Method, device and program product for dynamic trust evaluation of a calling number
By constructing a trust function and using gradient descent optimization, the nonlinear coupling relationship of the calling number authentication level is dynamically determined, which solves the problems of insufficient decision accuracy and transparency in existing technologies and achieves efficient and interpretable calling number authentication level decision-making.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- XIAMEN XINGZONG DIGITAL TECH CO LTD
- Filing Date
- 2026-04-21
- Publication Date
- 2026-07-14
AI Technical Summary
Existing caller ID Attestation ranking decision methods cannot accurately characterize the nonlinear coupling relationship of multiple factors, lack transparency and interpretability, and the parameters rely on manual settings, resulting in poor adaptability and making it difficult to meet the requirements of telecommunications regulatory authorities.
A trust function F(X) is constructed to map multiple characteristic factors affecting the caller ID authentication level to continuous trust values in the interval [0,1]. The parameters are optimized by gradient descent, and the contribution of factors is quantified by partial derivative analysis. The authentication level division boundary is dynamically determined to realize a mathematical decision-making process.
It improves the accuracy and reliability of caller ID authentication level decisions, enhances the interpretability and adaptability of the decision-making process, and meets the transparency and traceability requirements of telecommunications regulatory authorities.
Smart Images

Figure CN122395594A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of communication network security technology, and in particular to a dynamic trust assessment method, device, and program product for caller ID numbers. Background Technology
[0002] With the continuous upgrading of telecommunications fraud methods, caller ID spoofing has become a serious security threat to global communication networks. To address this challenge, the U.S. Federal Communications Commission (FCC) and the Canadian Radio-television and Telecommunications Commission (CRTC) have mandated that operators deploy the STIR / SHAKEN standard (see IETF RFC 8224 "Authenticated Identity Management in the Session Initiation Protocol (SIP)" and IETF RFC 8588 "Personal Assertion Token (PASSporT) Extension for Signature-based Handling of Asserted information using toKENs (SHAKEN)") in their IP networks to verify the authenticity of caller IDs and establish a call trust chain between operators. The core mechanism of the STIR / SHAKEN framework is that the Identity Authentication Service (STI-AS) generates a digital signature for each call, declaring the Attestation Level of the caller ID in the signature to indicate the operator's guarantee of the number's trustworthiness. Attestation levels are typically divided into three levels: Level A (full authentication), Level B (partial authentication), and Level C (gateway authentication).
[0003] In practical deployments, existing Attestation grading decision-making methods typically rely on preset rules. For example, they determine the grade based on factors such as whether the number is on the authorization list and the type of the source trunk, using fixed if-then rules. The core of these methods is to logically judge each influencing factor as an independent condition; if the number's attribution matches and the trunk type is reliable, it is graded A; otherwise, it is downgraded to grade B or C. However, this rule-based decision-making approach has the following technical problems: First, the factors influencing Attestation levels are not independent but rather complexly coupled. Multiple factors, such as number attribution matching, trunk type credibility, customer authorization strength, real-time registration status, and historical reputation records, interact and jointly influence the final trust judgment. For example, when number attribution matching is high but trunk type credibility is low, the synergistic effect of these two factors on trust cannot be accurately quantified by simple rule aggregation. Fixed-rule methods treat each factor as an independent condition, failing to characterize this non-linear coupling, resulting in low decision accuracy in complex scenarios. Furthermore, fixed-rule-based methods cannot adapt to environmental changes, leading to a decline in model accuracy over time.
[0004] Secondly, rule-based decision-making processes lack transparency and explainability. Once the system makes a certain level determination, auditors find it difficult to trace which specific factors played a dominant role and the degree of contribution of each factor. This "black box" decision-making approach presents difficulties for regulatory review and troubleshooting, and fails to meet the telecommunications regulatory authorities' requirements for traceability of the decision-making process.
[0005] Furthermore, the decision parameters in existing methods often rely on engineers' experience and lack mathematical basis. When fraud patterns evolve or business scenarios change, manually set parameters may no longer be applicable, leading to a decrease in classification accuracy. Summary of the Invention
[0006] To address at least one of the aforementioned technical problems, embodiments of the present invention provide a method, device, and program product for dynamic trust assessment of calling numbers.
[0007] To achieve the above objectives, on the one hand, a dynamic trust assessment method for calling numbers is provided, including: Construct a trust function F(X); the trust function F(X) is used to consider the n characteristic factors x1, x2, ..., xn that affect the caller ID authentication level. n Mapped to continuous trust values in the interval [0,1], where: X = [x1, x2, ..., x n ] ; The n characteristic factors include at least two of the following: number attribution matching degree, Trunk type credibility, customer authorization proof strength, real-time registration status, historical reputation score, call frequency characteristics, number age, and cross-network verification matching degree; Calculate the partial derivatives of the trust function F(X) with respect to each characteristic factor, where each partial derivative contains the parameter to be optimized; Using historical call data and its verification results as training data, a predefined loss function is used to measure the difference between the predicted trust value and the actual verification result. Gradient descent is used to iterate the parameters to be optimized to minimize the loss function and obtain the optimized trust function. Based on the optimized trust function, the boundary τ for the division of authentication levels A, B, and C is dynamically determined. A and τ C ; For each real-time call, extract its feature vector X, substitute it into the optimized trust function, and obtain the trust value of that real-time call. When the trust value is greater than or equal to τ... A When the real-time caller ID is set to authentication level A, the authentication level of the caller ID is determined to be level A; when the trust value is less than τ... C When the real-time caller ID is determined to have an authentication level of C, the trust value X is less than τ. A And greater than or equal to τ C At that time, the authentication level of the real-time caller ID number was determined to be B.
[0008] Preferably, in the dynamic trust assessment method, wherein: F(X) = σ( W2· tanh( W1· X + b1) + b2); x1, x2, ..., x n There are n feature factors; W1 is a k×n weight matrix used to map the n-dimensional input to the k-dimensional hidden layer; b1 is a k-dimensional bias vector; tanh is the hyperbolic tangent function used as the activation function; W2 is a 1×k output layer weight matrix; b2 is the output layer bias; σ is the Sigmoid function.
[0009] Preferably, in the dynamic trust assessment method, wherein, F(X) = σ( β0+ β1·x1+ β2·x2+ β3·x3+ β4·x4+ β5·x1·x2+ β6·x3·x4); F / x1= F(X)·(1-F(X)) · (β1+ β5·x2); F / x2= F(X)·(1-F(X)) · (β2+ β5·x1); F / x3= F(X)·(1-F(X)) · (β3+ β6·x4); F / x4= F(X)·(1-F(X)) · (β4+ β6·x3); Where x1 represents number attribution matching degree, x2 represents trunk type credibility, x3 represents customer authorization proof strength, and x4 represents real-time registration status; β0, β1, ..., β6 are parameters to be optimized; β1 represents the main effect of number attribution matching degree; β2 represents the main effect of trunk type credibility; β3 represents the main effect of customer authorization proof strength; β4 represents the main effect of real-time registration status; β5 represents the interaction effect between number attribution matching degree and trunk type credibility; and β6 represents the interaction effect between customer authorization proof strength and real-time registration status.
[0010] Preferably, in the dynamic trust assessment method, the loss function is the cross-entropy loss function.
[0011] Preferably, the dynamic trust assessment method determines the dividing boundary τ through the following steps. A and τ C : Define the classification error rate function E(τ) A , τ C The result is as follows: E(τ A , τ C = w1·P (fraudulent call is judged as level A) + w2·P (legitimate call is judged as level C) + w3·P (level misalignment); w1, w2, and w3 are the penalty weights for various types of errors; grade misalignment includes: being judged as grade B when it should be grade A, or being judged as grade B when it should be grade C; P(fraudulent call judged as grade A) represents the probability of a fraudulent call being judged as grade A; P(legitimate call judged as grade C) represents the probability of a legitimate call being judged as grade C; P(grade misalignment) represents the probability of grade misalignment. Solve the equation E / τ A = 0 and E / τ C = 0.
[0012] Preferably, in the dynamic trust assessment method, the distribution of the trust function across various types of samples follows a Gaussian mixture model, wherein: τ A = argmin {τ ∈ [0,1]} [P(y=A|F≥τ) + P(y≠A|F≥τ)]; τ C = argmin {τ ∈ [0,1]}[ P(y=C|F<τ) + P(y≠C|F<τ)]; Where τ is the candidate boundary threshold, with a value range of [0, 1]; F is the confidence function value for a sample output; P(y=A|F≥τ) is the proportion of samples with confidence ≥ τ where the true label is A; P(y≠A|F≥τ) is the proportion of samples with confidence ≥ τ where the true label is not A; P(y=C|F<τ) is the proportion of samples with confidence < τ where the true label is C; and P(y≠C|F<τ) is the proportion of samples with confidence < τ where the true label is not C.
[0013] Preferably, the dynamic trust assessment method determines the dividing boundary τ through the following steps. A and τ C : Discretize the [0,1] interval into N candidate thresholds; For each group (τ) A , τ C And τ C <τ A Calculate the cross-validation error rate; Choose the set that minimizes the error rate (τ) A , τ C () as the optimal boundary.
[0014] Preferably, the dynamic trust assessment method, when determining the caller ID authentication level, further includes: The partial derivatives for each feature factor are calculated in real time based on the optimized trust function. Decision interpretations are generated based on the calculated partial derivatives, and the feature factors that contribute the most to the current decision are identified.
[0015] On the other hand, an electronic device is also provided, including a memory and a processor, the memory storing at least one program, the at least one program being executed by the processor to implement the steps of the dynamic trust assessment method as described in any of the above.
[0016] In another aspect, a computer program product is also provided, comprising a computer program, characterized in that, when the computer program is executed by a processor, it implements the steps of the dynamic trust assessment method as described above.
[0017] The above technical solution has the following technical effects: The technical solution of this invention constructs a trust function by mapping multiple feature factors affecting the caller ID authentication level to continuous trust values in the [0,1] interval. This upgrades the Attestation level decision from discrete rule judgment to continuous function modeling, realizing a mathematical expression of the decision-making process, characterizing the nonlinear coupling relationship of multiple factors affecting the Attestation level, and further quantifying the marginal contribution of each trust factor to the decision result by introducing partial derivative analysis, thus transforming the decision-making process from a "black box" to a "white box," significantly enhancing interpretability. The decision parameters are optimized based on mathematical methods and possess adaptive adjustment capabilities to improve the accuracy and reliability of STIR / SHAKEN caller ID authentication level decisions. By introducing the gradient descent method into the operator's trust decision system, the decision parameters can be automatically optimized based on feedback data.
[0018] In a further embodiment, the dynamic boundary is determined by automatically determining the level classification threshold through solving equations, thus avoiding the subjectivity and arbitrariness of manual experience setting. Attached Figure Description
[0019] Figure 1 This is a flowchart illustrating a dynamic trust assessment method for calling numbers according to an embodiment of the present invention. Figure 2 The system core architecture and data flow diagram for implementing the dynamic trust assessment method for calling numbers according to an embodiment of the present invention; Figure 3 This is a flowchart of a dynamic trust assessment method for calling numbers according to an embodiment of the present invention. Detailed Implementation
[0020] To further illustrate the various embodiments, the present invention provides accompanying drawings. These drawings are part of the disclosure of the present invention, primarily used to illustrate the embodiments and to explain the operating principles of the embodiments in conjunction with the relevant descriptions in the specification. With reference to these drawings, those skilled in the art should be able to understand other possible implementations and the advantages of the present invention. Components in the drawings are not drawn to scale, and similar component symbols are generally used to represent similar components.
[0021] The present invention will now be further described in conjunction with the accompanying drawings and specific embodiments.
[0022] Example 1: Figure 1 This is a flowchart illustrating a dynamic trust assessment method for calling numbers according to an embodiment of the present invention. The dynamic trust assessment method for calling numbers in this embodiment of the invention determines the authentication level of the calling number in the current call in real time, i.e., whether the Attestation level is A, B, or C.
[0023] like Figure 1The dynamic trust assessment method for calling numbers in this embodiment includes the following steps: Construct a trust function F(X); the trust function F(X) is used to evaluate the n characteristic factors x1, x2, ..., x3 that affect the caller ID authentication level. n Mapped to continuous trust values in the interval [0,1], where: X = [x1, x2, ..., x n ] ; The n characteristic factors include at least two of the following: number attribution matching degree, trunk type credibility, customer authorization proof strength, real-time registration status, historical reputation score, call frequency characteristics, number age, and cross-network verification matching degree; Calculate the partial derivatives of the trust function F(X) with respect to each characteristic factor, where each partial derivative contains the parameters to be optimized; Historical call data and its verification results are used as training data. A predefined loss function is used to measure the difference between the predicted trust value and the actual verification result. Gradient descent is used to iteratively optimize the parameters to minimize the loss function, resulting in an optimized trust function. In a specific implementation, the training data is historical known data. In one specific implementation, the verification result includes: whether the call was complained about, whether the call was verified as fraudulent, etc. In another specific implementation, the verification result includes different types, such as one or more of the following types: direct complaint, online verification, blacklist, behavioral feature, user feedback, and regulatory notification. Table 1 shows the specific indicators, data sources, and physical meanings of different types of verification results.
[0024] Table 1
[0025] In one specific implementation, since the confidence levels of verification results from different sources differ, a weighted fusion method is used to construct a comprehensive label y. y = Σ w j · y j ; in: y j This is the normalized value of the j-th verification result, i.e., the confidence level with a value between [0,1]. w j Let w be the weight, satisfying Σ w j = 1.
[0026] In one specific implementation, the verification results include the above six types. Preferably, when calculating the comprehensive label y, the weight allocation of each type is as follows: direct complaint type 0.35, network verification type 0.25, blacklist type 0.20, behavioral feature type 0.10, user feedback type 0.05, and regulatory notification type 0.05.
[0027] Based on the optimized trust function, the boundary τ for the division of authentication levels A, B, and C is dynamically determined. A and τ C Preferably, the determined boundary τ A and τ C This represents the optimal classification boundary; For each real-time call, extract its feature vector X, substitute it into the optimized trust function, and obtain the trust value of that real-time call. When the trust value is greater than or equal to τ... A When the real-time caller ID is set to authentication level A, the authentication level of the caller ID is determined to be level A; when the trust value is less than τ... C When the real-time caller ID is determined to have an authentication level of C, the trust value X is less than τ. A And greater than or equal to τ C At that time, the authentication level of the calling number in the real-time call was determined to be B. j The trust function constructed in this embodiment of the invention is a continuously differentiable trust function. This embodiment of the invention calculates the partial derivatives of the trust function with respect to each factor. F / x i This quantifies the marginal contribution of each factor to the final level of trust. The larger the absolute value of the partial derivative, the more sensitive the factor is to the decision outcome.
[0028] Example 2: Figure 2 The system core architecture and data flow diagram for implementing this embodiment of the present invention are shown below. Figure 2 The system implementing the method of this embodiment of the invention includes: a data acquisition layer, a function modeling layer, a decision execution layer, and a feedback and optimization layer. The data acquisition layer includes: a static attribute collector, a dynamic state collector, a historical feedback collector, and a multi-dimensional database. The decision execution layer includes: a real-time call feature extraction module, a trust calculation module, a boundary equation solving module, and an Attestation level mapping module. The function modeling layer includes: a feature vector construction module, a trust function definition module, a partial derivative calculation module, and a gradient descent optimization module. The feedback and optimization layer includes: complaint feedback collection, verification result storage, and loss function calculation. In specific implementations, each layer of the above system is implemented through computer programs that perform corresponding functions.
[0029] Figure 3This is a flowchart of the dynamic trust assessment method for calling numbers according to this embodiment of the present invention. Figure 3 The method in this embodiment includes: Phase 1: offline modeling and optimization; Phase 2: online real-time decision-making; Phase 3: feedback closed-loop optimization.
[0030] In Phase 1, historical call data and verification results are collected as a training dataset to train a pre-constructed trust function using feature factors influencing Attestation levels. The corresponding parameters are initialized and iteratively optimized using a pre-defined loss function to calculate the optimal classification boundary τ. A and τ C Then, the optimized trust function and the obtained classification, i.e., the partition boundary, are used in the online real-time decision-making of Phase 2.
[0031] In Phase Two, for each call, the feature vector X of the current call is extracted. Based on the corresponding feature data, a trust value is calculated using an optimized trust function, and partial derivatives are calculated for each feature factor. The calculated trust value is compared with the obtained partition boundary. When the trust value is greater than or equal to τ, the call is considered a trust value. A When the real-time caller ID is set to authentication level A, the authentication level of the caller ID is determined to be level A; when the trust value is less than τ... C When the real-time caller ID is determined to have an authentication level of C, the trust value X is less than τ. A And greater than or equal to τ C At that time, the authentication level of the real-time caller ID number was determined to be B.
[0032] In Phase 3, historical data is updated by collecting call complaints and verification results, and regular re-optimization is triggered.
[0033] The specific implementation of this embodiment of the present invention will be described below.
[0034] I. Multivariable Function Modeling 1. Definition of Eigenvector Define n characteristic factors that influence Attestation ranking decisions, forming an feature vector X = [x1, x2, ..., x...]. n ] The details are shown in Table 2 below: Table 2
[0035] As shown in Table 2, the range of call frequency characteristics is [0, 2], because a frequency exceeding twice the historical average has been confirmed by industry practice and academic research as a significant abnormal signal; in actual operation, normal business emergencies (such as marketing activities) usually do not exceed twice the average; if a call is >2, a high-risk warning can be triggered directly without entering the scoring model.
[0036] 2. Definition of Trust Function Define the trust function F: n → [0,1] maps the feature vector to continuous trust values.
[0037] Basic form (considering non-linear interactions between factors): F(X) = σ( W2· tanh( W1· X + b1) + b2); Where: W1 is a k×n weight matrix, mapping the n-dimensional input to the k-dimensional hidden layer; b1 is a k-dimensional bias vector; tanh is the activation function, introducing non-linearity; W2 is a 1×k output layer weight matrix; b2 is the output layer bias; σ is the sigmoid function, compressing the output to the [0,1] interval: σ(z) = 1 / (1+e -z ).
[0038] Simplified form of the trust function (considering the interpretability of key factors): F(X) = σ( β0+ β1·x1+ β2·x2+ β3·x3+ β4·x4+ β5·x1·x2+ β6·x3·x4); Where β0, β1, ..., β6 are the parameters to be optimized, x1 and x2 describe the synergistic effect between number attribution and Trunk type, and x3 and x4 describe the synergistic effect between customer authorization and real-time status.
[0039] 3. Definition of partial derivatives The partial derivatives of the confidence function with respect to each feature are defined as follows: F / x i = lim {Δxi→0} (F(x1,...,x i +Δx i ,...,x n ) - F(x1,...,x n )) / Δx i ; Physical meaning: partial derivative F / x i This indicates that when other factors remain constant, characteristic xi For each additional unit, the change in trust level F is represented by the partial derivative. The larger the absolute value of the partial derivative, the more sensitive the feature is to the decision outcome.
[0040] For the simplified form of the confidence function, the partial derivatives are calculated as follows: F / x1= F(X)·(1-F(X)) · (β1+ β5·x2); F / x2= F(X)·(1-F(X)) · (β2+ β5·x1); F / x3= F(X)·(1-F(X)) · (β3+ β6·x4); F / x4= F(X)·(1-F(X)) · (β4+ β6·x3); Physical meaning of the parameters: β1: Main effect of number attribution matching degree β2: Main effect of Trunk type credibility β3: Main effect of customer authorization strength β4: Main effect of real-time registration status β5: The interaction effect between number attribution and trunk type (β5>0 indicates a synergistic enhancement effect between the two). β6: The interaction effect between customer authorization and real-time status II. Loss Function and Gradient Optimization 1. Definition of loss function Define a loss function L(θ) to measure the difference between the model's predictions and the actual results. Here, θ represents all parameters to be optimized {β0, β1, ..., β6}.
[0041] Cross-entropy loss (suitable for classification problems): L(θ) = - (1 / N) Σ [ y j · log(F(X j )) + (1-y j ) · log(1-F(X j )) ]; Where: N is the number of training samples; Xj is the feature vector of the j-th call; yj is the true label of the j-th call, which takes the value of 1 or 0, where 1 indicates that the verification is credible and 0 indicates that it is reported as fraud; F(Xj) is the trust level predicted by the model, i.e., the trust value.
[0042] Physical meaning: The smaller the loss function value, the more consistent the model's prediction results are with the actual situation.
[0043] 2. Gradient Calculation The gradient of the loss function with respect to the parameter θ is defined as: L(θ) = [ L / β0, L / β1, ..., L / β6] ; According to the chain rule: L / β i = (1 / N) Σ (F(X j ) - y j ) · ( F / β i ); in F / β i It needs to be calculated based on the specific form of the trust function.
[0044] For the simplified form, F / β i The calculation is as follows: F / β0 = F(X)·(1-F(X)); F / β1 = F(X)·(1-F(X)) · x1; F / β2 = F(X)·(1-F(X)) · x2; F / β3 = F(X)·(1-F(X)) · x3; F / β4 = F(X)·(1-F(X)) · x4; F / β5= F(X)·(1-F(X)) ·x1·x2; F / β6= F(X)·(1-F(X))·x3·x4.
[0045] 3. Gradient Descent Optimization The parameters are iteratively optimized using the gradient descent method. θ (t+1) = θ t - α · L(θ t ); Where: θ t α is the parameter in the t-th iteration; α is the learning rate, which controls the step size for parameter updates. L(θ t ) is the current gradient.
[0046] Algorithm steps: Initialization: Randomly initialize parameter θ 0 ; Calculate the gradient: Calculate the gradient based on the current training data. L(θ t ); Update parameter: θ t+ ¹ = θ t - α· L(θ t ); Convergence criterion: If || L(θ t If || < ε or the maximum number of iterations has been reached, stop; otherwise, return to step 2. ε is a preset minimum value.
[0047] In this embodiment of the invention, gradient descent optimization is used to define a loss function L(F) with historical verification results, such as whether a call has been complained about or verified as fraud, as a supervision signal. The function parameters are iteratively optimized using the gradient descent method to minimize the loss function.
[0048] 4. Adaptive learning rate adjustment To accelerate convergence and avoid oscillations, the Adam optimizer is introduced to dynamically adjust the learning rate: m t = β1·m t-1 + (1-β1)· L(θt); v t = β2·v t-1 + (1-β2)·( L(θ t) )²; θ t+1 = θ t - α·m t / ( + ε) Where: m t It is the first moment estimate of the gradient; v t β1 and β2 are the second-order moment estimates of the gradient; β1 and β2 are the decay rates, typically taken as 0.9 and 0.999, respectively; ε is a small constant to prevent division by zero, typically taken as 10. -8 .
[0049] III. Dynamic Boundary Decision Optimized trust function F (X) maps feature vectors to continuous trust values. The division of Attestation levels A / B / C requires determining two optimal boundary thresholds τ. A and τ C .
[0050] 1. Boundary optimization objective Define the classification error rate function E(τ) A , τ C ): E(τ A and τ C = w1·P(fraudulent call is judged as level A) + w2·P(legitimate call is judged as level C) + w3·P(level misalignment); Where: w1, w2, w3 are the penalty weights for various types of errors; grade misalignment includes: being judged as grade B when it should be grade A, or being judged as grade B when it should be grade C; P(fraudulent call judged as grade A) represents the probability of a fraudulent call being judged as grade A; P(legitimate call judged as grade C) represents the probability of a legitimate call being judged as grade C; P(grade misalignment) represents the probability of grade misalignment.
[0051] 2. Boundary Equations The optimal boundary satisfies the following system of equations: E / τ A = 0; E / τ C = 0.
[0052] The distribution of trust level F across various samples follows a Gaussian mixture model, from which the following formula can be derived.
[0053] Boundary corresponding to level A (trust level ≥ τ) A Judged as A): τ A = argmin {τ ∈ [0,1]}[P(y=A|F≥τ) + P(y≠A|F≥τ)]; P(y=A|F≥τ) is the "recall rate", the proportion of correctly identified A; P(y≠A|F≥τ) is the "false positive rate", the proportion of incorrectly labeled A; minimizing the sum of the two is equivalent to finding the optimal balance between recall and false positive rate.
[0054] For the boundary of level C (trust level < τ) C (Judged as C): τ C = argmin {τ ∈ [0,1]} [ P(y=C|F<τ) + P(y≠C|F<τ)].
[0055] Specifically, τ is the candidate boundary threshold, ranging from [0, 1]; F is the trust function value, ranging from [0, 1]; y represents the true label, ranging from the authentication level {A, B, C}; P(y=A|F≥τ) means: in samples with trust ≥ τ, the proportion of true labels being A, ranging from [0, 1]; P(y≠A|F≥τ) means: in samples with trust ≥ τ, the proportion of true labels not being A, ranging from [0, 1]. P(y=C|F<τ) means: in samples with trust < τ, the proportion of true labels being C; P(y≠C|F<τ) means: in samples with trust < τ, the proportion of true labels not being C.
[0056] 3. Numerical Solution Methods The optimal boundary is determined using grid search and cross-validation. Discretize the interval [0,1] into 100 candidate thresholds. For each group (τ) A , τ C And τ C <τ A Calculate the cross-validation error rate; Choose the option that minimizes the error rate (τ). A , τ C () as the optimal boundary.
[0057] This invention minimizes the classification error rate by dynamically determining the optimal dividing boundary between Attestation levels A, B, and C.
[0058] IV. Real-time Decision Making and Partial Derivative Analysis 1. Real-time trust calculation For each real-time call, extract its feature vector X and substitute it into the optimized trust function F. (X), calculate the trust value: F = F (X) 2. Real-time partial derivative calculation Simultaneously calculate the partial derivatives of the current call with respect to each characteristic factor. F / x1, F / x2, ..., F / x n Forming a vector of partial derivatives F (X): F (X) = [ F / x1, F / x2, ..., F / x n ] ; The partial derivative vector indicates which factors are dominant in influencing trust levels within the current call context. For example, if F / x1 is much larger than other partial derivatives, indicating that the number attribution matching degree is the key factor in this decision; if F / The fact that x2 is negative and has a large absolute value indicates that the low credibility of the Trunk type is the main reason for the low trust level.
[0059] 3. Attestation level mapping Map the Attestation level based on the optimized boundary threshold: If F ≥ τ A Grade = A; If τ C ≤ F <τ A Then the grade = B; If F <τ C If so, then the grade = C.
[0060] 4. Decision Interpretation Generation Based on partial derivative analysis, a readable decision interpretation is generated: like F / x1 being the largest and positive: This is mainly attributed to "high matching degree of number attribution"; like F / The minimum value of x2 and its negative value indicate that the main reason for the deduction is "low credibility of the Trunk type". If x1·x2 contribute significantly, it indicates that the "synergistic effect between number attribution and Trunk type" has played a role.
[0061] Those skilled in the art can generate other decision interpretations based on the above examples, which will not be elaborated here.
[0062] V. Feedback Loop Optimization 1. Feedback Data Collection The system continuously collects the following feedback data: The called party's complaint record (the call marked as fraudulent); Consistency of verification results across different operators; Results of manual random inspection and verification.
[0063] 2. Incremental learning Regularly (e.g., weekly) optimize the model using the newly added feedback data: θ new = argmin θ [ L(θ; D old ∪ D new ) ].
[0064] The meanings of each variable are shown in Table 3 below.
[0065] Table 3
[0066] The core of incremental learning is to incorporate new information while preserving historical knowledge. This is achieved by using the merged, complete dataset D. old ∪D new Re-optimize to ensure that the model does not "forget" historical patterns (because D is preserved). old The model can adapt to changes in fraud patterns (because D was added). new ).
[0067] 3. Concept drift detection Monitor the distribution changes of the trust function output to detect whether "concept drift" has occurred, i.e., a fundamental change in the fraud pattern: ΔF = |E[F(X)] t - E[F(X)] t-1 |; If ΔF exceeds the preset threshold, the model will be retrained.
[0068] The meanings of the variables are shown in Table 4 below.
[0069] Table 4
[0070] Time window definition: t: Current time window (e.g., the last 7 days); t-1: The previous time window (e.g., the previous 7 days, which does not overlap with t); The window length should be consistent, usually 7 days or 30 days.
[0071] Physical meaning: When the fraud pattern is stable, the model's trust distribution for different calls should remain relatively stable, so E[F(X)] does not change much; when the fraud pattern changes fundamentally (such as when the attacker switches strategies), the model's trust judgment for new frauds will be systematically too high or too low, causing E[F(X)] to deviate significantly by ΔF. If the value exceeds the threshold, it means that the model is "outdated" and needs to be retrained with new data.
[0072] VI. Physical Meaning and Calculation Examples of Parameters Example scenario: Caller ID: +12145551234; Source Trunk: T1 (Type: Registered SIP Terminal); Customer authorization: LOA coverage number segment +1214555 has been uploaded. ; Terminal status: Currently online, registration is valid; Historical reputation: This number had a complaint rate of 0.1% over the past 30 days; Call frequency: The current call frequency is 1.2 times the historical average; Number age: 365 days since registration on the platform; Cross-network verification: Consistent with the verification results of the upstream operator.
[0073] Feature vector: X = [1.0, 1.0, 1.0, 1.0, 0.99, 1.2, 1.0, 1.0] ; Optimized parameters (obtained through gradient descent training): β0 = -2.0 (basic bias); β1 = 1.5 (Main effect of number attribution); β2 = 0.8 (Trunk-type main effect); β3 = 1.2 (Main effect of customer authorization); β4 = 0.6 (real-time registration main effect); β5 = 0.5 (attribution × Trunk interaction effect); β6 = 0.3 (authorization × registration interaction effect).
[0074] Trust level calculation: First, calculate the linear combination: z = β0+ β1 · x1 + β2 · x2 + β3 · x3 + β4 · =-2.0 + 1.5 + 0.8 + 1.2 + 0.6 + 0.5 + 0.3 = 2.9; Then, using the Sigmoid function: F = 1 / (1+e -z ) = 1 / (1+e - ²· 9 = 0.948; Partial derivative calculation: F / x1= F·(1-F)·(β1+ β5·x2) = 0.948·0.052·(1.5 + 0.5·1.0) =0.0493·2.0 = 0.0986; F / x2= F·(1-F)·(β2+ β5·x1) = 0.0493·(0.8 + 0.5·1.0) = 0.0493·1.3 = 0.0641; F / x3= F·(1-F)·(β3+ β6·x4) = 0.0493·(1.2 + 0.3·1.0) = 0.0493·1.5 = 0.0740; F / x4= F·(1-F)·(β4+ β6·x3) = 0.0493·(0.6 + 0.3·1.0) = 0.0493·0.9 = 0.0444.
[0075] Boundary threshold (after optimization): θ A = 0.85; θ B = 0.40; Level mapping: F = 0.948 ≥ 0.85, therefore it is mapped to grade A; Decision Explanation: Partial derivative analysis shows that the number attribution matching degree contributes the most to the trust level (0.0986), followed by the strength of customer authorization proof (0.0740). The interaction term contribution, β5·x1·x2 = 0.5, indicates that the synergistic effect between number attribution and Trunk type significantly enhances trust.
[0076] Example 3: The present invention also provides an electronic device, including a processor, a memory, a bus, and a computer program stored in the memory and executable on the processor. The processor includes one or more processing cores. The memory is connected to the processor via the bus and is used to store program instructions. When the processor executes the computer program, it implements the steps in the above-described method embodiments of Embodiment 1 of the present invention.
[0077] Furthermore, as an executable solution, the electronic device can be a computer unit, which can be a desktop computer, laptop, handheld computer, cloud server, or other computing device. The computer unit may include, but is not limited to, a processor and memory. Those skilled in the art will understand that the above-described structure of the computer unit is merely an example and does not constitute a limitation on the computer unit. It may include more or fewer components, or combine certain components, or use different components. For example, the computer unit may also include input / output devices, network access devices, buses, etc., and this embodiment of the invention does not limit this.
[0078] Furthermore, as an executable solution, the processor can be a Central Processing Unit (CPU), or other general-purpose processors, digital signal processors (DSPs), application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), or other programmable logic devices, discrete gate or transistor logic devices, discrete hardware components, etc. The general-purpose processor can be a microprocessor or any conventional processor, etc. The processor is the control center of the computer unit, connecting various parts of the entire computer unit via various interfaces and lines.
[0079] The memory can be used to store the computer programs and / or modules. The processor implements various functions of the computer unit by running or executing the computer programs and / or modules stored in the memory and by calling data stored in the memory. The memory may mainly include a program storage area and a data storage area. The program storage area may store the operating system and at least one application program required for a function; the data storage area may store data created based on the use of the mobile phone, etc. In addition, the memory may include high-speed random access memory and may also include non-volatile memory, such as hard disk, RAM, plug-in hard disk, smart media card (SMC), secure digital card (SD card), flash card, at least one disk storage device, flash memory device, or other volatile solid-state storage device.
[0080] Example 4: The present invention also provides a computer program product, including a computer program that, when executed by a processor, implements the steps described above.
[0081] Although the invention has been specifically shown and described in conjunction with preferred embodiments, those skilled in the art should understand that various changes in form and detail may be made to the invention without departing from the spirit and scope of the invention as defined in the appended claims, all of which shall be within the scope of protection of the invention.
Claims
1. A dynamic trust assessment method for caller ID numbers, characterized in that, include: Construct a trust function F(X); the trust function F(X) is used to consider the n characteristic factors x1, x2, ..., xn that affect the caller ID authentication level. n Mapped to continuous trust values in the interval [0,1], where: X = [x1, x2, ..., x n ] ; The n characteristic factors include at least two of the following: number attribution matching degree, Trunk type credibility, customer authorization proof strength, real-time registration status, historical reputation score, call frequency characteristics, number age, and cross-network verification matching degree; Calculate the partial derivatives of the trust function F(X) with respect to each characteristic factor, where each partial derivative contains the parameter to be optimized; Using historical call data and its verification results as training data, a predefined loss function is used to measure the difference between the predicted trust value and the actual verification result. Gradient descent is used to iterate the parameters to be optimized to minimize the loss function and obtain the optimized trust function. Based on the optimized trust function, the boundary τ for the division of authentication levels A, B, and C is dynamically determined. A and τ C ; For each real-time call, extract its feature vector X, substitute it into the optimized trust function, and obtain the trust value of that real-time call. When the trust value is greater than or equal to τ... A When the real-time caller ID is set to authentication level A, the authentication level of the caller ID is determined to be level A; when the trust value is less than τ... C When the real-time caller ID is determined to have an authentication level of C, the trust value X is less than τ. A And greater than or equal to τ C At that time, the authentication level of the real-time caller ID number was determined to be B.
2. The dynamic trust assessment method according to claim 1, characterized in that: F(X) = σ( W2 · tanh( W1 · X + b1 ) + b2 ); x1, x2, ..., x n There are n characteristic factors; W1 is a k×n weight matrix used to map the n-dimensional input to the k-dimensional hidden layer; b1 is a k-dimensional bias vector; tanh is the hyperbolic tangent function used as the activation function; W2 is a 1×k output layer weight matrix; b2 is the output layer bias; σ is the sigmoid function.
3. The dynamic trust assessment method according to claim 1, characterized in that: F(X) = σ( β0 + β1·x1 + β2·x2 + β3·x3 + β4·x4 + β5·x1·x2 + β6·x3·x4 ); F / x1 = F(X)·(1-F(X)) · (β1 + β5·x2); F / x2 = F(X)·(1-F(X)) · (β2 + β5·x1); F / x3 = F(X)·(1-F(X)) · (β3 + β6·x4); F / x4 = F(X)·(1-F(X)) · (β4 + β6·x3); Where x1 represents number attribution matching degree, x2 represents trunk type credibility, x3 represents customer authorization proof strength, and x4 represents real-time registration status; β0, β1, ..., β6 are parameters to be optimized; β1 represents the main effect of number attribution matching degree; β2 represents the main effect of trunk type credibility; β3 represents the main effect of customer authorization proof strength; β4 represents the main effect of real-time registration status; β5 represents the interaction effect between number attribution matching degree and trunk type credibility; and β6 represents the interaction effect between customer authorization proof strength and real-time registration status.
4. The dynamic trust assessment method according to claim 1, characterized in that, The loss function used is the cross-entropy loss function.
5. The dynamic trust assessment method according to claim 1, characterized in that, The boundary τ is determined by the following steps. A and τ C : Define the classification error rate function E(τ) A , τ C The result is as follows: E(τ A , τ C = w1·P(fraudulent call is judged as level A) + w2·P(legitimate call is judged as level C) + w3·P(level misalignment); w1, w2, and w3 are the penalty weights for various types of errors; Level misalignment includes: a call that should be level A being classified as level B, or a call that should be level C being classified as level B; P(fraudulent call classified as level A) represents the probability that a fraudulent call is classified as level A; P(legitimate call classified as level C) represents the probability that a legitimate call is classified as level C; P(level misalignment) represents the probability of level misalignment. Solve the equation E / τ A = 0 and E / τ C = 0.
6. The dynamic trust assessment method according to claim 5, characterized in that, The distribution of the confidence function across various types of samples follows a Gaussian mixture model, where: t A = argmin{τ ∈ [0,1]} [P(y=A|F≥τ) + P(y≠A|F≥τ)]; t C = argmin{τ ∈ [0,1]}[ P(y=C|F<τ) + P(y≠C|F<τ)]; Where τ is the candidate boundary threshold, with a value range of [0, 1]; F is the confidence function value for a sample output; P(y=A|F≥τ) is the proportion of samples with confidence ≥ τ where the true label is A; P(y≠A|F≥τ) is the proportion of samples with confidence ≥ τ where the true label is not A; P(y=C|F<τ) is the proportion of samples with confidence < τ where the true label is C; P(y≠C|F<τ) is the proportion of samples with confidence < τ where the true label is not C.
7. The dynamic trust assessment method according to claim 1, characterized in that, The boundary τ is determined by the following steps. A and τ C : Discretize the [0,1] interval into N candidate thresholds; For each group (τ) A , τ C And τ C <τ A Calculate the cross-validation error rate; Choose the set that minimizes the error rate (τ) A , τ C () as the optimal boundary.
8. The dynamic trust assessment method according to claim 1, characterized in that, When determining the caller ID authentication level, the following are also included: The partial derivatives of each feature factor are calculated in real time based on the optimized trust function. Decision interpretations are generated based on the calculated partial derivatives, and the feature factors that contribute the most to the current decision are identified.
9. An electronic device, characterized in that, It includes a memory and a processor, the memory storing at least one program, which is executed by the processor to implement the steps of the dynamic trust assessment method as described in any one of claims 1 to 8.
10. A computer program product, comprising a computer program, characterized in that, When the computer program is executed by a processor, it implements the steps of the dynamic trust assessment method as described in any one of claims 1 to 8.