Fraud detection in a hybrid cloud network utilizing software-defined networking

Abstract

The increase of fraudsters and fraud attacks on the communication network plays a major role in the loss of revenue, network abuse, and degradation of services. Communication and cloud networks belong to separate companies and consist of handover points from one network to another. The scope is to bring the communication and cloud networks closer and understand network traffic profiles using Software-Defined Networking (SDN) concept. The SDN controller serves to route the extracted tapped data to a central server instead of making use of the core network to route traffic. To apply policies to the traffic and identify which user traffic is a fraud case, and further to send a block signal to the network charging element on the communication network. The flow process is automated, and to protect the network from fraud attacks, using the SDN controller in a seamless approach and maintaining the performance of the network. Currently, there are outdated fraud detection systems but no automated blocking, previous work shows high expense and uses hierarchical layers of the infrastructure. Also, SDN is a concept that is designed on a vertical layer, which oversees the environment, the uses SDN on an in-line setup. The study defines a new framework for Communication and Cloud Providers to enable the detection and blocking of fraud. The study presents two scenarios, Smart energy abuse, and Service application abuse. The Smart Grid leverages intelligent communication technologies to modernize the electric infrastructure and raises new vectors for cyber risks and energy frauds. While services on the network require a secure platform that serves to block fraudsters. The research solution proposes three network architectures for the identification of fraud and integration within communication and cloud networks. The aim of the study included: • Real-time data classification; • Reporting of fraudulent subscribers, applications, and protocols; • Real-time analytics; and • Real-time blocking of data is classified as a fraudulent activity within the mobile data network. The main purpose was to achieve a higher energy/service fraud detection rate than similar work in the field, to provide a solution that integrates within the traditional network, and further blocks the fraud within the network.