Open Access iconOpen Access

ARTICLE

crossmark

DC-FIPD: Fraudulent IP Identification Method Based on Homology Detection

by Yuanyuan Ma1, Ang Chen1, Cunzhi Hou1, Ruixia Jin2, Jinghui Zhang1, Ruixiang Li3,4,*

1 College of Computer and Information Engineering, Henan Normal University, Xinxiang, 453007, China
2 Intelligent Medical Engineering, SanQuan Medical College, Xinxiang, 453003, China
3 Information Engineering University, Information Engineering University, Zhengzhou, 450001, China
4 Key Laboratory of Cyberspace Situation Awareness of Henan Province, Zhengzhou, 450001, China

* Corresponding Author: Ruixiang Li. Email: email

Computers, Materials & Continua 2024, 81(2), 3301-3323. https://doi.org/10.32604/cmc.2024.056854

Abstract

Currently, telecom fraud is expanding from the traditional telephone network to the Internet, and identifying fraudulent IPs is of great significance for reducing Internet telecom fraud and protecting consumer rights. However, existing telecom fraud identification methods based on blacklists, reputation, content and behavioral characteristics have good identification performance in the telephone network, but it is difficult to apply to the Internet where IP (Internet Protocol) addresses change dynamically. To address this issue, we propose a fraudulent IP identification method based on homology detection and DBSCAN(Density-Based Spatial Clustering of Applications with Noise) clustering (DC-FIPD). First, we analyze the aggregation of fraudulent IP geographies and the homology of IP addresses. Next, the collected fraudulent IPs are clustered geographically to obtain the regional distribution of fraudulent IPs. Then, we constructed the fraudulent IP feature set, used the genetic optimization algorithm to determine the weights of the fraudulent IP features, and designed the calculation method of the IP risk value to give the risk value threshold of the fraudulent IP. Finally, the risk value of the target IP is calculated and the IP is identified based on the risk value threshold. Experimental results on a real-world telecom fraud detection dataset show that the DC-FIPD method achieves an average identification accuracy of 86.64% for fraudulent IPs. Additionally, the method records a precision of 86.08%, a recall of 45.24%, and an F1-score of 59.31%, offering a comprehensive evaluation of its performance in fraud detection. These results highlight the DC-FIPD method’s effectiveness in addressing the challenges of fraudulent IP identification.

Keywords


Cite This Article

APA Style
Ma, Y., Chen, A., Hou, C., Jin, R., Zhang, J. et al. (2024). DC-FIPD: fraudulent IP identification method based on homology detection. Computers, Materials & Continua, 81(2), 3301-3323. https://doi.org/10.32604/cmc.2024.056854
Vancouver Style
Ma Y, Chen A, Hou C, Jin R, Zhang J, Li R. DC-FIPD: fraudulent IP identification method based on homology detection. Comput Mater Contin. 2024;81(2):3301-3323 https://doi.org/10.32604/cmc.2024.056854
IEEE Style
Y. Ma, A. Chen, C. Hou, R. Jin, J. Zhang, and R. Li, “DC-FIPD: Fraudulent IP Identification Method Based on Homology Detection,” Comput. Mater. Contin., vol. 81, no. 2, pp. 3301-3323, 2024. https://doi.org/10.32604/cmc.2024.056854



cc Copyright © 2024 The Author(s). Published by Tech Science Press.
This work is licensed under a Creative Commons Attribution 4.0 International License , which permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.
  • 311

    View

  • 136

    Download

  • 0

    Like

Share Link