Fraud detection framework using privacy preserving record linkage in telecom

Abstract

Fraud is a persistent and increasing problem in the telecom industry. Telcos work in isolation to prevent fraud. Sharing information is critical for detecting and preventing fraud. The primary constraint on sharing information is privacy preservation. Several techniques have been developed to share data while preserving privacy using privacy-preserving record linkage (PPRL). Most of the PPRL techniques use a similarity measure like Jacquard similarity on homologous datasets, which are all prone to graph-based attacks, rendering existing methods insecure. Many complex and slow techniques use the Bloom filter implementation, which can be compromised in a cryptanalysis attack.

This dissertation proposes an attack-proof PPRL framework (FD-PPRL) using existing infrastructure of a telco without a complex multistep protocol. First, a novel way of matching two non-homologous datasets using attack-proof digital signature schemes, like the Edwards-curve digital signature algorithm is proposed. Here, Jaccard similarity can only be estimated using this method and not on the datasets directly. Second, two parties transact with a simple request–reply method. To validate the match accuracy, privacy preservation, and performance of this approach, it was tested on a large public dataset (North Carolina Voter Database). This method is secure against attacks and achieves 100% match accuracy with improved performance.

Fraud detection using Privacy-Preserving Record Linkage (PPRL) was first proposed in our dissertation. It addresses many challenges related to fraud detection in the telecommunications industry, which can then be expanded to other industries. We begin by introducing the research problems and challenges, followed by proposing solutions through research and development to address these issues. Our background section covers some of the PPRL concepts and terminologies, and we conduct a detailed analysis of current research and literature. Next, we develop the novel FD-PPRL framework upon which our solution is built. We also analyze various hash techniques with FD-PPRL and select the most suitable one for our implementation. The dissertation then delves into how the telco can securely store and transmit large volumes of fraud-related information using a (or the) Block method. Additionally, we address speed issues and develop a method to facilitate communication among multiple telcos simultaneously. Finally, we conclude by highlighting how our approach has effectively solved the persistent fraud-sharing problem among telcos and provide guidance for future research.