Abstract: Phone number recycling (PNR) refers to the event wherein a mobile operator collects a disconnected number and reassigns it to a new owner. It has posed a threat to the reliability of the existing authentication solution for e-commerce platforms. Specifically, a new owner of a reassigned number can access the application account with which the number is associated, and may perform fraudulent activities. Existing solutions that employ a reassigned number database from mobile operators are costly for e-commerce platforms with large-scale users. Thus, alternative solutions that depend on only the information of the applications are imperative. In this work, we study the problem of detecting accounts that have been compromised owing to the reassignment of phone numbers. Our analysis on Meituan’s real-world dataset shows that compromised accounts have unique statistical features and temporal patterns. Based on the observations, we propose a novel model called temporal pattern and statistical feature fusion model (TSF) to tackle the problem, which integrates a temporal pattern encoder and a statistical feature encoder to capture behavioral evolutionary interaction and significant operation features. Extensive experiments on the Meituan and IEEE-CIS datasets show that TSF significantly outperforms the baselines, demonstrating its effectiveness in detecting compromised accounts due to reassigned numbers.

电子商务平台"二次放号"被盗账号检测研究：以美团为例

[1]Alibaba Cloud, 2023. Phone Number Verification Service (in Chinese). https://www.alibabacloud.com/product/verify?spm=a3c0i.23458820.2359477120.2.2e137d3frQSEAI [Accessed on Mar. 25, 2023].

[2]Al-Qurishi M, Hossain MS, Alrubaian M, et al., 2018. Leveraging analysis of user behavior to identify malicious activities in large-scale social networks. IEEE Trans Ind Inform, 14(2):799-813.

[3]Baytas IM, Xiao C, Zhang X, et al., 2017. Patient subtyping via time-aware LSTM networks. Proc 23^rd ACM SIGKDD Int Conf on Knowledge Discovery and Data Mining, p.65-74.

[4]Bhattacharyya S, Jha S, Tharakunnel K, et al., 2011. Data mining for credit card fraud: a comparative study. Dec Support Syst, 50(3):602-613.

[5]Bilge L, Strufe T, Balzarotti D, et al., 2009. All your contacts are belong to us: automated identity theft attacks on social networks. Proc 18^th Int Conf on World Wide Web, p.551-560.

[6]Bonaccorsi G, Pierri F, Cinelli M, et al., 2020. Economic and social consequences of human mobility restrictions under COVID-19. Proc Natl Acad Sci USA, 117(27):15530-15535.

[7]Boshmaf Y, Logothetis D, Siganos G, et al., 2015. Integro: leveraging victim prediction for robust fake account detection in OSNs. Proc 22^nd Network and Distributed System Security Symp, p.8-11.

[8]Branco B, Abreu P, Gomes AS, et al., 2020. Interleaved sequence RNNs for fraud detection. Proc 26^th ACM SIGKDD Int Conf on Knowledge Discovery & Data Mining, p.3101-3109.

[9]Cao SS, Yang XX, Chen C, et al., 2019. TitAnt: online real-time transaction fraud detection in ant financial. Proc VLDB Endowment, 12(12):2082-2093.

[10]Chai YD, Zhou YH, Li WF, et al., 2022. An explainable multi-modal hierarchical attention model for developing phishing threat intelligence. IEEE Trans Depend Sec Comput, 19(2):790-803.

[11]Cheng DW, Xiang S, Shang CC, et al., 2020. Spatio-temporal attention-based neural network for credit card fraud detection. Proc 34^th AAAI Conf on Artificial Intelligence, p.362-369.

[12]Cho K, van Merriënboer B, Gulcehre C, et al., 2014. Learning phrase representations using RNN encoder–decoder for statistical machine translation. Proc Conf on Empirical Methods in Natural Language Processing, p.1724-1734.

[13]Dmitrienko A, Liebchen C, Rossow C, et al., 2014. On the (in)security of mobile two-factor authentication. Proc 18^th Int Conf on Financial Cryptography and Data Security, p.365-383.

[14]Doerfler P, Thomas K, Marincenko M, et al., 2019. Evaluating login challenges as a defense against account takeover. Proc World Wide Web Conf, p.372-382.

[15]Dou YT, Liu ZW, Sun L, et al., 2020. Enhancing graph neural network-based fraud detectors against camouflaged fraudsters. Proc 29^th ACM Int Conf on Information & Knowledge Management, p.315-324.

[16]Egele M, Stringhini G, Kruegel C, et al., 2017. Towards detecting compromised accounts on social networks. IEEE Trans Depend Sec Comput, 14(4):447-460.

[17]Federal Communications Commission of the United States, 2018. Reassigned Numbers Database. https://www.fcc.gov/reassigned-numbers-database [Accessed on Apr. 1, 2023].

[18]Friedman JH, 2001. Greedy function approximation: a gradient boosting machine. Ann Statist, 29(5):1189-1232.

[19]Fu YY, Zhang M, Xu X, et al., 2021. Partial feature selection and alignment for multi-source domain adaptation. Proc IEEE/CVF Conf on Computer Vision and Pattern Recognition, p.16654-16663.

[20]Gao M, Li Z, Li RC, et al., 2023. EasyGraph: a multifunctional, cross-platform, and effective library for interdisciplinary network analysis. Patterns, 4(10):100839.

[21]Gong QY, Chen Y, He XL, et al., 2018. DeepScan: exploiting deep learning for malicious account detection in location-based social networks. IEEE Commun Mag, 56(11):21-27.

[22]Gong QY, Liu YS, Zhang JY, et al., 2023. Detecting malicious accounts in online developer communities using deep learning. IEEE Trans Knowl Data Eng, 35(10):10633-10649.

[23]Greff K, Srivastava RK, Koutník J, et al., 2017. LSTM: a search space Odyssey. IEEE Trans Neur Netw Learn Syst, 28(10):2222-2232.

[24]He Y, Wang C, Li N, et al., 2020. Attention and memory-augmented networks for dual-view sequential learning. Proc 26^th ACM SIGKDD Int Conf on Knowledge Discovery & Data Mining, p.125-134.

[25]Hochreiter S, Schmidhuber J, 1997. Long short-term memory. Neur Comput, 9(8):1735-1780.

[26]Hu BB, Zhang ZQ, Shi C, et al., 2019. Cash-out user detection based on attributed heterogeneous information network with a hierarchical attention mechanism. Proc 33^rd AAAI Conf on Artificial Intelligence, p.946-953.

[27]Huang JQ, Hu K, Tang QT, et al., 2021. Deep position-wise interaction network for CTR prediction. Proc 44^th Int ACM SIGIR Conf on Research and Development in Information Retrieval, p.1885-1889.

[28]Karimi H, VanDam C, Ye LY, et al., 2018. End-to-end compromised account detection. Proc IEEE/ACM Int Conf on Advances in Social Networks Analysis and Mining, p.314-321.

[29]Kawase R, Diana F, Czeladka M, et al., 2019. Internet fraud: the case of account takeover in online marketplace. Proc 30^th ACM Conf on Hypertext and Social Media, p.181-190.

[30]Ke GL, Meng Q, Finley T, et al., 2017. LightGBM: a highly efficient gradient boosting decision tree. Proc 31^st Int Conf on Neural Information Processing Systems, p.3149-3157.

[31]Ke GL, Xu ZH, Zhang J, et al., 2019. DeepGBM: a deep learning framework distilled by GBDT for online prediction tasks. Proc 25^th ACM SIGKDD Int Conf on Knowledge Discovery & Data Mining, p.384-394.

[32]Keren G, Schuller B, 2016. Convolutional RNN: an enhanced model for extracting features from sequential data. Proc Int Joint Conf on Neural Networks, p.3412-3419.

[33]Kingma DP, Ba J, 2015. Adam: a method for stochastic optimization. Proc 3^rd Int Conf on Learning Representations.

[34]Lee K, Narayanan A, 2021. Security and privacy risks of number recycling at mobile carriers in the United States. Proc APWG Symp on Electronic Crime Research, p.1-17.

[35]Li A, Qin Z, Liu RS, et al., 2019. Spam review detection with graph convolutional networks. Proc 28^th ACM Int Conf on Information and Knowledge Management, p.2703-2711.

[36]Li S, Liu K, Meng R, 2018. Research and design of interface for reassigned mobile numbers. Proc IEEE 18^th Int Conf on Communication Technology, p.1311-1314.

[37]Liang T, Zeng GX, Zhong QW, et al., 2021. Credit risk and limits forecasting in e-commerce consumer lending service via multi-view-aware mixture-of-experts nets. Proc 14^th ACM Int Conf on Web Search and Data Mining, p.229-237.

[38]Ling XL, Deng WW, Gu C, et al., 2017. Model ensemble for click prediction in Bing search ads. Proc 26^th Int Conf on World Wide Web Companion, p.689-698.

[39]Liu ZQ, Chen CC, Yang XX, et al., 2018. Heterogeneous graph neural networks for malicious account detection. Proc 27^th ACM Int Conf on Information and Knowledge Management, p.2077-2085.

[40]Mainali P, Psychoula I, Petitcolas FAP, 2022. ExMo: explainable AI model using inverse frequency decision rules. Proc 3^rd Int Conf on Human-Computer Interaction, p.179-198.

[41]McDonald A, Sugatan C, Guberek T, et al., 2021. The annoying, the disturbing, and the weird: challenges with phone numbers as identifiers and phone number recycling. Proc CHI Conf on Human Factors in Computing Systems, Article 559.

[42]McNemar Q, 1947. Note on the sampling error of the difference between correlated proportions or percentages. Psychometrika, 12(2):153-157.

[43]Mirian A, DeBlasio J, Savage S, et al., 2019. Hack for hire: exploring the emerging market for account hijacking. Proc World Wide Web Conf, p.1279-1289.

[44]Mobile China, 2017. Mobile Authentication: Capitalising on China’s Identity Market. https://www.gsma.com/solutions-and-impact/technologies/mobile-identity/gsma_resources/mobile-authentication-capitalising-chinas-identity-market [Accessed on Mar. 1, 2023].

[45]Mulliner C, Borgaonkar R, Stewin P, et al., 2013. SMS-based one-time passwords: attacks and defense. Proc 10^th Int Conf on Detection of Intrusions and Malware, and Vulnerability Assessment, p.150-159.

[46]Nti IK, Somanathan AR, 2024. A scalable RF-XGBoost framework for financial fraud mitigation. IEEE Trans Comput Soc Syst, 11(2):1556-1563.

[47]Ping YK, Gao C, Liu TC, et al., 2021. User consumption intention prediction in Meituan. Proc 27^th ACM SIGKDD Conf on Knowledge Discovery & Data Mining, p.3472-3482.

[48]Tao JL, Wang H, Xiong T, 2018. Selective graph attention networks for account takeover detection. Proc IEEE Int Conf on Data Mining Workshops, p.49-54.

[49]Thomas K, Akhawe D, Bailey M, et al., 2021. SoK: hate, harassment, and the changing landscape of online abuse. Proc IEEE Symp on Security and Privacy, p.247-267.

[50]VanDam C, Tan PN, Tang JL, et al., 2018. CADET: a multi-view learning framework for compromised account detection on Twitter. Proc IEEE/ACM Int Conf on Advances in Social Networks Analysis and Mining, p.471-478.

[51]Vaswani A, Shazeer N, Parmar N, et al., 2017. Attention is all you need. Proc 31^st Int Conf on Neural Information Processing Systems, p.6000-6010.

[52]Viswanath B, Bashir MA, Crovella M, et al., 2014. Towards detecting anomalous user behavior in online social networks. Proc 23^rd USENIX Security Symp, p.223-238.

[53]Wang C, Zhu HY, 2022. Representing fine-grained co-occurrences for behavior-based fraud detection in online payment services. IEEE Trans Depend Sec Comput, 19(1):301-315.

[54]Wang C, Wang CQ, Zhu HY, et al., 2020. LAW: learning automatic windows for online payment fraud detection. IEEE Trans Depend Sec Comput, 18(5):2122-2135.

[55]Wang DX, Lin JB, Cui P, et al., 2019. A semi-supervised graph attentive network for financial fraud detection. Proc IEEE Int Conf on Data Mining, p.598-607.

[56]Wang J, Zou JH, Wang HY, 2022. Sampling with replacement vs Poisson sampling: a comparative study in optimal subsampling. IEEE Trans Inform Theory, 68(10):6605-6630.

[57]Welch BL, 1951. On the comparison of several mean values: an alternative approach. Biometrika, 38(3-4):330-336.

[58]Xu T, Goossen G, Cevahir HK, et al., 2021. Deep entity classification: abusive account detection for online social networks. Proc 30^th USENIX Security Symp, p.4097-4114.

[59]Yao TJ, Li Q, Liang SS, et al., 2020. BotSpot: a hybrid learning framework to uncover bot install fraud in mobile advertising. Proc 29^th ACM Int Conf on Information & Knowledge Management, p.2901-2908.

[60]Ye QZ, Gao YB, Zhang ZH, et al., 2022. Modeling access environment and behavior sequence for financial identity theft detection in E-commerce services. Proc Int Joint Conf on Neural Networks, p.1-8.

[61]Yu JF, Qiu MH, Jiang J, et al., 2018. Modelling domain relationships for transfer learning on retrieval-based question answering systems in E-commerce. Proc 11^th ACM Int Conf on Web Search and Data Mining, p.682-690.

[62]Zhang YB, Zhao DB, Zhang J, et al., 2011. Interpolation-dependent image downsampling. IEEE Trans Image Process, 20(11):3291-3296.

[63]Zou YX, Roundy K, Tamersoy A, et al., 2020. Examining the adoption and abandonment of security, privacy, and identity theft protection practices. Proc CHI Conf on Human Factors in Computing Systems, p.1-15.