电子商务平台"二次放号"被盗账号检测研究:以美团为例

Detecting compromised accounts caused by phone number recycling on e-commerce platforms:taking Meituan as an example

高敏 ¹陈疏桐 ¹高洋波 ²张振华 ²陈彧 ²李钰鹏 ³叶琼赞 ¹王新 ¹陈阳¹

扫码查看

作者信息

1. 复旦大学计算机科学技术学院,中国上海市,200438;上海市智能信息处理重点实验室(复旦大学),中国上海市,200438
2. 美团,中国北京市,100005
3. 香港浸会大学互动媒体系,中国香港特别行政区,999077
折叠

摘要

"二次放号"是指移动运营商回收已停机手机的号码并将其重新分配给新号主的行为.这种操作方式对电子商务平台现有身份验证解决方案的可靠性构成了威胁.具体而言,重新分配号码的新号主可以使用该号码之前已绑定的应用程序账户,并可能基于此开展欺诈活动.对于拥有庞大用户群体的电子商务平台而言,现有的基于移动运营商重新分配号码数据库的解决方案成本高昂.因此,我们迫切需要一种只依赖应用程序信息的解决方案.本文深入探究了因二次放号引发的被盗账号检测问题.基于对美团真实数据集的分析发现,被盗账户具有独特的统计特征和时序模式.基于这些观察结果,我们提出一种时序模式与统计特征融合模型(TSF).该模型分别设计了时序模式编码器和统计特征编码器,旨在捕获能够有效区分正常账号和异常账号的时序演化模式和关键行为特征.在美团数据集和IEEE-CIS数据集上进行的大量实验表明,TSF的性能明显优于其它基线模型,进一步验证了所提模型的有效性.

Abstract

Phone number recycling(PNR)refers to the event wherein a mobile operator collects a disconnected number and reassigns it to a new owner.It has posed a threat to the reliability of the existing authentication solution for e-commerce platforms.Specifically,a new owner of a reassigned number can access the application account with which the number is associated,and may perform fraudulent activities.Existing solutions that employ a reassigned number database from mobile operators are costly for e-commerce platforms with large-scale users.Thus,alternative solutions that depend on only the information of the applications are imperative.In this work,we study the problem of detecting accounts that have been compromised owing to the reassignment of phone numbers.Our analysis on Meituan's real-world dataset shows that compromised accounts have unique statistical features and temporal patterns.Based on the observations,we propose a novel model called temporal pattern and statistical feature fusion model(TSF)to tackle the problem,which integrates a temporal pattern encoder and a statistical feature encoder to capture behavioral evolutionary interaction and significant operation features.Extensive experiments on the Meituan and IEEE-CIS datasets show that TSF significantly outperforms the baselines,demonstrating its effectiveness in detecting compromised accounts due to reassigned numbers.

关键词

二次放号/神经网络/电子商务/被盗账号检测

Key words

Phone number recycling/Neural networks/E-commerce/Compromised account detection

引用本文复制引用

基金项目

National Natural Science Foundation of China(62072115)

National Natural Science Foundation of China(62202402)

National Natural Science Foundation of China(61971145)

National Natural Science Foundation of China(61602122)

Shanghai Science and Technology Innovation Action Plan Project(22510713600)

Guangdong Basic and Applied Basic Research Foundation,China(2022A1515011583)

Guangdong Basic and Applied Basic Research Foundation,China(2023A1515011562)

Oneoff Tier 2 Startup Grant(2020/2021)of Hong Kong Baptist University(Ref.RC-OFSGT2/20-21/COMM/002)

Startup Grant(Tier 1)for New Academics of Hong Kong Baptist University(AY2020/21)

Germany/Hong Kong Joint Research Scheme sponsored by the Research Grants Council of Hong Kong,China()

German Academic Exchange Service of Germany,Meituan(G-HKBU203/22)

出版年

2024

信息与电子工程前沿(英文)

浙江大学

信息与电子工程前沿(英文)

CSTPCD

影响因子：0.371

ISSN：2095-9184

段落导航