en) * 2008-03-07 2009-09-10 김준식 Method and apparatus for processing spam
KR20090121170A (en) * 2008-05-21 2009-11-25 주식회사 다산네트웍스 Call processing method and phone for preventing a spam call
KR20100033565A (en) * 2008-09-22 2010-03-31 주식회사 케이티테크 Method and device for registration and application of spam phone number
KR20100056687A (en) * 2008-11-20 2010-05-28 삼성전자주식회사 Appratus and method for managementing spam number in mobele communication terminal
KR101764920B1 (en) * 2016-04-26 2017-08-04 주식회사 나우드림 Method for determining spam phone number using spam model

Also Published As

Publication number Publication date
KR102558735B1 (en) 2023-07-24
KR20230067903A (en) 2023-05-17

Similar Documents

Publication Publication Date Title
US11399288B2 (en) Method for HTTP-based access point fingerprint and classification using machine learning
EP3214861B1 (en) Method, device and system for detecting fraudulent user
CN107480626A (en) A kind of method that census using recognition of face monitors
TWI583152B (en) Anomaly prediction method and system for heterogeneous network architecture
WO2021151335A1 (en) Network event processing method and apparatus, and readable storage medium
WO2022139078A1 (en) Apparatus for providing e-mail security service using hierarchical architecture based on security level and operation method therefor
CN113163406B (en) Threat detection system for mobile communication system, central device and local device thereof
CN107094291B (en) System, method and terminal for preventing telecommunication fraud
CN103369486A (en) System and method for preventing fraud SMS (Short message Service) message
CN110677407A (en) Safety control method of lightweight block chain platform
WO2014157826A1 (en) System and method for blocking attack of smart device-based malicious code
Giura et al. Is it really you? User identification via adaptive behavior fingerprinting
WO2014175583A1 (en) Method and apparatus for inspecting malicous message
WO2022080783A1 (en) Single photon detector, and operation method
WO2023085491A1 (en) Method and apparatus for determining malicious spam call based on artificial intelligence
CN114169438A (en) Telecommunication network fraud identification method, device, equipment and storage medium
WO2024005565A1 (en) Method, system, and non-transitory computer-readable recording medium for providing messenger service
WO2019098584A1 (en) System and method for calculating user's reliability for unknown device in internet-of-things environment
WO2021233286A1 (en) Data processing method and apparatus, network device, and terminal
US11108914B2 (en) Method and system for revenue maximization in a communication network
KR102373593B1 (en) The method for managing node to serve trust network based on block-chain
CN113992453A (en) Blocking method and device for preventing data leakage and storage medium
CN113378205A (en) Method for data reverse transmission across security domains
WO2019156278A1 (en) Method for determining integrity of packet
WO2013065887A1 (en) Security system for mobile communication network

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21964200

Country of ref document: EP

Kind code of ref document: A1