system
A system that collects fraud data, trains a generative model, and provides real-time user alerts with feedback integration effectively protects users from evolving fraud threats, enhancing detection accuracy and user security.
Patent Information
- Authority / Receiving Office
- JP · JP
- Patent Type
- Applications
- Current Assignee / Owner
- SOFTBANK GROUP CORP
- Filing Date
- 2024-12-05
- Publication Date
- 2026-06-17
Smart Images

Figure 2026098573000001_ABST
Abstract
Description
Technical Field
[0001] The technology of the present disclosure relates to a system.
Background Art
[0002] Patent Document 1 discloses a persona chatbot control method performed by at least one processor, including steps of receiving a user utterance, adding the user utterance to a prompt including an instruction sentence related to an explanation of a chatbot character, encoding the prompt, and inputting the encoded prompt into a language model to generate a chatbot utterance in response to the user utterance.
Prior Art Documents
Patent Documents
[0003]
Patent Document 1
Summary of the Invention
Problems to be Solved by the Invention
[0004] With the expansion of Internet use, fraud methods have become increasingly sophisticated, and there is a problem that especially elderly people and general users who are not familiar with information are vulnerable to fraud. It is necessary to address the problem that these users cannot sufficiently protect themselves from fraud and the sense of security in the digital society is impaired.
Means for Solving the Problems
[0005] This invention provides a system that improves the accuracy of fraud detection by collecting information on the latest fraud techniques from an internet database and training a generative model with this information. Furthermore, the system monitors the user's communication data in real time and issues an immediate warning if signs of fraud are detected. It also has a function to collect user feedback and incorporate it into the next model update for continuous improvement. In addition, it provides a user-friendly interface and secure data transfer using encryption protocols, allowing users to use the digital environment with peace of mind.
[0006] An "Internet database" refers to a collection of information provided online that is used as a source for gathering data related to fraudulent practices.
[0007] A "generative model" refers to an AI model that uses machine learning algorithms to learn patterns from input data and is trained to perform a specific task, such as fraud detection.
[0008] "Fraud detection accuracy" refers to a performance metric that measures the degree of the ability to accurately identify and detect fraudulent activities.
[0009] "Real-time monitoring" refers to the ability to instantly observe and process communication data and user activity, thereby understanding the situation and responding without delay.
[0010] "Signs of fraud" refer to indicators of suspicious behavior or patterns that may indicate fraudulent activity.
[0011] A "user-friendly interface" refers to a user interface that is easy to use and intuitive to operate.
[0012] An "encryption protocol" refers to a method or set of rules for encrypting information using a specific algorithm in order to securely send and receive digital data. [Brief explanation of the drawing]
[0013] [Figure 1] This is a conceptual diagram showing an example of the configuration of a data processing system according to the first embodiment. [Figure 2] This is a conceptual diagram showing an example of the essential functions of a data processing device and a smart device according to the first embodiment. [Figure 3] This is a conceptual diagram showing an example of the configuration of a data processing system according to the second embodiment. [Figure 4] This is a conceptual diagram showing an example of the main functions of a data processing device and smart glasses according to the second embodiment. [Figure 5] This is a conceptual diagram showing an example of the configuration of a data processing system according to the third embodiment. [Figure 6] This is a conceptual diagram showing an example of the main functions of a data processing device and a headset-type terminal according to the third embodiment. [Figure 7] This is a conceptual diagram showing an example of the configuration of a data processing system according to the fourth embodiment. [Figure 8] This is a conceptual diagram showing an example of the main functions of a data processing device and a robot according to the fourth embodiment. [Figure 9] This shows an emotion map where multiple emotions are mapped. [Figure 10] This shows an emotion map where multiple emotions are mapped. [Figure 11] This is a sequence diagram showing the processing flow of the data processing system in Example 1. [Figure 12] This is a sequence diagram showing the processing flow of the data processing system in Application Example 1. [Figure 13] This is a sequence diagram showing the processing flow of the data processing system in Example 2, which incorporates an emotion engine. [Figure 14] This is a sequence diagram showing the processing flow of the data processing system in Application Example 2, which combines an emotion engine. [Modes for carrying out the invention]
[0014] Hereinafter, an example of an embodiment of a system according to the technology of the present disclosure will be described with reference to the accompanying drawings.
[0015] First, the terms used in the following description will be explained.
[0016] In the following embodiments, a numbered processor (hereinafter simply referred to as "processor") may be a single arithmetic unit or a combination of multiple arithmetic units. Also, the processor may be a single type of arithmetic unit or a combination of multiple types of arithmetic units. Examples of arithmetic units include a CPU (Central Processing Unit), a GPU (Graphics Processing Unit), a GPGPU (General-Purpose computing on Graphics Processing Units), an APU (Accelerated Processing Unit), and the like.
[0017] In the following embodiments, a numbered RAM (Random Access Memory) is a memory in which information is temporarily stored and is used as a work memory by the processor.
[0018] In the following embodiments, a numbered storage is one or more non-volatile storage devices that store various programs, various parameters, and the like. Examples of non-volatile storage devices include flash memory (SSD (Solid State Drive)), magnetic disks (e.g., hard disks), or magnetic tapes, and the like.
[0019] In the following embodiments, the signed communication interface (I / F) is an interface that includes a communication processor and an antenna, etc. The communication interface manages communication between multiple computers. Examples of communication standards applicable to the communication interface include wireless communication standards such as 5G (5th Generation Mobile Communication System), Wi-Fi (registered trademark), or Bluetooth (registered trademark).
[0020] In the following embodiments, "A and / or B" is synonymous with "at least one of A and B." That is, "A and / or B" means that it may be A alone, or B alone, or a combination of A and B. Furthermore, in this specification, the same concept as "A and / or B" applies when expressing three or more things linked by "and / or."
[0021] [First Embodiment]
[0022] Figure 1 shows an example of the configuration of the data processing system 10 according to the first embodiment.
[0023] As shown in Figure 1, the data processing system 10 includes a data processing device 12 and a smart device 14. An example of the data processing device 12 is a server.
[0024] The data processing device 12 comprises a computer 22, a database 24, and a communication interface 26. The computer 22 is an example of a "computer" related to the technology of this disclosure. The computer 22 comprises a processor 28, RAM 30, and storage 32. The processor 28, RAM 30, and storage 32 are connected to a bus 34. The database 24 and the communication interface 26 are also connected to the bus 34. The communication interface 26 is connected to a network 54. An example of the network 54 is a WAN (Wide Area Network) and / or a LAN (Local Area Network).
[0025] The smart device 14 comprises a computer 36, a reception device 38, an output device 40, a camera 42, and a communication interface 44. The computer 36 comprises a processor 46, RAM 48, and storage 50. The processor 46, RAM 48, and storage 50 are connected to a bus 52. The reception device 38, output device 40, and camera 42 are also connected to the bus 52.
[0026] The reception device 38 is equipped with a touch panel 38A and a microphone 38B, etc., and receives user input. The touch panel 38A receives user input by detecting contact with an object (e.g., a pen or finger). The microphone 38B receives user input by detecting the user's voice. The control unit 46A transmits data indicating the user input received by the touch panel 38A and microphone 38B to the data processing device 12. In the data processing device 12, the specific processing unit 290 acquires the data indicating the user input.
[0027] The output device 40 includes a display 40A and a speaker 40B, and presents data to the user 20 by outputting the data in a form perceptible to the user 20 (e.g., audio and / or text). The display 40A displays visible information such as text and images according to instructions from the processor 46. The speaker 40B outputs audio according to instructions from the processor 46. The camera 42 is a small digital camera equipped with an optical system such as a lens, aperture, and shutter, and an image sensor such as a CMOS (Complementary Metal-Oxide-Semiconductor) image sensor or a CCD (Charge Coupled Device) image sensor.
[0028] Communication interface 44 is connected to network 54. Communication interfaces 44 and 26 are responsible for the exchange of various types of information between processor 46 and processor 28 via network 54.
[0029] Figure 2 shows an example of the main functions of the data processing device 12 and the smart device 14.
[0030] As shown in Figure 2, in the data processing device 12, a specific processing is performed by the processor 28. A specific processing program 56 is stored in the storage 32. The specific processing program 56 is an example of a "program" related to the technology of this disclosure. The processor 28 reads the specific processing program 56 from the storage 32 and executes the read specific processing program 56 on the RAM 30. The specific processing is realized by the processor 28 operating as a specific processing unit 290 according to the specific processing program 56 executed on the RAM 30.
[0031] The storage 32 stores the data generation model 58 and the emotion identification model 59. The data generation model 58 and the emotion identification model 59 are used by the identification processing unit 290.
[0032] In the smart device 14, the processor 46 performs the reception output processing. The storage 50 stores the reception output program 60. The reception output program 60 is used in conjunction with a specific processing program 56 by the data processing system 10. The processor 46 reads the reception output program 60 from the storage 50 and executes the read reception output program 60 on the RAM 48. The reception output processing is realized by the processor 46 operating as a control unit 46A according to the reception output program 60 executed on the RAM 48.
[0033] Next, the specific processing performed by the specific processing unit 290 of the data processing device 12 will be described. In the following description, the data processing device 12 will be referred to as the "server" and the smart device 14 as the "terminal".
[0034] This invention is based on a system that retrieves information on the latest fraud techniques from an internet database and uses a generative model to learn from that information. The roles of the server, terminal, and user, which are the main components, are described below.
[0035] First, the server plays a key role. The server continuously collects fraud-related information from the internet. This includes publicly available security reports and blog posts about fraudulent activities. Based on this information, the server trains a generative model and builds algorithms to improve the accuracy of fraud detection. This allows it to respond to new fraud patterns.
[0036] Next, let's discuss the role of the terminal. The terminal receives periodically updated generative models from the server. It analyzes the user's daily interactions, such as email content and SMS messages, in real time to monitor for suspicious activity. The terminal utilizes machine learning models to detect signs of fraud and prepares to issue warnings if necessary.
[0037] Users receive alerts through an interface on their device. For example, if signs of unauthorized access are found in a newly received email, the device immediately provides an alert to the user. By reviewing the alert and following the instructions to address the indicated risks, users can prevent potential damage. Users can also provide feedback on the system's operation, and this information is collected on the server and used in future model updates.
[0038] As a concrete example, consider a scenario where a user receives a phishing email for online banking. The device analyzes the email and identifies a fake login link. This triggers the device to display a warning to the user saying, "Do not click on the link in this email." By following the warning and ignoring the link, the user avoids becoming a victim of fraud.
[0039] In this way, servers, terminals, and users cooperate to protect against fraud.
[0040] The following describes the processing flow.
[0041] Step 1:
[0042] The server collects the latest information on fraudulent methods from databases on the internet. This includes data from security-related news sites and blogs. This information is stored in the server's storage.
[0043] Step 2:
[0044] The server analyzes the collected information, extracts key features, and inputs them into a generative model. The generative model uses machine learning algorithms to learn patterns of fraudulent activity and updates its accuracy. This process improves the server's ability to detect the latest fraud techniques.
[0045] Step 3:
[0046] The server delivers the trained generative model to the terminal. This communication uses an encryption protocol to ensure data security.
[0047] Step 4:
[0048] The device activates the received generative model and monitors the user's communication data in real time. The device analyzes data entered through email, SMS, and other communication tools.
[0049] Step 5:
[0050] The device detects signs of fraud based on the analysis results. When certain conditions are met, the device immediately generates a warning and displays it to the user. The warning includes reasons why it may be a scam and recommended actions.
[0051] Step 6:
[0052] Users can view warnings from their devices and follow the instructions provided. This helps protect them from fraudulent activity. Users can also provide feedback to their devices regarding the effectiveness of the warning.
[0053] Step 7:
[0054] The terminal sends user feedback to the server. The server uses the received feedback to improve the system's accuracy in future model updates.
[0055] (Example 1)
[0056] Next, we will describe Example 1. In the following description, the data processing device 12 will be referred to as the "server," and the smart device 14 will be referred to as the "terminal."
[0057] In today's world, where internet communication is commonplace, fraudulent activities against individuals and businesses are becoming increasingly sophisticated. As a result, conventional security systems struggle to quickly detect and respond to new fraudulent methods, potentially leading to serious harm to users. Against this backdrop, there is a need for a system that can quickly and efficiently detect new fraudulent methods and provide appropriate warnings to users.
[0058] The identification process performed by the identification processing unit 290 of the data processing device 12 in Example 1 is realized by the following means.
[0059] In this invention, the server includes means for collecting information on new fraudulent methods from information storage devices on a communication network, means for improving the accuracy of fraud detection using a learning algorithm generated with the acquired information, and means for collecting user feedback and using it to update the next algorithm. This enables real-time detection of signs of fraud and immediate warning notification.
[0060] A "data storage device on a communication network" is a data storage device accessible via the Internet that holds data from various sources and provides it as needed.
[0061] "New fraudulent methods" refer to fraudulent activities that are difficult to detect with conventional security measures, using new or improved methods.
[0062] A "generated learning algorithm" refers to a set of computational procedures optimized to perform a specific task by learning patterns through data analysis.
[0063] "Fraud detection accuracy" refers to the ability to accurately identify fraudulent activities, and means reducing false positives and missed detections.
[0064] "User feedback information" refers to various types of information collected from users, including feedback on system operation and warnings.
[0065] "Real-time fraud detection" refers to a process that monitors users' communication data and immediately identifies signs of fraudulent activity.
[0066] An "immediate warning notification" is a cautionary message that is quickly sent to users when potential fraudulent activity is detected.
[0067] In order to implement this invention, a server, a terminal, and a user must each fulfill their respective roles.
[0068] The server collects information on new fraud methods from information storage devices on the internet. This information collection utilizes web scraping technology to extract data from publicly available security reports and blog posts. The software used includes Python's BeautifulSoup and Scrapy. The collected data is analyzed on the server using natural language processing tools. Specifically, nltk and spaCy are used to cleanse text data and extract patterns of fraudulent methods. Then, a learning algorithm generated using the obtained data is trained using a generative AI model. In this process, machine learning frameworks such as TENSORFLOW® and PyTorch are adopted to improve the accuracy of fraud detection.
[0069] The device receives the latest AI model delivered from the server and deploys it in its local environment. On the device, it detects signs of fraud by analyzing the user's communication activity, such as emails and SMS messages, in real time. Lightweight machine learning libraries such as TensorFlow Lite and Core ML are used for this purpose. If suspicious activity is detected, the device prepares to immediately warn the user.
[0070] Users receive appropriate warnings through the interface on their devices. For example, if a phishing email is detected, a warning will be displayed stating, "Do not click on any links in this email." Users can then act accordingly and prevent themselves from becoming victims of fraud. Users can also provide feedback on the system's operation and the accuracy of the warnings, and this information will be used in future model updates.
[0071] As a concrete example, consider a scenario where a user receives a phishing email for online banking. The device analyzes the email and identifies a fake login link. This prompts the device to display a warning to the user saying, "Do not click on the link in this email." An example of a prompt in response to this would be, "Learn about the latest phishing techniques and show us how to warn users."
[0072] This invention is a system that achieves effective fraud prevention by having servers, terminals, and users cooperate to quickly detect new fraudulent methods and warn users.
[0073] The flow of the specific processing in Example 1 will be explained using Figure 11.
[0074] Step 1:
[0075] The server first collects information on new fraud schemes from data storage devices on the communication network. As input, the server targets publicly available information sources on the internet and obtains data using web scraping techniques. This involves using Python programs and libraries such as Scrapy. The output is raw data in text format.
[0076] Step 2:
[0077] The server analyzes the collected data using natural language processing tools. The input is the text data obtained in the previous step. Specifically, it uses nltk and spaCy to perform text cleansing, keyword extraction, and pattern recognition. This process extracts and outputs features related to fraudulent techniques.
[0078] Step 3:
[0079] The server trains a fraud detection algorithm using a generative AI model. The features obtained in step 2 are used as input. This training process utilizes TensorFlow and PyTorch to train the AI model. The output is the newly updated fraud detection model.
[0080] Step 4:
[0081] The server distributes the generated, trained model to the terminal. The input is the training result of the generated AI model, and to distribute it efficiently, formats such as ONNX may be used. The output is the AI model in the format that the terminal receives.
[0082] Step 5:
[0083] The terminal deploys an AI model received from the server and analyzes the user's communication data in real time. The input is email and SMS data flowing through the terminal. TensorFlow Lite and Core ML are used to process and analyze the data to detect signs of fraud. The output is whether or not there are signs of fraud based on the analysis results.
[0084] Step 6:
[0085] The device immediately warns the user if it detects signs of fraud. The input is the fraud detection result obtained in step 5. A warning message is generated and displayed on the screen or in the notification bar. The output is the warning message for the user to review.
[0086] Step 7:
[0087] The user receives a warning from the device and acts according to the instructions. The input is the warning message from the device, and the user takes appropriate action after reviewing this message. Feedback provided by the user, such as complaints and suggestions for improvement, is sent to the server during the next model update. The output is the feedback information sent to the server.
[0088] (Application Example 1)
[0089] Next, we will explain Application Example 1. In the following explanation, the data processing device 12 will be referred to as the "server," and the smart device 14 will be referred to as the "terminal."
[0090] In modern society, new forms of fraud using communication networks continue to increase, and these fraudulent activities are becoming increasingly prevalent in users' daily communications. Therefore, there is a need for systems that can detect and notify users of fraudulent activities in real time. However, existing methods are often slow to respond to the latest fraudulent techniques. Furthermore, there is a lack of systems that are user-friendly and capable of securely transferring information.
[0091] The specific processing performed by the specific processing unit 290 of the data processing device 12 in Application Example 1 is realized by the following means.
[0092] In this invention, the server includes means for collecting information on new fraudulent activity methods from a data set on an information network, means for training a predictive model using the acquired information to improve the accuracy of fraud detection, and means for monitoring users' communication information in real time to detect signs of fraud. This makes it possible to quickly detect fraudulent activity during user communication and to immediately notify users. Furthermore, by displaying notifications on a user-friendly display device and using encoding procedures for secure information transfer, it is possible to provide a user-friendly and secure system.
[0093] An "information network" is a system that provides an environment in which multiple information terminals can communicate with each other.
[0094] A "data set" is a collection of information that has been gathered and organized for a specific purpose.
[0095] "Fraudulent practices" refer to acts or methods used to achieve an objective by employing means considered unfair.
[0096] A "predictive model" is a mathematical or statistical framework constructed to predict future events based on past data.
[0097] "Communication information" refers to the content of data and messages exchanged between individual terminals.
[0098] "Signs of fraud" are specific patterns or behaviors that indicate the possibility of fraudulent activity.
[0099] A "display device" is a device or interface used to present information visually.
[0100] An "encoding procedure" is an encryption algorithm used to prevent easy access to communication data and ensure its secure transmission.
[0101] A "mobile communication device" is an electronic device that can send and receive information while moving.
[0102] One embodiment of this invention is a system in which a server, a terminal, and a user work together. This system is configured as follows.
[0103] The server's role is to continuously collect data on new fraudulent activities from the internet via the information network. Specifically, it retrieves security reports and blog posts published from various sources. The server then uses this collected data to build predictive models and train generative AI models, thereby improving the accuracy of fraud detection.
[0104] The terminal receives periodically updated predictive models from the server. Applications installed on various mobile communication devices monitor the user's communication information in real time and detect signs of fraud. If the terminal detects signs of fraud, it immediately displays a warning to the user. This uses a user-friendly display device and incorporates a function to securely transfer communication data using encoding procedures.
[0105] Users can receive warnings through an interface provided via their device. Furthermore, the device collects user feedback and sends it to a server, allowing this feedback to be used in future model updates. This feedback loop ensures the system constantly adapts to the latest fraudulent activities.
[0106] A concrete example would be a feature where, when a user receives a fake banking email, the device analyzes the email, detects signs of fraud, and displays a warning on the screen. In this example, an example of a prompt message to the generating AI model would be in the format of, "Analyze the following email message to determine if it contains suspicious content: {email content}".
[0107] The flow of a specific process in Application Example 1 will be explained using Figure 12.
[0108] Step 1:
[0109] The server collects data on new fraudulent activities from data sets on the internet via an information network. The input is online information sources, and the output is collected fraudulent activity data. The server analyzes this data and extracts relevant information. The analysis is performed using specific search keywords to organize the information necessary for the generative AI model.
[0110] Step 2:
[0111] The server uses the fraud data obtained in Step 1 to build a predictive model and train the generative AI model. The input is the organized fraud data, and the output is the updated predictive model. Data processing includes statistical analysis and feature selection, allowing the AI to learn patterns for detecting fraud.
[0112] Step 3:
[0113] The terminal receives the updated prediction model from the server. The input is the updated prediction model, and the output is the model ready for use. The terminal saves this model locally and prepares to analyze the user's communication information. At this stage, the model parameters are converted to a format suitable for the terminal.
[0114] Step 4:
[0115] The device monitors the user's communication data (e.g., emails and messages) in real time. The input is the user's communication data, and the output is the analysis results, with particular attention paid to signs of fraud. The device uses a generative AI model to analyze the possibility of fraud during communication and evaluate whether any fraudulent patterns are detected.
[0116] Step 5:
[0117] If signs of fraud are detected, the terminal immediately issues a warning to the user. The input is the detected signs of fraud, and the output is a warning message. The terminal uses the user's display device to show the warning in a user-friendly interface. This triggers a alert to the user.
[0118] Step 6:
[0119] The user reviews warnings from the device and provides feedback. Input is the warning message, and output is the user's rating and feedback. The feedback provided by the user is collected by the device and sent to the server.
[0120] Step 7:
[0121] The server utilizes user feedback in subsequent model updates. The input is user feedback, and the output is an improved predictive model. The server analyzes this feedback and makes adjustments to further improve the model's accuracy. This cycle ensures the system is always prepared to respond to the latest fraudulent activities.
[0122] Furthermore, an emotion engine that estimates the user's emotions may be incorporated. That is, the identification processing unit 290 may use the emotion identification model 59 to estimate the user's emotions and perform identification processing using the user's emotions.
[0123] This invention combines a system that collects information on fraudulent methods from an internet database, uses a generative model to learn from that information, and monitors user communication data in real time to detect signs of fraud with an emotion engine that recognizes user emotions.
[0124] One of the server's primary roles is to continuously collect data on fraudulent practices. This data is fed into generative models, which use machine learning algorithms to improve the accuracy of the models for detecting fraud. Additionally, sentiment data for the sentiment engine is also collected by the server and used when updating the models.
[0125] The device uses generative models and emotion engines received from the server to analyze the user's real-time communication data and emotions. By monitoring the user's emails, SMS messages, and call content, it not only detects suspicious activity but also analyzes the user's emotional state from their facial expressions and tone of voice. This allows the device to display warnings to the user at the appropriate time and in the most effective way.
[0126] Let's look at a specific example. When a user receives a phishing email, the device analyzes the email's content while observing the user's emotions. While it will warn the user about any links in the detected email, if it confirms that the user is in a calm emotional state, the device will simply display a normal warning. However, if it determines that the user is confused, it will select a warning message that gently guides the user. The emotional data monitored by the emotion engine is sent to the server as feedback and used for further model training.
[0127] Users receive interactive warnings displayed on their devices and can take action based on the instructions. Furthermore, by providing feedback tailored to sentiment analysis by the emotion engine, a cycle is formed that enhances the overall effectiveness of the system.
[0128] Thus, the present invention is implemented as a means to enable advanced fraud prevention through the interaction of servers, terminals, and users.
[0129] The following describes the processing flow.
[0130] Step 1:
[0131] The server collects information about fraudulent methods from various databases on the internet. The data is automatically filtered, and features useful for fraud detection are extracted. The server feeds this data into a generative model, and the model begins training on the relevant dataset.
[0132] Step 2:
[0133] The server also collects emotional data necessary for the emotion engine. This data is used to understand typical user emotional responses and to train the emotion engine model. The emotion engine has the ability to infer emotional states from facial expressions, voice tone, and text.
[0134] Step 3:
[0135] The server delivers the trained generative model and sentiment engine to the device. This communication is conducted securely using an encrypted protocol.
[0136] Step 4:
[0137] The device utilizes the received model to monitor the user's daily communication data in real time. Emails, SMS messages, and call content are analyzed to detect signs of fraud while an emotion engine understands the user's emotional state.
[0138] Step 5:
[0139] If the device detects a suspected scam, it adjusts the warning message according to the user's current emotional state. For example, if the emotion engine determines that the user is feeling anxious, the device selects reassuring wording and issues a warning to the user.
[0140] Step 6:
[0141] The user receives a warning from the device and takes appropriate action based on its content. Because the warning is sensitive to the user's feelings, the user can follow the instructions naturally.
[0142] Step 7:
[0143] User reactions and feedback are collected from the device and sent to the server. The server uses this feedback to improve the next model update, further enhancing fraud detection capabilities and increasing the accuracy of the sentiment engine.
[0144] (Example 2)
[0145] Next, we will describe Example 2. In the following description, the data processing device 12 will be referred to as the "server" and the smart device 14 as the "terminal".
[0146] In today's internet environment, fraudulent methods are constantly evolving, making detection increasingly difficult. Furthermore, users with limited knowledge of fraud are more likely to miss warning signs. Traditional systems struggle to issue appropriate warnings that take into account the individual emotional state of users, resulting in users being unable to respond effectively.
[0147] The identification process performed by the identification processing unit 290 of the data processing device 12 in Example 2 is realized by the following means.
[0148] In this invention, the server includes means for collecting data on novel fraudulent methods from information sources on the Internet, means for training a generative model using the collected data to improve the accuracy of fraud detection, and means for monitoring the user's communication information in real time and detecting signs of fraud. This makes it possible to immediately issue an appropriate warning that takes into account the user's emotional state when signs of fraud are detected.
[0149] "Internet information sources" refer to information providers such as databases, websites, and forums that are accessible online.
[0150] "Data on new fraud techniques" refers to datasets containing information on the latest phishing emails, fraudulent websites, and fraudulent technologies.
[0151] A "generative model" refers to an artificial intelligence model that learns from data and uses that knowledge to perform a specific task.
[0152] "Signs of fraud" refer to email content, internet traffic, and user behavior patterns that indicate the possibility of fraudulent activity.
[0153] "Emotional state" refers to the psychological and emotional state of a user based on their facial expressions, tone of voice, behavioral patterns, etc.
[0154] "Communication information" refers to digital communication data such as emails, messages, and phone calls conducted by users.
[0155] A "warning" refers to a message that informs a user of the risk of fraud and provides information to help prevent it.
[0156] "Response data" refers to information that records how a user responded to a system warning.
[0157] "Encrypted communication methods" refer to technologies that encrypt the content of information using specific protocols in order to ensure data security before transmission.
[0158] An "interactive and user-friendly interface" refers to a screen layout that allows users to easily operate the system and provides information in a visually easy-to-understand format.
[0159] This invention is an advanced prevention system that combines fraud detection with user sentiment analysis. Specific embodiments of this system are described below.
[0160] The server is responsible for collecting data on new fraud techniques from internet sources. Specifically, it collects information such as phishing emails, URLs of fraudulent websites, and details of the latest fraud technologies from publicly available online databases and security forums. This data is organized on the server and converted into an analyzable format. The server requires a high-performance processor and large-capacity storage, and a cloud-based data center is particularly suitable for this purpose.
[0161] The collected data is fed into a generative AI model. This AI model is, for example, a Transformer model for natural language processing. The server uses machine learning frameworks such as PyTorch or TensorFlow to train the model and improve its ability to automatically identify fraudulent activities.
[0162] The device uses the latest generative models and emotion engines sent from the server. The device monitors the user's communication information (emails, SMS messages, call content, etc.) in real time, and analyzes the communication content using techniques such as natural language processing to assess signs of fraud. Furthermore, the device uses the camera and microphone to analyze the user's facial expressions and voice in real time to determine their emotional state.
[0163] If a user receives a phishing email, the device analyzes the email's content and observes the user's emotional state. For example, if the device detects a potentially fraudulent link in the email and determines that the user is showing anxiety, it will display a warning on the screen saying, "This link may not be safe. Do not click it." Furthermore, the user's emotional data, gathered through the emotion engine, is fed back to the server and used for future model training.
[0164] An example of a prompt would be: "We would like to improve model accuracy by providing a dataset on newly emerging fraud techniques. Please suggest a way to display warning messages based on the latest phishing techniques and sentiment data analysis results." This prompt allows the generated AI model to utilize the necessary data and analysis results to suggest appropriate countermeasures.
[0165] The flow of the specific processing in Example 2 will be explained using Figure 13.
[0166] Step 1:
[0167] The server collects data on new fraud techniques from internet sources (online databases and security forums). This data includes phishing email samples, fraudulent URLs, and details of the fraudulent techniques. The input is data from the internet, and the output is a database in an organized format.
[0168] Step 2:
[0169] The server supplies the collected data to a generating AI model for training. The server uses PyTorch and TensorFlow to train a model that identifies fraudulent activities using the collected data. The input is organized fraud technique data, and the output is an improved fraud detection model.
[0170] Step 3:
[0171] The server collects the data necessary for analyzing the user's emotions and uses it to train the emotion engine. The input is voice and facial expression data, and the output is the emotion engine, which detects the user's emotional state with high accuracy.
[0172] Step 4:
[0173] The server sends the trained generative model and sentiment engine to the terminal. This is done via a secure protocol (e.g., HTTPS). The input is the improved model and engine, and the output is the latest version of the software on the terminal.
[0174] Step 5:
[0175] The device uses generative models and sentiment engines received from the server to monitor user communication information in real time. The device analyzes user emails and SMS messages using natural language processing technology to evaluate signs of fraud. The input is user communication data, and the output is the evaluation result regarding signs of fraud.
[0176] Step 6:
[0177] The device uses a camera and microphone to analyze the user's facial expressions and voice to determine their emotional state. The input is real-time audio and video data, and the output is the user's emotional state.
[0178] Step 7:
[0179] If a user receives an email that shows signs of fraud, the device will display an appropriate warning based on the analysis results and sentiment level. The input is the fraud assessment result and sentiment level, and the output is the warning message displayed to the user.
[0180] Step 8:
[0181] The user receives a warning from their device and takes appropriate action, such as deleting the email. The user's response data is sent from the device to the server and used for the next model update. The input is the user's response data, and the output is the feedback data stored on the server.
[0182] (Application Example 2)
[0183] Next, we will explain application example 2. In the following explanation, the data processing device 12 will be referred to as a "server" and the smart device 14 as a "terminal".
[0184] Fraudulent activities are becoming more sophisticated and diverse every day, requiring effective measures to protect personal information and property. Furthermore, systems that issue warnings without considering the user's emotional state can cause unnecessary stress. Therefore, a system is needed that monitors users' real-time communications and analyzes their emotions to issue warnings in the most appropriate way.
[0185] The specific processing performed by the specific processing unit 290 of the data processing device 12 in Application Example 2 is realized by the following means.
[0186] In this invention, the server includes means for collecting information on new fraud techniques from a database on the internet, means for training a generative model using the received information to improve the accuracy of fraud detection, and means for analyzing the user's emotions and adjusting warnings according to the user's emotional state. This makes it possible to take effective fraud prevention measures without causing stress to the user.
[0187] An "internet database" is a collection of information that exists online and collects and manages various types of information.
[0188] "Fraudulent practices" refer to dishonest acts or methods used to deceive people and gain profit.
[0189] A "generative model" is an algorithm that uses machine learning to learn patterns and perform inferences on new data.
[0190] "Fraud detection accuracy" refers to the degree of the ability to accurately identify fraudulent activities.
[0191] "Real-time monitoring" means monitoring and analyzing an event or data instantly at that moment.
[0192] "Signs of fraud" are evidence or indicators that indicate fraudulent activity is taking place or is about to take place.
[0193] "User emotions" refer to the internal feelings and psychological states that an individual experiences in a particular situation.
[0194] "Adjusting warnings" means changing the content and timing of warnings to be issued according to the situation.
[0195] "Feedback information" refers to reactions and opinions received from users, and is useful for improving and adjusting the system.
[0196] A "user-friendly interface" is a user interface that is designed to be intuitively easy to use and operate for the user.
[0197] An "encryption protocol" refers to the rules and procedures used to securely send and receive data, and includes technologies to protect data from unauthorized access.
[0198] To realize this invention, the system mainly consists of three elements: a server, a terminal, and a user. The server continuously collects information on new fraudulent methods from databases on the internet. This makes it possible to accumulate newly detected fraud patterns in the database. The received information is used to train a generative AI model, improving the accuracy of fraud detection. The server utilizes machine learning frameworks such as "TensorFlow" and "PyTorch" as its central processing unit.
[0199] The terminal monitors the user's real-time communication data using a generative AI model provided by the server. The terminal refers to a mobile device such as a smartphone or tablet, and its built-in camera and microphone are used to analyze the user's emotions. For example, the terminal uses natural language processing libraries such as "NLTK" or "spaCy" to analyze the content of messaging apps and emails. Furthermore, it uses "Emotion API" and "OpenCV" to analyze the user's facial expressions and voice tone, and identifies emotions in real time.
[0200] Users receive immediate alerts from their devices when signs of fraud are detected. These warnings are displayed through a user-friendly interface, tailored to the user's emotional state. For example, if a user is about to click a link in a phishing email, a standard warning is issued if the user is detected as calm, but a gentler, more guiding message is provided if the user is confused.
[0201] As a concrete example, when a user receives a phishing email, the device analyzes the email's content and, the moment it determines there are signs of fraud, uses the camera and microphone to determine the user's emotions. Based on this, it generates and displays the most appropriate warning message. The server collects this data as feedback information to help train the next model.
[0202] An example of a prompt for a generative AI model is: "Simulate an application that analyzes the content of an email received by a user, assesses the likelihood of fraud, and provides a warning message tailored to the user's emotions."
[0203] The flow of a specific process in Application Example 2 will be explained using Figure 14.
[0204] Step 1:
[0205] The server collects information on new fraud methods from databases on the internet. This collection process is automated, and data is retrieved periodically via an API. The input is raw data obtained from internet databases, and the output is the result of extracting information related to fraud methods from that data. This information is prepared as training material for a generative AI model.
[0206] Step 2:
[0207] The server inputs the collected fraud techniques information into a generative AI model to train it. This process uses machine learning frameworks such as TensorFlow and PyTorch. The input is the fraud information extracted in the previous step, and backpropagation is performed to update the model's weights and biases. The output is the updated generative AI model.
[0208] Step 3:
[0209] The device receives a generative AI model distributed from the server and monitors the user's communication data in real time. The device utilizes natural language processing libraries such as "NLTK" and "spaCy" for data analysis. The input is real-time communication data from email and messaging apps, and the output is an analyzed indicator of the likelihood of fraud. Based on this indicator, signs of fraud are detected.
[0210] Step 4:
[0211] If a user makes a communication that suggests fraud, the device uses its camera and microphone to collect and analyze the user's emotions. It uses "Emotion API" and "OpenCV" for facial expression and voice analysis. The input is the user's facial image and voice data, and the output is the analyzed emotional state. The content of the warning is then adjusted based on this emotional state.
[0212] Step 5:
[0213] The device displays warnings to the user based on the results of sentiment analysis. The warnings are generated in a user-friendly interface, taking into account the risk of fraud and the user's emotional state. Inputs are emotional state and fraud indicator data, and output is a appropriately tailored warning message. The warning message is presented to the user in real time.
[0214] Step 6:
[0215] The device monitors user responses and behaviors and sends feedback to the server. This feedback is used to update and improve the generative model in the future. The input is user response behavior data, and the output is information collected on the server as feedback.
[0216] The specific processing unit 290 transmits the result of the specific processing to the smart device 14. In the smart device 14, the control unit 46A causes the output device 40 to output the result of the specific processing. The microphone 38B acquires audio indicating user input for the result of the specific processing. The control unit 46A transmits the audio data indicating user input acquired by the microphone 38B to the data processing device 12. In the data processing device 12, the specific processing unit 290 acquires the audio data.
[0217] Data generation model 58 is a so-called generative AI (Artificial Intelligence). An example of data generation model 58 is ChatGPT (registered trademark) (Internet search).<URL: https: / / openai.com / blog / chatgpt> ), Gemini (registered trademark) (Internet search) <url: https: gemini.google.com ?hl="ja">Examples of generative AI include the following. The data generation model 58 is obtained by performing deep learning on a neural network. The data generation model 58 is input with prompts containing instructions, and with inference data such as audio data representing speech, text data representing text, and image data representing images. The data generation model 58 infers from the input inference data according to the instructions indicated by the prompts, and outputs the inference results in data formats such as audio data and text data. Here, inference refers to, for example, analysis, classification, prediction, and / or summarization.
[0218] In the above embodiment, an example was given in which specific processing is performed by the data processing device 12, but the technology of this disclosure is not limited thereto, and the specific processing may also be performed by the smart device 14.
[0219] [Second Embodiment]
[0220] Figure 3 shows an example of the configuration of the data processing system 210 according to the second embodiment.
[0221] As shown in Figure 3, the data processing system 210 includes a data processing device 12 and smart glasses 214. An example of the data processing device 12 is a server.
[0222] The data processing device 12 comprises a computer 22, a database 24, and a communication interface 26. The computer 22 is an example of a "computer" related to the technology of this disclosure. The computer 22 comprises a processor 28, RAM 30, and storage 32. The processor 28, RAM 30, and storage 32 are connected to a bus 34. The database 24 and the communication interface 26 are also connected to the bus 34. The communication interface 26 is connected to a network 54. An example of the network 54 is a WAN (Wide Area Network) and / or a LAN (Local Area Network).
[0223] The smart glasses 214 include a computer 36, a microphone 238, a speaker 240, a camera 42, and a communication interface 44. The computer 36 includes a processor 46, RAM 48, and storage 50. The processor 46, RAM 48, and storage 50 are connected to a bus 52. The microphone 238, speaker 240, and camera 42 are also connected to the bus 52.
[0224] The microphone 238 receives voice signals from the user 20 and receives instructions from the user 20. The microphone 238 captures the voice signals from the user 20, converts the captured voice into audio data, and outputs it to the processor 46. The speaker 240 outputs audio according to the instructions from the processor 46.
[0225] Camera 42 is a small digital camera equipped with an optical system including a lens, aperture, and shutter, and an image sensor such as a CMOS (Complementary Metal-Oxide-Semiconductor) image sensor or a CCD (Charge Coupled Device) image sensor, and captures images of the area around the user 20 (for example, an imaging range defined by a field of view equivalent to the width of a typical healthy person's field of vision).
[0226] Communication interface 44 is connected to network 54. Communication interfaces 44 and 26 are responsible for the exchange of various information between processor 46 and processor 28 via network 54. The exchange of various information between processor 46 and processor 28 using communication interfaces 44 and 26 is performed in a secure manner.
[0227] Figure 4 shows an example of the main functions of the data processing device 12 and the smart glasses 214. As shown in Figure 4, the data processing device 12 performs specific processing using the processor 28. The storage 32 stores the specific processing program 56.
[0228] The specific processing program 56 is an example of a "program" relating to the technology of this disclosure. The processor 28 reads the specific processing program 56 from the storage 32 and executes the read specific processing program 56 on the RAM 30. The specific processing is realized by the processor 28 operating as a specific processing unit 290 in accordance with the specific processing program 56 executed on the RAM 30.
[0229] The storage 32 stores the data generation model 58 and the emotion identification model 59. The data generation model 58 and the emotion identification model 59 are used by the identification processing unit 290.
[0230] In the smart glasses 214, the processor 46 performs the reception output processing. The storage 50 stores the reception output program 60. The processor 46 reads the reception output program 60 from the storage 50 and executes the read reception output program 60 on the RAM 48. The reception output processing is realized by the processor 46 operating as a control unit 46A according to the reception output program 60 executed on the RAM 48.
[0231] Next, the identification processing performed by the identification processing unit 290 of the data processing device 12 will be described. In the following description, the data processing device 12 will be referred to as the "server" and the smart glasses 214 will be referred to as the "terminal".
[0232] This invention is based on a system that retrieves information on the latest fraud techniques from an internet database and uses a generative model to learn from that information. The roles of the server, terminal, and user, which are the main components, are described below.
[0233] First, the server plays a key role. The server continuously collects fraud-related information from the internet. This includes publicly available security reports and blog posts about fraudulent activities. Based on this information, the server trains a generative model and builds algorithms to improve the accuracy of fraud detection. This allows it to respond to new fraud patterns.
[0234] Next, let's discuss the role of the terminal. The terminal receives periodically updated generative models from the server. It analyzes the user's daily interactions, such as email content and SMS messages, in real time to monitor for suspicious activity. The terminal utilizes machine learning models to detect signs of fraud and prepares to issue warnings if necessary.
[0235] Users receive alerts through an interface on their device. For example, if signs of unauthorized access are found in a newly received email, the device immediately provides an alert to the user. By reviewing the alert and following the instructions to address the indicated risks, users can prevent potential damage. Users can also provide feedback on the system's operation, and this information is collected on the server and used in future model updates.
[0236] As a concrete example, consider a scenario where a user receives a phishing email for online banking. The device analyzes the email and identifies a fake login link. This triggers the device to display a warning to the user saying, "Do not click on the link in this email." By following the warning and ignoring the link, the user avoids becoming a victim of fraud.
[0237] In this way, servers, terminals, and users cooperate to protect against fraud.
[0238] The following describes the processing flow.
[0239] Step 1:
[0240] The server collects the latest information on fraudulent methods from databases on the internet. This includes data from security-related news sites and blogs. This information is stored in the server's storage.
[0241] Step 2:
[0242] The server analyzes the collected information, extracts key features, and inputs them into a generative model. The generative model uses machine learning algorithms to learn patterns of fraudulent activity and updates its accuracy. This process improves the server's ability to detect the latest fraud techniques.
[0243] Step 3:
[0244] The server delivers the trained generative model to the terminal. This communication uses an encryption protocol to ensure data security.
[0245] Step 4:
[0246] The device activates the received generative model and monitors the user's communication data in real time. The device analyzes data entered through email, SMS, and other communication tools.
[0247] Step 5:
[0248] The device detects signs of fraud based on the analysis results. When certain conditions are met, the device immediately generates a warning and displays it to the user. The warning includes reasons why it may be a scam and recommended actions.
[0249] Step 6:
[0250] Users can view warnings from their devices and follow the instructions provided. This helps protect them from fraudulent activity. Users can also provide feedback to their devices regarding the effectiveness of the warning.
[0251] Step 7:
[0252] The terminal sends user feedback to the server. The server uses the received feedback to improve the system's accuracy in future model updates.
[0253] (Example 1)
[0254] Next, we will describe Example 1. In the following description, the data processing device 12 will be referred to as the "server," and the smart glasses 214 will be referred to as the "terminal."
[0255] In today's world, where internet communication is commonplace, fraudulent activities against individuals and businesses are becoming increasingly sophisticated. As a result, conventional security systems struggle to quickly detect and respond to new fraudulent methods, potentially leading to serious harm to users. Against this backdrop, there is a need for a system that can quickly and efficiently detect new fraudulent methods and provide appropriate warnings to users.
[0256] The identification process performed by the identification processing unit 290 of the data processing device 12 in Example 1 is realized by the following means.
[0257] In this invention, the server includes means for collecting information on new fraudulent methods from information storage devices on a communication network, means for improving the accuracy of fraud detection using a learning algorithm generated with the acquired information, and means for collecting user feedback and using it to update the next algorithm. This enables real-time detection of signs of fraud and immediate warning notification.
[0258] A "data storage device on a communication network" is a data storage device accessible via the Internet that holds data from various sources and provides it as needed.
[0259] "New fraudulent methods" refer to fraudulent activities that are difficult to detect with conventional security measures, using new or improved methods.
[0260] A "generated learning algorithm" refers to a set of computational procedures optimized to perform a specific task by learning patterns through data analysis.
[0261] "Fraud detection accuracy" refers to the ability to accurately identify fraudulent activities, and means reducing false positives and missed detections.
[0262] "User feedback information" refers to various types of information collected from users, including feedback on system operation and warnings.
[0263] "Real-time fraud detection" refers to a process that monitors users' communication data and immediately identifies signs of fraudulent activity.
[0264] An "immediate warning notification" is a cautionary message that is quickly sent to users when potential fraudulent activity is detected.
[0265] In order to implement this invention, a server, a terminal, and a user must each fulfill their respective roles.
[0266] The server collects information on new fraud methods from information storage devices on the internet. This information collection utilizes web scraping techniques to extract data from publicly available security reports and blog posts. The software used includes Python's BeautifulSoup and Scrapy. The collected data is analyzed on the server using natural language processing tools. Specifically, nltk and spaCy are used to cleanse text data and extract patterns of fraudulent methods. Then, a learning algorithm generated using the obtained data is trained using a generative AI model. In this process, TensorFlow and PyTorch are adopted as machine learning frameworks to improve the accuracy of fraud detection.
[0267] The device receives the latest AI model delivered from the server and deploys it in its local environment. On the device, it detects signs of fraud by analyzing the user's communication activity, such as emails and SMS messages, in real time. Lightweight machine learning libraries such as TensorFlow Lite and Core ML are used for this purpose. If suspicious activity is detected, the device prepares to immediately warn the user.
[0268] Users receive appropriate warnings through the interface on their devices. For example, if a phishing email is detected, a warning will be displayed stating, "Do not click on any links in this email." Users can then act accordingly and prevent themselves from becoming victims of fraud. Users can also provide feedback on the system's operation and the accuracy of the warnings, and this information will be used in future model updates.
[0269] As a concrete example, consider a scenario where a user receives a phishing email for online banking. The device analyzes the email and identifies a fake login link. This prompts the device to display a warning to the user saying, "Do not click on the link in this email." An example of a prompt in response to this would be, "Learn about the latest phishing techniques and show us how to warn users."
[0270] This invention is a system that achieves effective fraud prevention by having servers, terminals, and users cooperate to quickly detect new fraudulent methods and warn users.
[0271] The flow of the specific processing in Example 1 will be explained using Figure 11.
[0272] Step 1:
[0273] The server first collects information on new fraud schemes from data storage devices on the communication network. As input, the server targets publicly available information sources on the internet and obtains data using web scraping techniques. This involves using Python programs and libraries such as Scrapy. The output is raw data in text format.
[0274] Step 2:
[0275] The server analyzes the collected data using natural language processing tools. The input is the text data obtained in the previous step. Specifically, it uses nltk and spaCy to perform text cleansing, keyword extraction, and pattern recognition. This process extracts and outputs features related to fraudulent techniques.
[0276] Step 3:
[0277] The server trains a fraud detection algorithm using a generative AI model. The features obtained in step 2 are used as input. This training process utilizes TensorFlow and PyTorch to train the AI model. The output is the newly updated fraud detection model.
[0278] Step 4:
[0279] The server distributes the generated, trained model to the terminal. The input is the training result of the generated AI model, and to distribute it efficiently, formats such as ONNX may be used. The output is the AI model in the format that the terminal receives.
[0280] Step 5:
[0281] The terminal deploys the AI model received from the server and analyzes the user's communication data in real time. The input is the data of emails and SMS flowing through the terminal. Using TensorFlow Lite or Core ML, data processing and analysis are performed to detect signs of fraud. The output is the presence or absence of signs of fraud based on the analysis results.
[0282] Step 6:
[0283] If the terminal detects signs of fraud, it immediately warns the user. The input is the fraud sign detection result obtained in Step 5. A warning message is generated and displayed on the screen or notification bar. The output is the warning message for the user to confirm.
[0284] Step 7:
[0285] The user receives a warning from the terminal and acts according to the instructions. The input is the warning message from the terminal. After the user confirms this message, appropriate actions are taken. Feedback such as dissatisfaction points and improvement points provided by the user is sent to the server at the next model update. The output is the feedback information sent to the server.
[0286] (Application Example 1)
[0287] Next, Application Example 1 will be described. In the following description, the data processing device 12 is referred to as the "server", and the smart glasses 214 are referred to as the "terminal".
[0288] In modern society, new illegal acts using communication networks continue to increase, and illegal acts have penetrated into users' daily communications. Therefore, there is a need for a system that can detect illegal acts in real time and inform users, but existing methods may be slow to respond to the latest illegal act techniques. Furthermore, the lack of a system with a function that is easy for users to use and safely transfers information is an issue.
[0289] The specific processing performed by the specific processing unit 290 of the data processing device 12 in Application Example 1 is realized by the following means.
[0290] In this invention, the server includes means for collecting information on new fraudulent activity methods from a data set on an information network, means for training a predictive model using the acquired information to improve the accuracy of fraud detection, and means for monitoring users' communication information in real time to detect signs of fraud. This makes it possible to quickly detect fraudulent activity during user communication and to immediately notify users. Furthermore, by displaying notifications on a user-friendly display device and using encoding procedures for secure information transfer, it is possible to provide a user-friendly and secure system.
[0291] An "information network" is a system that provides an environment in which multiple information terminals can communicate with each other.
[0292] A "data set" is a collection of information that has been gathered and organized for a specific purpose.
[0293] "Fraudulent practices" refer to acts or methods used to achieve an objective by employing means considered unfair.
[0294] A "predictive model" is a mathematical or statistical framework constructed to predict future events based on past data.
[0295] "Communication information" refers to the content of data and messages exchanged between individual terminals.
[0296] "Signs of fraud" are specific patterns or behaviors that indicate the possibility of fraudulent activity.
[0297] A "display device" is a device or interface used to present information visually.
[0298] An "encoding procedure" is an encryption algorithm used to prevent easy access to communication data and ensure its secure transmission.
[0299] A "mobile communication device" is an electronic device that can send and receive information while moving.
[0300] One embodiment of this invention is a system in which a server, a terminal, and a user work together. This system is configured as follows.
[0301] The server's role is to continuously collect data on new fraudulent activities from the internet via the information network. Specifically, it retrieves security reports and blog posts published from various sources. The server then uses this collected data to build predictive models and train generative AI models, thereby improving the accuracy of fraud detection.
[0302] The terminal receives periodically updated predictive models from the server. Applications installed on various mobile communication devices monitor the user's communication information in real time and detect signs of fraud. If the terminal detects signs of fraud, it immediately displays a warning to the user. This uses a user-friendly display device and incorporates a function to securely transfer communication data using encoding procedures.
[0303] Users can receive warnings through an interface provided via their device. Furthermore, the device collects user feedback and sends it to a server, allowing this feedback to be used in future model updates. This feedback loop ensures the system constantly adapts to the latest fraudulent activities.
[0304] As a specific example, when a user receives a fake bank email, the terminal analyzes the email, detects signs of fraud, and displays a warning on the screen. For this example, an example of a prompt sentence for the generative AI model is in the form of "Please analyze the following email message and determine whether it contains suspicious content: {email content}".
[0305] The flow of the specific process in Application Example 1 will be described using FIG. 12.
[0306] Step 1:
[0307] The server collects data on new fraud methods from a data set on the Internet through an information network. The input is an online information source, and the output is the collected fraud data. The server analyzes this data and extracts relevant information. The analysis is performed using specific search keywords to organize the information required for the generative AI model.
[0308] Step 2:
[0309] The server constructs a prediction model using the fraud data obtained in Step 1 and trains the generative AI model. The input is the organized fraud data, and the output is the updated prediction model. Data processing includes statistical analysis and feature selection, and the AI learns the patterns for detecting fraud.
[0310] Step 3:
[0311] The terminal receives the updated prediction model from the server. The input is the updated prediction model, and the output is the preparation for using the model. The terminal locally stores this model and prepares to analyze the user's communication information. At this stage, the parameters of the model are converted into a form suitable for the terminal.
[0312] Step 4:
[0313] The device monitors the user's communication data (e.g., emails and messages) in real time. The input is the user's communication data, and the output is the analysis results, with particular attention paid to signs of fraud. The device uses a generative AI model to analyze the possibility of fraud during communication and evaluate whether any fraudulent patterns are detected.
[0314] Step 5:
[0315] If signs of fraud are detected, the terminal immediately issues a warning to the user. The input is the detected signs of fraud, and the output is a warning message. The terminal uses the user's display device to show the warning in a user-friendly interface. This triggers a alert to the user.
[0316] Step 6:
[0317] The user reviews warnings from the device and provides feedback. Input is the warning message, and output is the user's rating and feedback. The feedback provided by the user is collected by the device and sent to the server.
[0318] Step 7:
[0319] The server utilizes user feedback in subsequent model updates. The input is user feedback, and the output is an improved predictive model. The server analyzes this feedback and makes adjustments to further improve the model's accuracy. This cycle ensures the system is always prepared to respond to the latest fraudulent activities.
[0320] Furthermore, an emotion engine that estimates the user's emotions may be incorporated. That is, the identification processing unit 290 may use the emotion identification model 59 to estimate the user's emotions and perform identification processing using the user's emotions.
[0321] This invention combines a system that collects information on fraudulent methods from an internet database, uses a generative model to learn from that information, and monitors user communication data in real time to detect signs of fraud with an emotion engine that recognizes user emotions.
[0322] One of the server's primary roles is to continuously collect data on fraudulent practices. This data is fed into generative models, which use machine learning algorithms to improve the accuracy of the models for detecting fraud. Additionally, sentiment data for the sentiment engine is also collected by the server and used when updating the models.
[0323] The device uses generative models and emotion engines received from the server to analyze the user's real-time communication data and emotions. By monitoring the user's emails, SMS messages, and call content, it not only detects suspicious activity but also analyzes the user's emotional state from their facial expressions and tone of voice. This allows the device to display warnings to the user at the appropriate time and in the most effective way.
[0324] Let's look at a specific example. When a user receives a phishing email, the device analyzes the email's content while observing the user's emotions. While it will warn the user about any links in the detected email, if it confirms that the user is in a calm emotional state, the device will simply display a normal warning. However, if it determines that the user is confused, it will select a warning message that gently guides the user. The emotional data monitored by the emotion engine is sent to the server as feedback and used for further model training.
[0325] Users receive interactive warnings displayed on their devices and can take action based on the instructions. Furthermore, by providing feedback tailored to sentiment analysis by the emotion engine, a cycle is formed that enhances the overall effectiveness of the system.
[0326] Thus, the present invention is implemented as a means to enable advanced fraud prevention through the interaction of servers, terminals, and users.
[0327] The following describes the processing flow.
[0328] Step 1:
[0329] The server collects information about fraudulent methods from various databases on the internet. The data is automatically filtered, and features useful for fraud detection are extracted. The server feeds this data into a generative model, and the model begins training on the relevant dataset.
[0330] Step 2:
[0331] The server also collects emotional data necessary for the emotion engine. This data is used to understand typical user emotional responses and to train the emotion engine model. The emotion engine has the ability to infer emotional states from facial expressions, voice tone, and text.
[0332] Step 3:
[0333] The server delivers the trained generative model and sentiment engine to the device. This communication is conducted securely using an encrypted protocol.
[0334] Step 4:
[0335] The device utilizes the received model to monitor the user's daily communication data in real time. Emails, SMS messages, and call content are analyzed to detect signs of fraud while an emotion engine understands the user's emotional state.
[0336] Step 5:
[0337] If the device detects a suspected scam, it adjusts the warning message according to the user's current emotional state. For example, if the emotion engine determines that the user is feeling anxious, the device selects reassuring wording and issues a warning to the user.
[0338] Step 6:
[0339] The user receives a warning from the device and takes appropriate action based on its content. Because the warning is sensitive to the user's feelings, the user can follow the instructions naturally.
[0340] Step 7:
[0341] User reactions and feedback are collected from the device and sent to the server. The server uses this feedback to improve the next model update, further enhancing fraud detection capabilities and increasing the accuracy of the sentiment engine.
[0342] (Example 2)
[0343] Next, we will describe Example 2. In the following description, the data processing device 12 will be referred to as the "server" and the smart glasses 214 will be referred to as the "terminal".
[0344] In today's internet environment, fraudulent methods are constantly evolving, making detection increasingly difficult. Furthermore, users with limited knowledge of fraud are more likely to miss warning signs. Traditional systems struggle to issue appropriate warnings that take into account the individual emotional state of users, resulting in users being unable to respond effectively.
[0345] The identification process performed by the identification processing unit 290 of the data processing device 12 in Example 2 is realized by the following means.
[0346] In this invention, the server includes means for collecting data on novel fraudulent methods from information sources on the Internet, means for training a generative model using the collected data to improve the accuracy of fraud detection, and means for monitoring the user's communication information in real time and detecting signs of fraud. This makes it possible to immediately issue an appropriate warning that takes into account the user's emotional state when signs of fraud are detected.
[0347] "Internet information sources" refer to information providers such as databases, websites, and forums that are accessible online.
[0348] "Data on new fraud techniques" refers to datasets containing information on the latest phishing emails, fraudulent websites, and fraudulent technologies.
[0349] A "generative model" refers to an artificial intelligence model that learns from data and uses that knowledge to perform a specific task.
[0350] "Signs of fraud" refer to email content, internet traffic, and user behavior patterns that indicate the possibility of fraudulent activity.
[0351] "Emotional state" refers to the psychological and emotional state of a user based on their facial expressions, tone of voice, behavioral patterns, etc.
[0352] "Communication information" refers to digital communication data such as emails, messages, and phone calls conducted by users.
[0353] A "warning" refers to a message that informs a user of the risk of fraud and provides information to help prevent it.
[0354] "Response data" refers to information that records how a user responded to a system warning.
[0355] "Encrypted communication methods" refer to technologies that encrypt the content of information using specific protocols in order to ensure data security before transmission.
[0356] An "interactive and user-friendly interface" refers to a screen layout that allows users to easily operate the system and provides information in a visually easy-to-understand format.
[0357] This invention is an advanced prevention system that combines fraud detection with user sentiment analysis. Specific embodiments of this system are described below.
[0358] The server is responsible for collecting data on new fraud techniques from internet sources. Specifically, it collects information such as phishing emails, URLs of fraudulent websites, and details of the latest fraud technologies from publicly available online databases and security forums. This data is organized on the server and converted into an analyzable format. The server requires a high-performance processor and large-capacity storage, and a cloud-based data center is particularly suitable for this purpose.
[0359] The collected data is fed into a generative AI model. This AI model is, for example, a Transformer model for natural language processing. The server uses machine learning frameworks such as PyTorch or TensorFlow to train the model and improve its ability to automatically identify fraudulent activities.
[0360] The device uses the latest generative models and emotion engines sent from the server. The device monitors the user's communication information (emails, SMS messages, call content, etc.) in real time, and analyzes the communication content using techniques such as natural language processing to assess signs of fraud. Furthermore, the device uses the camera and microphone to analyze the user's facial expressions and voice in real time to determine their emotional state.
[0361] If a user receives a phishing email, the device analyzes the email's content and observes the user's emotional state. For example, if the device detects a potentially fraudulent link in the email and determines that the user is showing anxiety, it will display a warning on the screen saying, "This link may not be safe. Do not click it." Furthermore, the user's emotional data, gathered through the emotion engine, is fed back to the server and used for future model training.
[0362] An example of a prompt would be: "We would like to improve model accuracy by providing a dataset on newly emerging fraud techniques. Please suggest a way to display warning messages based on the latest phishing techniques and sentiment data analysis results." This prompt allows the generated AI model to utilize the necessary data and analysis results to suggest appropriate countermeasures.
[0363] The flow of the specific processing in Example 2 will be explained using Figure 13.
[0364] Step 1:
[0365] The server collects data on new fraud techniques from internet sources (online databases and security forums). This data includes phishing email samples, fraudulent URLs, and details of the fraudulent techniques. The input is data from the internet, and the output is a database in an organized format.
[0366] Step 2:
[0367] The server supplies the collected data to a generating AI model for training. The server uses PyTorch and TensorFlow to train a model that identifies fraudulent activities using the collected data. The input is organized fraud technique data, and the output is an improved fraud detection model.
[0368] Step 3:
[0369] The server collects the data necessary for analyzing the user's emotions and uses it to train the emotion engine. The input is voice and facial expression data, and the output is the emotion engine, which detects the user's emotional state with high accuracy.
[0370] Step 4:
[0371] The server sends the trained generative model and sentiment engine to the terminal. This is done via a secure protocol (e.g., HTTPS). The input is the improved model and engine, and the output is the latest version of the software on the terminal.
[0372] Step 5:
[0373] The device uses generative models and sentiment engines received from the server to monitor user communication information in real time. The device analyzes user emails and SMS messages using natural language processing technology to evaluate signs of fraud. The input is user communication data, and the output is the evaluation result regarding signs of fraud.
[0374] Step 6:
[0375] The device uses a camera and microphone to analyze the user's facial expressions and voice to determine their emotional state. The input is real-time audio and video data, and the output is the user's emotional state.
[0376] Step 7:
[0377] If a user receives an email that shows signs of fraud, the device will display an appropriate warning based on the analysis results and sentiment level. The input is the fraud assessment result and sentiment level, and the output is the warning message displayed to the user.
[0378] Step 8:
[0379] The user receives a warning from their device and takes appropriate action, such as deleting the email. The user's response data is sent from the device to the server and used for the next model update. The input is the user's response data, and the output is the feedback data stored on the server.
[0380] (Application Example 2)
[0381] Next, we will explain application example 2. In the following explanation, the data processing device 12 will be referred to as the "server," and the smart glasses 214 will be referred to as the "terminal."
[0382] Fraudulent activities are becoming more sophisticated and diverse every day, requiring effective measures to protect personal information and property. Furthermore, systems that issue warnings without considering the user's emotional state can cause unnecessary stress. Therefore, a system is needed that monitors users' real-time communications and analyzes their emotions to issue warnings in the most appropriate way.
[0383] The specific processing performed by the specific processing unit 290 of the data processing device 12 in Application Example 2 is realized by the following means.
[0384] In this invention, the server includes means for collecting information on new fraud techniques from a database on the internet, means for training a generative model using the received information to improve the accuracy of fraud detection, and means for analyzing the user's emotions and adjusting warnings according to the user's emotional state. This makes it possible to take effective fraud prevention measures without causing stress to the user.
[0385] An "internet database" is a collection of information that exists online and collects and manages various types of information.
[0386] "Fraudulent practices" refer to dishonest acts or methods used to deceive people and gain profit.
[0387] A "generative model" is an algorithm that uses machine learning to learn patterns and perform inferences on new data.
[0388] "Fraud detection accuracy" refers to the degree of the ability to accurately identify fraudulent activities.
[0389] "Real-time monitoring" means monitoring and analyzing an event or data instantly at that moment.
[0390] "Signs of fraud" are evidence or indicators that indicate fraudulent activity is taking place or is about to take place.
[0391] "User emotions" refer to the internal feelings and psychological states that an individual experiences in a particular situation.
[0392] "Adjusting warnings" means changing the content and timing of warnings to be issued according to the situation.
[0393] "Feedback information" refers to reactions and opinions received from users, and is useful for improving and adjusting the system.
[0394] A "user-friendly interface" is a user interface that is designed to be intuitively easy to use and operate for the user.
[0395] An "encryption protocol" refers to the rules and procedures used to securely send and receive data, and includes technologies to protect data from unauthorized access.
[0396] To realize this invention, the system mainly consists of three elements: a server, a terminal, and a user. The server continuously collects information on new fraudulent methods from databases on the internet. This makes it possible to accumulate newly detected fraud patterns in the database. The received information is used to train a generative AI model, improving the accuracy of fraud detection. The server utilizes machine learning frameworks such as "TensorFlow" and "PyTorch" as its central processing unit.
[0397] The terminal monitors the user's real-time communication data using a generative AI model provided by the server. The terminal refers to a mobile device such as a smartphone or tablet, and its built-in camera and microphone are used to analyze the user's emotions. For example, the terminal uses natural language processing libraries such as "NLTK" or "spaCy" to analyze the content of messaging apps and emails. Furthermore, it uses "Emotion API" and "OpenCV" to analyze the user's facial expressions and voice tone, and identifies emotions in real time.
[0398] Users receive immediate alerts from their devices when signs of fraud are detected. These warnings are displayed through a user-friendly interface, tailored to the user's emotional state. For example, if a user is about to click a link in a phishing email, a standard warning is issued if the user is detected as calm, but a gentler, more guiding message is provided if the user is confused.
[0399] As a concrete example, when a user receives a phishing email, the device analyzes the email's content and, the moment it determines there are signs of fraud, uses the camera and microphone to determine the user's emotions. Based on this, it generates and displays the most appropriate warning message. The server collects this data as feedback information to help train the next model.
[0400] An example of a prompt for a generative AI model is: "Simulate an application that analyzes the content of an email received by a user, assesses the likelihood of fraud, and provides a warning message tailored to the user's emotions."
[0401] The flow of a specific process in Application Example 2 will be explained using Figure 14.
[0402] Step 1:
[0403] The server collects information on new fraud methods from databases on the internet. This collection process is automated, and data is retrieved periodically via an API. The input is raw data obtained from internet databases, and the output is the result of extracting information related to fraud methods from that data. This information is prepared as training material for a generative AI model.
[0404] Step 2:
[0405] The server inputs the collected fraud techniques information into a generative AI model to train it. This process uses machine learning frameworks such as TensorFlow and PyTorch. The input is the fraud information extracted in the previous step, and backpropagation is performed to update the model's weights and biases. The output is the updated generative AI model.
[0406] Step 3:
[0407] The device receives a generative AI model distributed from the server and monitors the user's communication data in real time. The device utilizes natural language processing libraries such as "NLTK" and "spaCy" for data analysis. The input is real-time communication data from email and messaging apps, and the output is an analyzed indicator of the likelihood of fraud. Based on this indicator, signs of fraud are detected.
[0408] Step 4:
[0409] If a user makes a communication that suggests fraud, the device uses its camera and microphone to collect and analyze the user's emotions. It uses "Emotion API" and "OpenCV" for facial expression and voice analysis. The input is the user's facial image and voice data, and the output is the analyzed emotional state. The content of the warning is then adjusted based on this emotional state.
[0410] Step 5:
[0411] The device displays warnings to the user based on the results of sentiment analysis. The warnings are generated in a user-friendly interface, taking into account the risk of fraud and the user's emotional state. Inputs are emotional state and fraud indicator data, and output is a appropriately tailored warning message. The warning message is presented to the user in real time.
[0412] Step 6:
[0413] The device monitors user responses and behaviors and sends feedback to the server. This feedback is used to update and improve the generative model in the future. The input is user response behavior data, and the output is information collected on the server as feedback.
[0414] The specific processing unit 290 transmits the result of the specific processing to the smart glasses 214. In the smart glasses 214, the control unit 46A causes the speaker 240 to output the result of the specific processing. The microphone 238 acquires audio indicating user input for the result of the specific processing. The control unit 46A transmits the audio data indicating user input acquired by the microphone 238 to the data processing unit 12. In the data processing unit 12, the specific processing unit 290 acquires the audio data.
[0415] Data generation model 58 is a type of so-called generative AI (Artificial Intelligence). One example of data generation model 58 is ChatGPT (Internet search<URL: https: / / openai.com / blog / chatgpt> ), Gemini (Internet search) <url: https: gemini.google.com ?hl="ja">Examples of generative AI include the following. The data generation model 58 is obtained by performing deep learning on a neural network. The data generation model 58 is input with prompts containing instructions, and with inference data such as audio data representing speech, text data representing text, and image data representing images. The data generation model 58 infers from the input inference data according to the instructions indicated by the prompts, and outputs the inference results in data formats such as audio data and text data. Here, inference refers to, for example, analysis, classification, prediction, and / or summarization.
[0416] In the above embodiment, an example was given in which specific processing is performed by the data processing device 12, but the technology of this disclosure is not limited thereto, and the specific processing may also be performed by the smart glasses 214.
[0417] [Third Embodiment]
[0418] Figure 5 shows an example of the configuration of the data processing system 310 according to the third embodiment.
[0419] As shown in Figure 5, the data processing system 310 includes a data processing device 12 and a headset terminal 314. An example of the data processing device 12 is a server.
[0420] The data processing device 12 comprises a computer 22, a database 24, and a communication interface 26. The computer 22 is an example of a "computer" related to the technology of this disclosure. The computer 22 comprises a processor 28, RAM 30, and storage 32. The processor 28, RAM 30, and storage 32 are connected to a bus 34. The database 24 and the communication interface 26 are also connected to the bus 34. The communication interface 26 is connected to a network 54. An example of the network 54 is a WAN (Wide Area Network) and / or a LAN (Local Area Network).
[0421] The headset terminal 314 includes a computer 36, a microphone 238, a speaker 240, a camera 42, a communication interface 44, and a display 343. The computer 36 includes a processor 46, RAM 48, and storage 50. The processor 46, RAM 48, and storage 50 are connected to a bus 52. The microphone 238, speaker 240, camera 42, and display 343 are also connected to the bus 52.
[0422] The microphone 238 receives voice signals from the user 20 and receives instructions from the user 20. The microphone 238 captures the voice signals from the user 20, converts the captured voice into audio data, and outputs it to the processor 46. The speaker 240 outputs audio according to the instructions from the processor 46.
[0423] Camera 42 is a small digital camera equipped with an optical system including a lens, aperture, and shutter, and an image sensor such as a CMOS (Complementary Metal-Oxide-Semiconductor) image sensor or a CCD (Charge Coupled Device) image sensor, and captures images of the area around the user 20 (for example, an imaging range defined by a field of view equivalent to the width of a typical healthy person's field of vision).
[0424] Communication interface 44 is connected to network 54. Communication interfaces 44 and 26 are responsible for the exchange of various information between processor 46 and processor 28 via network 54. The exchange of various information between processor 46 and processor 28 using communication interfaces 44 and 26 is performed in a secure manner.
[0425] Figure 6 shows an example of the main functions of the data processing device 12 and the headset terminal 314. As shown in Figure 6, the data processing device 12 performs specific processing using the processor 28. The storage 32 stores the specific processing program 56.
[0426] The specific processing program 56 is an example of a "program" relating to the technology of this disclosure. The processor 28 reads the specific processing program 56 from the storage 32 and executes the read specific processing program 56 on the RAM 30. The specific processing is realized by the processor 28 operating as a specific processing unit 290 in accordance with the specific processing program 56 executed on the RAM 30.
[0427] The storage 32 stores the data generation model 58 and the emotion identification model 59. The data generation model 58 and the emotion identification model 59 are used by the identification processing unit 290.
[0428] In the headset terminal 314, the processor 46 performs the reception output processing. The storage 50 stores the reception output program 60. The processor 46 reads the reception output program 60 from the storage 50 and executes the read reception output program 60 on the RAM 48. The reception output processing is realized by the processor 46 operating as a control unit 46A according to the reception output program 60 executed on the RAM 48.
[0429] Next, the specific processing performed by the specific processing unit 290 of the data processing device 12 will be described. In the following description, the data processing device 12 will be referred to as the "server" and the headset terminal 314 will be referred to as the "terminal".
[0430] This invention is based on a system that retrieves information on the latest fraud techniques from an internet database and uses a generative model to learn from that information. The roles of the server, terminal, and user, which are the main components, are described below.
[0431] First, the server plays a key role. The server continuously collects fraud-related information from the internet. This includes publicly available security reports and blog posts about fraudulent activities. Based on this information, the server trains a generative model and builds algorithms to improve the accuracy of fraud detection. This allows it to respond to new fraud patterns.
[0432] Next, let's discuss the role of the terminal. The terminal receives periodically updated generative models from the server. It analyzes the user's daily interactions, such as email content and SMS messages, in real time to monitor for suspicious activity. The terminal utilizes machine learning models to detect signs of fraud and prepares to issue warnings if necessary.
[0433] Users receive alerts through an interface on their device. For example, if signs of unauthorized access are found in a newly received email, the device immediately provides an alert to the user. By reviewing the alert and following the instructions to address the indicated risks, users can prevent potential damage. Users can also provide feedback on the system's operation, and this information is collected on the server and used in future model updates.
[0434] As a concrete example, consider a scenario where a user receives a phishing email for online banking. The device analyzes the email and identifies a fake login link. This triggers the device to display a warning to the user saying, "Do not click on the link in this email." By following the warning and ignoring the link, the user avoids becoming a victim of fraud.
[0435] In this way, servers, terminals, and users cooperate to protect against fraud.
[0436] The following describes the processing flow.
[0437] Step 1:
[0438] The server collects the latest information on fraudulent methods from databases on the internet. This includes data from security-related news sites and blogs. This information is stored in the server's storage.
[0439] Step 2:
[0440] The server analyzes the collected information, extracts key features, and inputs them into a generative model. The generative model uses machine learning algorithms to learn patterns of fraudulent activity and updates its accuracy. This process improves the server's ability to detect the latest fraud techniques.
[0441] Step 3:
[0442] The server delivers the trained generative model to the terminal. This communication uses an encryption protocol to ensure data security.
[0443] Step 4:
[0444] The device activates the received generative model and monitors the user's communication data in real time. The device analyzes data entered through email, SMS, and other communication tools.
[0445] Step 5:
[0446] The device detects signs of fraud based on the analysis results. When certain conditions are met, the device immediately generates a warning and displays it to the user. The warning includes reasons why it may be a scam and recommended actions.
[0447] Step 6:
[0448] Users can view warnings from their devices and follow the instructions provided. This helps protect them from fraudulent activity. Users can also provide feedback to their devices regarding the effectiveness of the warning.
[0449] Step 7:
[0450] The terminal sends user feedback to the server. The server uses the received feedback to improve the system's accuracy in future model updates.
[0451] (Example 1)
[0452] Next, we will describe Example 1. In the following description, the data processing device 12 will be referred to as the "server," and the headset-type terminal 314 will be referred to as the "terminal."
[0453] In today's world, where internet communication is commonplace, fraudulent activities against individuals and businesses are becoming increasingly sophisticated. As a result, conventional security systems struggle to quickly detect and respond to new fraudulent methods, potentially leading to serious harm to users. Against this backdrop, there is a need for a system that can quickly and efficiently detect new fraudulent methods and provide appropriate warnings to users.
[0454] The identification process performed by the identification processing unit 290 of the data processing device 12 in Example 1 is realized by the following means.
[0455] In this invention, the server includes means for collecting information on new fraudulent methods from information storage devices on a communication network, means for improving the accuracy of fraud detection using a learning algorithm generated with the acquired information, and means for collecting user feedback and using it to update the next algorithm. This enables real-time detection of signs of fraud and immediate warning notification.
[0456] A "data storage device on a communication network" is a data storage device accessible via the Internet that holds data from various sources and provides it as needed.
[0457] "New fraudulent methods" refer to fraudulent activities that are difficult to detect with conventional security measures, using new or improved methods.
[0458] A "generated learning algorithm" refers to a set of computational procedures optimized to perform a specific task by learning patterns through data analysis.
[0459] "Fraud detection accuracy" refers to the ability to accurately identify fraudulent activities, and means reducing false positives and missed detections.
[0460] "User feedback information" refers to various types of information collected from users, including feedback on system operation and warnings.
[0461] "Real-time fraud detection" refers to a process that monitors users' communication data and immediately identifies signs of fraudulent activity.
[0462] An "immediate warning notification" is a cautionary message that is quickly sent to users when potential fraudulent activity is detected.
[0463] In order to implement this invention, a server, a terminal, and a user must each fulfill their respective roles.
[0464] The server collects information on new fraud methods from information storage devices on the internet. This information collection utilizes web scraping techniques to extract data from publicly available security reports and blog posts. The software used includes Python's BeautifulSoup and Scrapy. The collected data is analyzed on the server using natural language processing tools. Specifically, nltk and spaCy are used to cleanse text data and extract patterns of fraudulent methods. Then, a learning algorithm generated using the obtained data is trained using a generative AI model. In this process, TensorFlow and PyTorch are adopted as machine learning frameworks to improve the accuracy of fraud detection.
[0465] The device receives the latest AI model delivered from the server and deploys it in its local environment. On the device, it detects signs of fraud by analyzing the user's communication activity, such as emails and SMS messages, in real time. Lightweight machine learning libraries such as TensorFlow Lite and Core ML are used for this purpose. If suspicious activity is detected, the device prepares to immediately warn the user.
[0466] Users receive appropriate warnings through the interface on their devices. For example, if a phishing email is detected, a warning will be displayed stating, "Do not click on any links in this email." Users can then act accordingly and prevent themselves from becoming victims of fraud. Users can also provide feedback on the system's operation and the accuracy of the warnings, and this information will be used in future model updates.
[0467] As a concrete example, consider a scenario where a user receives a phishing email for online banking. The device analyzes the email and identifies a fake login link. This prompts the device to display a warning to the user saying, "Do not click on the link in this email." An example of a prompt in response to this would be, "Learn about the latest phishing techniques and show us how to warn users."
[0468] This invention is a system that achieves effective fraud prevention by having servers, terminals, and users cooperate to quickly detect new fraudulent methods and warn users.
[0469] The flow of the specific processing in Example 1 will be explained using Figure 11.
[0470] Step 1:
[0471] The server first collects information on new fraud schemes from data storage devices on the communication network. As input, the server targets publicly available information sources on the internet and obtains data using web scraping techniques. This involves using Python programs and libraries such as Scrapy. The output is raw data in text format.
[0472] Step 2:
[0473] The server analyzes the collected data using natural language processing tools. The input is the text data obtained in the previous step. Specifically, it uses nltk and spaCy to perform text cleansing, keyword extraction, and pattern recognition. This process extracts and outputs features related to fraudulent techniques.
[0474] Step 3:
[0475] The server trains a fraud detection algorithm using a generative AI model. The features obtained in step 2 are used as input. This training process utilizes TensorFlow and PyTorch to train the AI model. The output is the newly updated fraud detection model.
[0476] Step 4:
[0477] The server distributes the generated, trained model to the terminal. The input is the training result of the generated AI model, and to distribute it efficiently, formats such as ONNX may be used. The output is the AI model in the format that the terminal receives.
[0478] Step 5:
[0479] The terminal deploys an AI model received from the server and analyzes the user's communication data in real time. The input is email and SMS data flowing through the terminal. TensorFlow Lite and Core ML are used to process and analyze the data to detect signs of fraud. The output is whether or not there are signs of fraud based on the analysis results.
[0480] Step 6:
[0481] The device immediately warns the user if it detects signs of fraud. The input is the fraud detection result obtained in step 5. A warning message is generated and displayed on the screen or in the notification bar. The output is the warning message for the user to review.
[0482] Step 7:
[0483] The user receives a warning from the device and acts according to the instructions. The input is the warning message from the device, and the user takes appropriate action after reviewing this message. Feedback provided by the user, such as complaints and suggestions for improvement, is sent to the server during the next model update. The output is the feedback information sent to the server.
[0484] (Application Example 1)
[0485] Next, we will explain Application Example 1. In the following explanation, the data processing device 12 will be referred to as the "server," and the headset-type terminal 314 will be referred to as the "terminal."
[0486] In modern society, new forms of fraud using communication networks continue to increase, and these fraudulent activities are becoming increasingly prevalent in users' daily communications. Therefore, there is a need for systems that can detect and notify users of fraudulent activities in real time. However, existing methods are often slow to respond to the latest fraudulent techniques. Furthermore, there is a lack of systems that are user-friendly and capable of securely transferring information.
[0487] The specific processing performed by the specific processing unit 290 of the data processing device 12 in Application Example 1 is realized by the following means.
[0488] In this invention, the server includes means for collecting information on new fraudulent activity methods from a data set on an information network, means for training a predictive model using the acquired information to improve the accuracy of fraud detection, and means for monitoring users' communication information in real time to detect signs of fraud. This makes it possible to quickly detect fraudulent activity during user communication and to immediately notify users. Furthermore, by displaying notifications on a user-friendly display device and using encoding procedures for secure information transfer, it is possible to provide a user-friendly and secure system.
[0489] An "information network" is a system that provides an environment in which multiple information terminals can communicate with each other.
[0490] A "data set" is a collection of information that has been gathered and organized for a specific purpose.
[0491] "Fraudulent practices" refer to acts or methods used to achieve an objective by employing means considered unfair.
[0492] A "predictive model" is a mathematical or statistical framework constructed to predict future events based on past data.
[0493] "Communication information" refers to the content of data and messages exchanged between individual terminals.
[0494] "Signs of fraud" are specific patterns or behaviors that indicate the possibility of fraudulent activity.
[0495] A "display device" is a device or interface used to present information visually.
[0496] An "encoding procedure" is an encryption algorithm used to prevent easy access to communication data and ensure its secure transmission.
[0497] A "mobile communication device" is an electronic device that can send and receive information while moving.
[0498] One embodiment of this invention is a system in which a server, a terminal, and a user work together. This system is configured as follows.
[0499] The server's role is to continuously collect data on new fraudulent activities from the internet via the information network. Specifically, it retrieves security reports and blog posts published from various sources. The server then uses this collected data to build predictive models and train generative AI models, thereby improving the accuracy of fraud detection.
[0500] The terminal receives periodically updated predictive models from the server. Applications installed on various mobile communication devices monitor the user's communication information in real time and detect signs of fraud. If the terminal detects signs of fraud, it immediately displays a warning to the user. This uses a user-friendly display device and incorporates a function to securely transfer communication data using encoding procedures.
[0501] Users can receive warnings through an interface provided via their device. Furthermore, the device collects user feedback and sends it to a server, allowing this feedback to be used in future model updates. This feedback loop ensures the system constantly adapts to the latest fraudulent activities.
[0502] A concrete example would be a feature where, when a user receives a fake banking email, the device analyzes the email, detects signs of fraud, and displays a warning on the screen. In this example, an example of a prompt message to the generating AI model would be in the format of, "Analyze the following email message to determine if it contains suspicious content: {email content}".
[0503] The flow of a specific process in Application Example 1 will be explained using Figure 12.
[0504] Step 1:
[0505] The server collects data on new fraudulent activities from data sets on the internet via an information network. The input is online information sources, and the output is collected fraudulent activity data. The server analyzes this data and extracts relevant information. The analysis is performed using specific search keywords to organize the information necessary for the generative AI model.
[0506] Step 2:
[0507] The server uses the fraud data obtained in Step 1 to build a predictive model and train the generative AI model. The input is the organized fraud data, and the output is the updated predictive model. Data processing includes statistical analysis and feature selection, allowing the AI to learn patterns for detecting fraud.
[0508] Step 3:
[0509] The terminal receives the updated prediction model from the server. The input is the updated prediction model, and the output is the model ready for use. The terminal saves this model locally and prepares to analyze the user's communication information. At this stage, the model parameters are converted to a format suitable for the terminal.
[0510] Step 4:
[0511] The device monitors the user's communication data (e.g., emails and messages) in real time. The input is the user's communication data, and the output is the analysis results, with particular attention paid to signs of fraud. The device uses a generative AI model to analyze the possibility of fraud during communication and evaluate whether any fraudulent patterns are detected.
[0512] Step 5:
[0513] If signs of fraud are detected, the terminal immediately issues a warning to the user. The input is the detected signs of fraud, and the output is a warning message. The terminal uses the user's display device to show the warning in a user-friendly interface. This triggers a alert to the user.
[0514] Step 6:
[0515] The user reviews warnings from the device and provides feedback. Input is the warning message, and output is the user's rating and feedback. The feedback provided by the user is collected by the device and sent to the server.
[0516] Step 7:
[0517] The server utilizes user feedback in subsequent model updates. The input is user feedback, and the output is an improved predictive model. The server analyzes this feedback and makes adjustments to further improve the model's accuracy. This cycle ensures the system is always prepared to respond to the latest fraudulent activities.
[0518] Furthermore, an emotion engine that estimates the user's emotions may be incorporated. That is, the identification processing unit 290 may use the emotion identification model 59 to estimate the user's emotions and perform identification processing using the user's emotions.
[0519] This invention combines a system that collects information on fraudulent methods from an internet database, uses a generative model to learn from that information, and monitors user communication data in real time to detect signs of fraud with an emotion engine that recognizes user emotions.
[0520] One of the server's primary roles is to continuously collect data on fraudulent practices. This data is fed into generative models, which use machine learning algorithms to improve the accuracy of the models for detecting fraud. Additionally, sentiment data for the sentiment engine is also collected by the server and used when updating the models.
[0521] The device uses generative models and emotion engines received from the server to analyze the user's real-time communication data and emotions. By monitoring the user's emails, SMS messages, and call content, it not only detects suspicious activity but also analyzes the user's emotional state from their facial expressions and tone of voice. This allows the device to display warnings to the user at the appropriate time and in the most effective way.
[0522] Let's look at a specific example. When a user receives a phishing email, the device analyzes the email's content while observing the user's emotions. While it will warn the user about any links in the detected email, if it confirms that the user is in a calm emotional state, the device will simply display a normal warning. However, if it determines that the user is confused, it will select a warning message that gently guides the user. The emotional data monitored by the emotion engine is sent to the server as feedback and used for further model training.
[0523] Users receive interactive warnings displayed on their devices and can take action based on the instructions. Furthermore, by providing feedback tailored to sentiment analysis by the emotion engine, a cycle is formed that enhances the overall effectiveness of the system.
[0524] Thus, the present invention is implemented as a means to enable advanced fraud prevention through the interaction of servers, terminals, and users.
[0525] The following describes the processing flow.
[0526] Step 1:
[0527] The server collects information about fraudulent methods from various databases on the internet. The data is automatically filtered, and features useful for fraud detection are extracted. The server feeds this data into a generative model, and the model begins training on the relevant dataset.
[0528] Step 2:
[0529] The server also collects emotional data necessary for the emotion engine. This data is used to understand typical user emotional responses and to train the emotion engine model. The emotion engine has the ability to infer emotional states from facial expressions, voice tone, and text.
[0530] Step 3:
[0531] The server delivers the trained generative model and sentiment engine to the device. This communication is conducted securely using an encrypted protocol.
[0532] Step 4:
[0533] The device utilizes the received model to monitor the user's daily communication data in real time. Emails, SMS messages, and call content are analyzed to detect signs of fraud while an emotion engine understands the user's emotional state.
[0534] Step 5:
[0535] If the device detects a suspected scam, it adjusts the warning message according to the user's current emotional state. For example, if the emotion engine determines that the user is feeling anxious, the device selects reassuring wording and issues a warning to the user.
[0536] Step 6:
[0537] The user receives a warning from the device and takes appropriate action based on its content. Because the warning is sensitive to the user's feelings, the user can follow the instructions naturally.
[0538] Step 7:
[0539] User reactions and feedback are collected from the device and sent to the server. The server uses this feedback to improve the next model update, further enhancing fraud detection capabilities and increasing the accuracy of the sentiment engine.
[0540] (Example 2)
[0541] Next, we will describe Example 2. In the following description, the data processing device 12 will be referred to as the "server," and the headset-type terminal 314 will be referred to as the "terminal."
[0542] In today's internet environment, fraudulent methods are constantly evolving, making detection increasingly difficult. Furthermore, users with limited knowledge of fraud are more likely to miss warning signs. Traditional systems struggle to issue appropriate warnings that take into account the individual emotional state of users, resulting in users being unable to respond effectively.
[0543] The identification process performed by the identification processing unit 290 of the data processing device 12 in Example 2 is realized by the following means.
[0544] In this invention, the server includes means for collecting data on novel fraudulent methods from information sources on the Internet, means for training a generative model using the collected data to improve the accuracy of fraud detection, and means for monitoring the user's communication information in real time and detecting signs of fraud. This makes it possible to immediately issue an appropriate warning that takes into account the user's emotional state when signs of fraud are detected.
[0545] "Internet information sources" refer to information providers such as databases, websites, and forums that are accessible online.
[0546] "Data on new fraud techniques" refers to datasets containing information on the latest phishing emails, fraudulent websites, and fraudulent technologies.
[0547] A "generative model" refers to an artificial intelligence model that learns from data and uses that knowledge to perform a specific task.
[0548] "Signs of fraud" refer to email content, internet traffic, and user behavior patterns that indicate the possibility of fraudulent activity.
[0549] "Emotional state" refers to the psychological and emotional state of a user based on their facial expressions, tone of voice, behavioral patterns, etc.
[0550] "Communication information" refers to digital communication data such as emails, messages, and phone calls conducted by users.
[0551] A "warning" refers to a message that informs a user of the risk of fraud and provides information to help prevent it.
[0552] "Response data" refers to information that records how a user responded to a system warning.
[0553] "Encrypted communication methods" refer to technologies that encrypt the content of information using specific protocols in order to ensure data security before transmission.
[0554] An "interactive and user-friendly interface" refers to a screen layout that allows users to easily operate the system and provides information in a visually easy-to-understand format.
[0555] This invention is an advanced prevention system that combines fraud detection with user sentiment analysis. Specific embodiments of this system are described below.
[0556] The server is responsible for collecting data on new fraud techniques from internet sources. Specifically, it collects information such as phishing emails, URLs of fraudulent websites, and details of the latest fraud technologies from publicly available online databases and security forums. This data is organized on the server and converted into an analyzable format. The server requires a high-performance processor and large-capacity storage, and a cloud-based data center is particularly suitable for this purpose.
[0557] The collected data is fed into a generative AI model. This AI model is, for example, a Transformer model for natural language processing. The server uses machine learning frameworks such as PyTorch or TensorFlow to train the model and improve its ability to automatically identify fraudulent activities.
[0558] The device uses the latest generative models and emotion engines sent from the server. The device monitors the user's communication information (emails, SMS messages, call content, etc.) in real time, and analyzes the communication content using techniques such as natural language processing to assess signs of fraud. Furthermore, the device uses the camera and microphone to analyze the user's facial expressions and voice in real time to determine their emotional state.
[0559] If a user receives a phishing email, the device analyzes the email's content and observes the user's emotional state. For example, if the device detects a potentially fraudulent link in the email and determines that the user is showing anxiety, it will display a warning on the screen saying, "This link may not be safe. Do not click it." Furthermore, the user's emotional data, gathered through the emotion engine, is fed back to the server and used for future model training.
[0560] An example of a prompt would be: "We would like to improve model accuracy by providing a dataset on newly emerging fraud techniques. Please suggest a way to display warning messages based on the latest phishing techniques and sentiment data analysis results." This prompt allows the generated AI model to utilize the necessary data and analysis results to suggest appropriate countermeasures.
[0561] The flow of the specific processing in Example 2 will be explained using Figure 13.
[0562] Step 1:
[0563] The server collects data on new fraud techniques from internet sources (online databases and security forums). This data includes phishing email samples, fraudulent URLs, and details of the fraudulent techniques. The input is data from the internet, and the output is a database in an organized format.
[0564] Step 2:
[0565] The server supplies the collected data to a generating AI model for training. The server uses PyTorch and TensorFlow to train a model that identifies fraudulent activities using the collected data. The input is organized fraud technique data, and the output is an improved fraud detection model.
[0566] Step 3:
[0567] The server collects the data necessary for analyzing the user's emotions and uses it to train the emotion engine. The input is voice and facial expression data, and the output is the emotion engine, which detects the user's emotional state with high accuracy.
[0568] Step 4:
[0569] The server sends the trained generative model and sentiment engine to the terminal. This is done via a secure protocol (e.g., HTTPS). The input is the improved model and engine, and the output is the latest version of the software on the terminal.
[0570] Step 5:
[0571] The device uses generative models and sentiment engines received from the server to monitor user communication information in real time. The device analyzes user emails and SMS messages using natural language processing technology to evaluate signs of fraud. The input is user communication data, and the output is the evaluation result regarding signs of fraud.
[0572] Step 6:
[0573] The device uses a camera and microphone to analyze the user's facial expressions and voice to determine their emotional state. The input is real-time audio and video data, and the output is the user's emotional state.
[0574] Step 7:
[0575] If a user receives an email that shows signs of fraud, the device will display an appropriate warning based on the analysis results and sentiment level. The input is the fraud assessment result and sentiment level, and the output is the warning message displayed to the user.
[0576] Step 8:
[0577] The user receives a warning from their device and takes appropriate action, such as deleting the email. The user's response data is sent from the device to the server and used for the next model update. The input is the user's response data, and the output is the feedback data stored on the server.
[0578] (Application Example 2)
[0579] Next, we will explain application example 2. In the following explanation, the data processing device 12 will be referred to as the "server," and the headset-type terminal 314 will be referred to as the "terminal."
[0580] Fraudulent activities are becoming more sophisticated and diverse every day, requiring effective measures to protect personal information and property. Furthermore, systems that issue warnings without considering the user's emotional state can cause unnecessary stress. Therefore, a system is needed that monitors users' real-time communications and analyzes their emotions to issue warnings in the most appropriate way.
[0581] The specific processing performed by the specific processing unit 290 of the data processing device 12 in Application Example 2 is realized by the following means.
[0582] In this invention, the server includes means for collecting information on new fraud techniques from a database on the internet, means for training a generative model using the received information to improve the accuracy of fraud detection, and means for analyzing the user's emotions and adjusting warnings according to the user's emotional state. This makes it possible to take effective fraud prevention measures without causing stress to the user.
[0583] An "internet database" is a collection of information that exists online and collects and manages various types of information.
[0584] "Fraudulent practices" refer to dishonest acts or methods used to deceive people and gain profit.
[0585] A "generative model" is an algorithm that uses machine learning to learn patterns and perform inferences on new data.
[0586] "Fraud detection accuracy" refers to the degree of the ability to accurately identify fraudulent activities.
[0587] "Real-time monitoring" means monitoring and analyzing an event or data instantly at that moment.
[0588] "Signs of fraud" are evidence or indicators that indicate fraudulent activity is taking place or is about to take place.
[0589] "User emotions" refer to the internal feelings and psychological states that an individual experiences in a particular situation.
[0590] "Adjusting warnings" means changing the content and timing of warnings to be issued according to the situation.
[0591] "Feedback information" refers to reactions and opinions received from users, and is useful for improving and adjusting the system.
[0592] A "user-friendly interface" is a user interface that is designed to be intuitively easy to use and operate for the user.
[0593] An "encryption protocol" refers to the rules and procedures used to securely send and receive data, and includes technologies to protect data from unauthorized access.
[0594] To realize this invention, the system mainly consists of three elements: a server, a terminal, and a user. The server continuously collects information on new fraudulent methods from databases on the internet. This makes it possible to accumulate newly detected fraud patterns in the database. The received information is used to train a generative AI model, improving the accuracy of fraud detection. The server utilizes machine learning frameworks such as "TensorFlow" and "PyTorch" as its central processing unit.
[0595] The terminal monitors the user's real-time communication data using a generative AI model provided by the server. The terminal refers to a mobile device such as a smartphone or tablet, and its built-in camera and microphone are used to analyze the user's emotions. For example, the terminal uses natural language processing libraries such as "NLTK" or "spaCy" to analyze the content of messaging apps and emails. Furthermore, it uses "Emotion API" and "OpenCV" to analyze the user's facial expressions and voice tone, and identifies emotions in real time.
[0596] Users receive immediate alerts from their devices when signs of fraud are detected. These warnings are displayed through a user-friendly interface, tailored to the user's emotional state. For example, if a user is about to click a link in a phishing email, a standard warning is issued if the user is detected as calm, but a gentler, more guiding message is provided if the user is confused.
[0597] As a concrete example, when a user receives a phishing email, the device analyzes the email's content and, the moment it determines there are signs of fraud, uses the camera and microphone to determine the user's emotions. Based on this, it generates and displays the most appropriate warning message. The server collects this data as feedback information to help train the next model.
[0598] An example of a prompt for a generative AI model is: "Simulate an application that analyzes the content of an email received by a user, assesses the likelihood of fraud, and provides a warning message tailored to the user's emotions."
[0599] The flow of a specific process in Application Example 2 will be explained using Figure 14.
[0600] Step 1:
[0601] The server collects information on new fraud methods from databases on the internet. This collection process is automated, and data is retrieved periodically via an API. The input is raw data obtained from internet databases, and the output is the result of extracting information related to fraud methods from that data. This information is prepared as training material for a generative AI model.
[0602] Step 2:
[0603] The server inputs the collected fraud techniques information into a generative AI model to train it. This process uses machine learning frameworks such as TensorFlow and PyTorch. The input is the fraud information extracted in the previous step, and backpropagation is performed to update the model's weights and biases. The output is the updated generative AI model.
[0604] Step 3:
[0605] The device receives a generative AI model distributed from the server and monitors the user's communication data in real time. The device utilizes natural language processing libraries such as "NLTK" and "spaCy" for data analysis. The input is real-time communication data from email and messaging apps, and the output is an analyzed indicator of the likelihood of fraud. Based on this indicator, signs of fraud are detected.
[0606] Step 4:
[0607] If a user makes a communication that suggests fraud, the device uses its camera and microphone to collect and analyze the user's emotions. It uses "Emotion API" and "OpenCV" for facial expression and voice analysis. The input is the user's facial image and voice data, and the output is the analyzed emotional state. The content of the warning is then adjusted based on this emotional state.
[0608] Step 5:
[0609] The device displays warnings to the user based on the results of sentiment analysis. The warnings are generated in a user-friendly interface, taking into account the risk of fraud and the user's emotional state. Inputs are emotional state and fraud indicator data, and output is a appropriately tailored warning message. The warning message is presented to the user in real time.
[0610] Step 6:
[0611] The device monitors user responses and behaviors and sends feedback to the server. This feedback is used to update and improve the generative model in the future. The input is user response behavior data, and the output is information collected on the server as feedback.
[0612] The specific processing unit 290 transmits the result of the specific processing to the headset terminal 314. In the headset terminal 314, the control unit 46A causes the speaker 240 and display 343 to output the result of the specific processing. The microphone 238 acquires audio indicating user input for the result of the specific processing. The control unit 46A transmits the audio data indicating user input acquired by the microphone 238 to the data processing unit 12. In the data processing unit 12, the specific processing unit 290 acquires the audio data.
[0613] Data generation model 58 is a type of so-called generative AI (Artificial Intelligence). One example of data generation model 58 is ChatGPT (Internet search<URL: https: / / openai.com / blog / chatgpt> ), Gemini (Internet search) <url: https: gemini.google.com ?hl="ja">Examples of generative AI include the following. The data generation model 58 is obtained by performing deep learning on a neural network. The data generation model 58 is input with prompts containing instructions, and with inference data such as audio data representing speech, text data representing text, and image data representing images. The data generation model 58 infers from the input inference data according to the instructions indicated by the prompts, and outputs the inference results in data formats such as audio data and text data. Here, inference refers to, for example, analysis, classification, prediction, and / or summarization.
[0614] In the above embodiment, an example was given in which specific processing is performed by the data processing device 12, but the technology of this disclosure is not limited thereto, and specific processing may also be performed by the headset terminal 314.
[0615] [Fourth Embodiment]
[0616] Figure 7 shows an example of the configuration of the data processing system 410 according to the fourth embodiment.
[0617] As shown in Figure 7, the data processing system 410 includes a data processing device 12 and a robot 414. An example of the data processing device 12 is a server.
[0618] The data processing device 12 comprises a computer 22, a database 24, and a communication interface 26. The computer 22 is an example of a "computer" related to the technology of this disclosure. The computer 22 comprises a processor 28, RAM 30, and storage 32. The processor 28, RAM 30, and storage 32 are connected to a bus 34. The database 24 and the communication interface 26 are also connected to the bus 34. The communication interface 26 is connected to a network 54. An example of the network 54 is a WAN (Wide Area Network) and / or a LAN (Local Area Network).
[0619] The robot 414 includes a computer 36, a microphone 238, a speaker 240, a camera 42, a communication interface 44, and a controlled object 443. The computer 36 includes a processor 46, RAM 48, and storage 50. The processor 46, RAM 48, and storage 50 are connected to a bus 52. The microphone 238, speaker 240, camera 42, and controlled object 443 are also connected to the bus 52.
[0620] The microphone 238 receives voice signals from the user 20 and receives instructions from the user 20. The microphone 238 captures the voice signals from the user 20, converts the captured voice into audio data, and outputs it to the processor 46. The speaker 240 outputs audio according to the instructions from the processor 46.
[0621] Camera 42 is a small digital camera equipped with an optical system including a lens, aperture, and shutter, and an image sensor such as a CMOS (Complementary Metal-Oxide-Semiconductor) image sensor or a CCD (Charge Coupled Device) image sensor, and captures images of the area around the user 20 (for example, an imaging range defined by a field of view equivalent to the width of a typical healthy person's field of vision).
[0622] Communication interface 44 is connected to network 54. Communication interfaces 44 and 26 are responsible for the exchange of various information between processor 46 and processor 28 via network 54. The exchange of various information between processor 46 and processor 28 using communication interfaces 44 and 26 is performed in a secure manner.
[0623] The controlled object 443 includes a display device, LEDs in the eyes, and motors that drive the arms, hands, and feet. The posture and gestures of the robot 414 are controlled by controlling the motors of the arms, hands, and feet. Some of the robot 414's emotions can be expressed by controlling these motors. Furthermore, the robot 414's facial expressions can also be expressed by controlling the illumination state of the LEDs in its eyes.
[0624] Figure 8 shows an example of the main functions of the data processing device 12 and the robot 414. As shown in Figure 8, the data processing device 12 performs specific processing using the processor 28. The storage 32 stores the specific processing program 56.
[0625] The specific processing program 56 is an example of a "program" relating to the technology of this disclosure. The processor 28 reads the specific processing program 56 from the storage 32 and executes the read specific processing program 56 on the RAM 30. The specific processing is realized by the processor 28 operating as a specific processing unit 290 in accordance with the specific processing program 56 executed on the RAM 30.
[0626] The storage 32 stores the data generation model 58 and the emotion identification model 59. The data generation model 58 and the emotion identification model 59 are used by the identification processing unit 290.
[0627] In robot 414, the processor 46 performs the reception output processing. The storage 50 stores the reception output program 60. The processor 46 reads the reception output program 60 from the storage 50 and executes the read reception output program 60 on the RAM 48. The reception output processing is realized by the processor 46 operating as a control unit 46A according to the reception output program 60 executed on the RAM 48.
[0628] Next, the specific processing performed by the specific processing unit 290 of the data processing device 12 will be described. In the following description, the data processing device 12 will be referred to as the "server" and the robot 414 as the "terminal".
[0629] This invention is based on a system that retrieves information on the latest fraud techniques from an internet database and uses a generative model to learn from that information. The roles of the server, terminal, and user, which are the main components, are described below.
[0630] First, the server plays a key role. The server continuously collects fraud-related information from the internet. This includes publicly available security reports and blog posts about fraudulent activities. Based on this information, the server trains a generative model and builds algorithms to improve the accuracy of fraud detection. This allows it to respond to new fraud patterns.
[0631] Next, let's discuss the role of the terminal. The terminal receives periodically updated generative models from the server. It analyzes the user's daily interactions, such as email content and SMS messages, in real time to monitor for suspicious activity. The terminal utilizes machine learning models to detect signs of fraud and prepares to issue warnings if necessary.
[0632] Users receive alerts through an interface on their device. For example, if signs of unauthorized access are found in a newly received email, the device immediately provides an alert to the user. By reviewing the alert and following the instructions to address the indicated risks, users can prevent potential damage. Users can also provide feedback on the system's operation, and this information is collected on the server and used in future model updates.
[0633] As a concrete example, consider a scenario where a user receives a phishing email for online banking. The device analyzes the email and identifies a fake login link. This triggers the device to display a warning to the user saying, "Do not click on the link in this email." By following the warning and ignoring the link, the user avoids becoming a victim of fraud.
[0634] In this way, servers, terminals, and users cooperate to protect against fraud.
[0635] The following describes the processing flow.
[0636] Step 1:
[0637] The server collects the latest information on fraudulent methods from databases on the internet. This includes data from security-related news sites and blogs. This information is stored in the server's storage.
[0638] Step 2:
[0639] The server analyzes the collected information, extracts key features, and inputs them into a generative model. The generative model uses machine learning algorithms to learn patterns of fraudulent activity and updates its accuracy. This process improves the server's ability to detect the latest fraud techniques.
[0640] Step 3:
[0641] The server delivers the trained generative model to the terminal. This communication uses an encryption protocol to ensure data security.
[0642] Step 4:
[0643] The device activates the received generative model and monitors the user's communication data in real time. The device analyzes data entered through email, SMS, and other communication tools.
[0644] Step 5:
[0645] The device detects signs of fraud based on the analysis results. When certain conditions are met, the device immediately generates a warning and displays it to the user. The warning includes reasons why it may be a scam and recommended actions.
[0646] Step 6:
[0647] Users can view warnings from their devices and follow the instructions provided. This helps protect them from fraudulent activity. Users can also provide feedback to their devices regarding the effectiveness of the warning.
[0648] Step 7:
[0649] The terminal sends user feedback to the server. The server uses the received feedback to improve the system's accuracy in future model updates.
[0650] (Example 1)
[0651] Next, we will describe Example 1. In the following description, the data processing device 12 will be referred to as the "server" and the robot 414 as the "terminal".
[0652] In today's world, where internet communication is commonplace, fraudulent activities against individuals and businesses are becoming increasingly sophisticated. As a result, conventional security systems struggle to quickly detect and respond to new fraudulent methods, potentially leading to serious harm to users. Against this backdrop, there is a need for a system that can quickly and efficiently detect new fraudulent methods and provide appropriate warnings to users.
[0653] The identification process performed by the identification processing unit 290 of the data processing device 12 in Example 1 is realized by the following means.
[0654] In this invention, the server includes means for collecting information on new fraudulent methods from information storage devices on a communication network, means for improving the accuracy of fraud detection using a learning algorithm generated with the acquired information, and means for collecting user feedback and using it to update the next algorithm. This enables real-time detection of signs of fraud and immediate warning notification.
[0655] A "data storage device on a communication network" is a data storage device accessible via the Internet that holds data from various sources and provides it as needed.
[0656] "New fraudulent methods" refer to fraudulent activities that are difficult to detect with conventional security measures, using new or improved methods.
[0657] A "generated learning algorithm" refers to a set of computational procedures optimized to perform a specific task by learning patterns through data analysis.
[0658] "Fraud detection accuracy" refers to the ability to accurately identify fraudulent activities, and means reducing false positives and missed detections.
[0659] "User feedback information" refers to various types of information collected from users, including feedback on system operation and warnings.
[0660] "Real-time fraud detection" refers to a process that monitors users' communication data and immediately identifies signs of fraudulent activity.
[0661] An "immediate warning notification" is a cautionary message that is quickly sent to users when potential fraudulent activity is detected.
[0662] In order to implement this invention, a server, a terminal, and a user must each fulfill their respective roles.
[0663] The server collects information on new fraud methods from information storage devices on the internet. This information collection utilizes web scraping techniques to extract data from publicly available security reports and blog posts. The software used includes Python's BeautifulSoup and Scrapy. The collected data is analyzed on the server using natural language processing tools. Specifically, nltk and spaCy are used to cleanse text data and extract patterns of fraudulent methods. Then, a learning algorithm generated using the obtained data is trained using a generative AI model. In this process, TensorFlow and PyTorch are adopted as machine learning frameworks to improve the accuracy of fraud detection.
[0664] The device receives the latest AI model delivered from the server and deploys it in its local environment. On the device, it detects signs of fraud by analyzing the user's communication activity, such as emails and SMS messages, in real time. Lightweight machine learning libraries such as TensorFlow Lite and Core ML are used for this purpose. If suspicious activity is detected, the device prepares to immediately warn the user.
[0665] Users receive appropriate warnings through the interface on their devices. For example, if a phishing email is detected, a warning will be displayed stating, "Do not click on any links in this email." Users can then act accordingly and prevent themselves from becoming victims of fraud. Users can also provide feedback on the system's operation and the accuracy of the warnings, and this information will be used in future model updates.
[0666] As a concrete example, consider a scenario where a user receives a phishing email for online banking. The device analyzes the email and identifies a fake login link. This prompts the device to display a warning to the user saying, "Do not click on the link in this email." An example of a prompt in response to this would be, "Learn about the latest phishing techniques and show us how to warn users."
[0667] This invention is a system that achieves effective fraud prevention by having servers, terminals, and users cooperate to quickly detect new fraudulent methods and warn users.
[0668] The flow of the specific processing in Example 1 will be explained using Figure 11.
[0669] Step 1:
[0670] The server first collects information on new fraud schemes from data storage devices on the communication network. As input, the server targets publicly available information sources on the internet and obtains data using web scraping techniques. This involves using Python programs and libraries such as Scrapy. The output is raw data in text format.
[0671] Step 2:
[0672] The server analyzes the collected data using natural language processing tools. The input is the text data obtained in the previous step. Specifically, it uses nltk and spaCy to perform text cleansing, keyword extraction, and pattern recognition. This process extracts and outputs features related to fraudulent techniques.
[0673] Step 3:
[0674] The server trains a fraud detection algorithm using a generative AI model. The features obtained in step 2 are used as input. This training process utilizes TensorFlow and PyTorch to train the AI model. The output is the newly updated fraud detection model.
[0675] Step 4:
[0676] The server distributes the generated, trained model to the terminal. The input is the training result of the generated AI model, and to distribute it efficiently, formats such as ONNX may be used. The output is the AI model in the format that the terminal receives.
[0677] Step 5:
[0678] The terminal deploys an AI model received from the server and analyzes the user's communication data in real time. The input is email and SMS data flowing through the terminal. TensorFlow Lite and Core ML are used to process and analyze the data to detect signs of fraud. The output is whether or not there are signs of fraud based on the analysis results.
[0679] Step 6:
[0680] The device immediately warns the user if it detects signs of fraud. The input is the fraud detection result obtained in step 5. A warning message is generated and displayed on the screen or in the notification bar. The output is the warning message for the user to review.
[0681] Step 7:
[0682] The user receives a warning from the device and acts according to the instructions. The input is the warning message from the device, and the user takes appropriate action after reviewing this message. Feedback provided by the user, such as complaints and suggestions for improvement, is sent to the server during the next model update. The output is the feedback information sent to the server.
[0683] (Application Example 1)
[0684] Next, we will explain Application Example 1. In the following explanation, the data processing device 12 will be referred to as the "server" and the robot 414 as the "terminal".
[0685] In modern society, new forms of fraud using communication networks continue to increase, and these fraudulent activities are becoming increasingly prevalent in users' daily communications. Therefore, there is a need for systems that can detect and notify users of fraudulent activities in real time. However, existing methods are often slow to respond to the latest fraudulent techniques. Furthermore, there is a lack of systems that are user-friendly and capable of securely transferring information.
[0686] The specific processing performed by the specific processing unit 290 of the data processing device 12 in Application Example 1 is realized by the following means.
[0687] In this invention, the server includes means for collecting information on new fraudulent activity methods from a data set on an information network, means for training a predictive model using the acquired information to improve the accuracy of fraud detection, and means for monitoring users' communication information in real time to detect signs of fraud. This makes it possible to quickly detect fraudulent activity during user communication and to immediately notify users. Furthermore, by displaying notifications on a user-friendly display device and using encoding procedures for secure information transfer, it is possible to provide a user-friendly and secure system.
[0688] An "information network" is a system that provides an environment in which multiple information terminals can communicate with each other.
[0689] A "data set" is a collection of information that has been gathered and organized for a specific purpose.
[0690] "Fraudulent practices" refer to acts or methods used to achieve an objective by employing means considered unfair.
[0691] A "predictive model" is a mathematical or statistical framework constructed to predict future events based on past data.
[0692] "Communication information" refers to the content of data and messages exchanged between individual terminals.
[0693] "Signs of fraud" are specific patterns or behaviors that indicate the possibility of fraudulent activity.
[0694] A "display device" is a device or interface used to present information visually.
[0695] An "encoding procedure" is an encryption algorithm used to prevent easy access to communication data and ensure its secure transmission.
[0696] A "mobile communication device" is an electronic device that can send and receive information while moving.
[0697] One embodiment of this invention is a system in which a server, a terminal, and a user work together. This system is configured as follows.
[0698] The server's role is to continuously collect data on new fraudulent activities from the internet via the information network. Specifically, it retrieves security reports and blog posts published from various sources. The server then uses this collected data to build predictive models and train generative AI models, thereby improving the accuracy of fraud detection.
[0699] The terminal receives periodically updated predictive models from the server. Applications installed on various mobile communication devices monitor the user's communication information in real time and detect signs of fraud. If the terminal detects signs of fraud, it immediately displays a warning to the user. This uses a user-friendly display device and incorporates a function to securely transfer communication data using encoding procedures.
[0700] Users can receive warnings through an interface provided via their device. Furthermore, the device collects user feedback and sends it to a server, allowing this feedback to be used in future model updates. This feedback loop ensures the system constantly adapts to the latest fraudulent activities.
[0701] A concrete example would be a feature where, when a user receives a fake banking email, the device analyzes the email, detects signs of fraud, and displays a warning on the screen. In this example, an example of a prompt message to the generating AI model would be in the format of, "Analyze the following email message to determine if it contains suspicious content: {email content}".
[0702] The flow of a specific process in Application Example 1 will be explained using Figure 12.
[0703] Step 1:
[0704] The server collects data on new fraudulent activities from data sets on the internet via an information network. The input is online information sources, and the output is collected fraudulent activity data. The server analyzes this data and extracts relevant information. The analysis is performed using specific search keywords to organize the information necessary for the generative AI model.
[0705] Step 2:
[0706] The server uses the fraud data obtained in Step 1 to build a predictive model and train the generative AI model. The input is the organized fraud data, and the output is the updated predictive model. Data processing includes statistical analysis and feature selection, allowing the AI to learn patterns for detecting fraud.
[0707] Step 3:
[0708] The terminal receives the updated prediction model from the server. The input is the updated prediction model, and the output is the model ready for use. The terminal saves this model locally and prepares to analyze the user's communication information. At this stage, the model parameters are converted to a format suitable for the terminal.
[0709] Step 4:
[0710] The device monitors the user's communication data (e.g., emails and messages) in real time. The input is the user's communication data, and the output is the analysis results, with particular attention paid to signs of fraud. The device uses a generative AI model to analyze the possibility of fraud during communication and evaluate whether any fraudulent patterns are detected.
[0711] Step 5:
[0712] If signs of fraud are detected, the terminal immediately issues a warning to the user. The input is the detected signs of fraud, and the output is a warning message. The terminal uses the user's display device to show the warning in a user-friendly interface. This triggers a alert to the user.
[0713] Step 6:
[0714] The user reviews warnings from the device and provides feedback. Input is the warning message, and output is the user's rating and feedback. The feedback provided by the user is collected by the device and sent to the server.
[0715] Step 7:
[0716] The server utilizes user feedback in subsequent model updates. The input is user feedback, and the output is an improved predictive model. The server analyzes this feedback and makes adjustments to further improve the model's accuracy. This cycle ensures the system is always prepared to respond to the latest fraudulent activities.
[0717] Furthermore, an emotion engine that estimates the user's emotions may be incorporated. That is, the identification processing unit 290 may use the emotion identification model 59 to estimate the user's emotions and perform identification processing using the user's emotions.
[0718] This invention combines a system that collects information on fraudulent methods from an internet database, uses a generative model to learn from that information, and monitors user communication data in real time to detect signs of fraud with an emotion engine that recognizes user emotions.
[0719] One of the server's primary roles is to continuously collect data on fraudulent practices. This data is fed into generative models, which use machine learning algorithms to improve the accuracy of the models for detecting fraud. Additionally, sentiment data for the sentiment engine is also collected by the server and used when updating the models.
[0720] The device uses generative models and emotion engines received from the server to analyze the user's real-time communication data and emotions. By monitoring the user's emails, SMS messages, and call content, it not only detects suspicious activity but also analyzes the user's emotional state from their facial expressions and tone of voice. This allows the device to display warnings to the user at the appropriate time and in the most effective way.
[0721] Let's look at a specific example. When a user receives a phishing email, the device analyzes the email's content while observing the user's emotions. While it will warn the user about any links in the detected email, if it confirms that the user is in a calm emotional state, the device will simply display a normal warning. However, if it determines that the user is confused, it will select a warning message that gently guides the user. The emotional data monitored by the emotion engine is sent to the server as feedback and used for further model training.
[0722] Users receive interactive warnings displayed on their devices and can take action based on the instructions. Furthermore, by providing feedback tailored to sentiment analysis by the emotion engine, a cycle is formed that enhances the overall effectiveness of the system.
[0723] Thus, the present invention is implemented as a means to enable advanced fraud prevention through the interaction of servers, terminals, and users.
[0724] The following describes the processing flow.
[0725] Step 1:
[0726] The server collects information about fraudulent methods from various databases on the internet. The data is automatically filtered, and features useful for fraud detection are extracted. The server feeds this data into a generative model, and the model begins training on the relevant dataset.
[0727] Step 2:
[0728] The server also collects emotional data necessary for the emotion engine. This data is used to understand typical user emotional responses and to train the emotion engine model. The emotion engine has the ability to infer emotional states from facial expressions, voice tone, and text.
[0729] Step 3:
[0730] The server delivers the trained generative model and sentiment engine to the device. This communication is conducted securely using an encrypted protocol.
[0731] Step 4:
[0732] The device utilizes the received model to monitor the user's daily communication data in real time. Emails, SMS messages, and call content are analyzed to detect signs of fraud while an emotion engine understands the user's emotional state.
[0733] Step 5:
[0734] If the device detects a suspected scam, it adjusts the warning message according to the user's current emotional state. For example, if the emotion engine determines that the user is feeling anxious, the device selects reassuring wording and issues a warning to the user.
[0735] Step 6:
[0736] The user receives a warning from the device and takes appropriate action based on its content. Because the warning is sensitive to the user's feelings, the user can follow the instructions naturally.
[0737] Step 7:
[0738] User reactions and feedback are collected from the device and sent to the server. The server uses this feedback to improve the next model update, further enhancing fraud detection capabilities and increasing the accuracy of the sentiment engine.
[0739] (Example 2)
[0740] Next, we will describe Example 2. In the following description, the data processing device 12 will be referred to as the "server" and the robot 414 as the "terminal".
[0741] In today's internet environment, fraudulent methods are constantly evolving, making detection increasingly difficult. Furthermore, users with limited knowledge of fraud are more likely to miss warning signs. Traditional systems struggle to issue appropriate warnings that take into account the individual emotional state of users, resulting in users being unable to respond effectively.
[0742] The identification process performed by the identification processing unit 290 of the data processing device 12 in Example 2 is realized by the following means.
[0743] In this invention, the server includes means for collecting data on novel fraudulent methods from information sources on the Internet, means for training a generative model using the collected data to improve the accuracy of fraud detection, and means for monitoring the user's communication information in real time and detecting signs of fraud. This makes it possible to immediately issue an appropriate warning that takes into account the user's emotional state when signs of fraud are detected.
[0744] "Internet information sources" refer to information providers such as databases, websites, and forums that are accessible online.
[0745] "Data on new fraud techniques" refers to datasets containing information on the latest phishing emails, fraudulent websites, and fraudulent technologies.
[0746] A "generative model" refers to an artificial intelligence model that learns from data and uses that knowledge to perform a specific task.
[0747] "Signs of fraud" refer to email content, internet traffic, and user behavior patterns that indicate the possibility of fraudulent activity.
[0748] "Emotional state" refers to the psychological and emotional state of a user based on their facial expressions, tone of voice, behavioral patterns, etc.
[0749] "Communication information" refers to digital communication data such as emails, messages, and phone calls conducted by users.
[0750] A "warning" refers to a message that informs a user of the risk of fraud and provides information to help prevent it.
[0751] "Response data" refers to information that records how a user responded to a system warning.
[0752] "Encrypted communication methods" refer to technologies that encrypt the content of information using specific protocols in order to ensure data security before transmission.
[0753] An "interactive and user-friendly interface" refers to a screen layout that allows users to easily operate the system and provides information in a visually easy-to-understand format.
[0754] This invention is an advanced prevention system that combines fraud detection with user sentiment analysis. Specific embodiments of this system are described below.
[0755] The server is responsible for collecting data on new fraud techniques from internet sources. Specifically, it collects information such as phishing emails, URLs of fraudulent websites, and details of the latest fraud technologies from publicly available online databases and security forums. This data is organized on the server and converted into an analyzable format. The server requires a high-performance processor and large-capacity storage, and a cloud-based data center is particularly suitable for this purpose.
[0756] The collected data is fed into a generative AI model. This AI model is, for example, a Transformer model for natural language processing. The server uses machine learning frameworks such as PyTorch or TensorFlow to train the model and improve its ability to automatically identify fraudulent activities.
[0757] The device uses the latest generative models and emotion engines sent from the server. The device monitors the user's communication information (emails, SMS messages, call content, etc.) in real time, and analyzes the communication content using techniques such as natural language processing to assess signs of fraud. Furthermore, the device uses the camera and microphone to analyze the user's facial expressions and voice in real time to determine their emotional state.
[0758] If a user receives a phishing email, the device analyzes the email's content and observes the user's emotional state. For example, if the device detects a potentially fraudulent link in the email and determines that the user is showing anxiety, it will display a warning on the screen saying, "This link may not be safe. Do not click it." Furthermore, the user's emotional data, gathered through the emotion engine, is fed back to the server and used for future model training.
[0759] An example of a prompt would be: "We would like to improve model accuracy by providing a dataset on newly emerging fraud techniques. Please suggest a way to display warning messages based on the latest phishing techniques and sentiment data analysis results." This prompt allows the generated AI model to utilize the necessary data and analysis results to suggest appropriate countermeasures.
[0760] The flow of the specific processing in Example 2 will be explained using Figure 13.
[0761] Step 1:
[0762] The server collects data on new fraud techniques from internet sources (online databases and security forums). This data includes phishing email samples, fraudulent URLs, and details of the fraudulent techniques. The input is data from the internet, and the output is a database in an organized format.
[0763] Step 2:
[0764] The server supplies the collected data to a generating AI model for training. The server uses PyTorch and TensorFlow to train a model that identifies fraudulent activities using the collected data. The input is organized fraud technique data, and the output is an improved fraud detection model.
[0765] Step 3:
[0766] The server collects the data necessary for analyzing the user's emotions and uses it to train the emotion engine. The input is voice and facial expression data, and the output is the emotion engine, which detects the user's emotional state with high accuracy.
[0767] Step 4:
[0768] The server sends the trained generative model and sentiment engine to the terminal. This is done via a secure protocol (e.g., HTTPS). The input is the improved model and engine, and the output is the latest version of the software on the terminal.
[0769] Step 5:
[0770] The device uses generative models and sentiment engines received from the server to monitor user communication information in real time. The device analyzes user emails and SMS messages using natural language processing technology to evaluate signs of fraud. The input is user communication data, and the output is the evaluation result regarding signs of fraud.
[0771] Step 6:
[0772] The device uses a camera and microphone to analyze the user's facial expressions and voice to determine their emotional state. The input is real-time audio and video data, and the output is the user's emotional state.
[0773] Step 7:
[0774] If a user receives an email that shows signs of fraud, the device will display an appropriate warning based on the analysis results and sentiment level. The input is the fraud assessment result and sentiment level, and the output is the warning message displayed to the user.
[0775] Step 8:
[0776] The user receives a warning from their device and takes appropriate action, such as deleting the email. The user's response data is sent from the device to the server and used for the next model update. The input is the user's response data, and the output is the feedback data stored on the server.
[0777] (Application Example 2)
[0778] Next, we will explain application example 2. In the following explanation, the data processing device 12 will be referred to as the "server" and the robot 414 as the "terminal".
[0779] Fraudulent activities are becoming more sophisticated and diverse every day, requiring effective measures to protect personal information and property. Furthermore, systems that issue warnings without considering the user's emotional state can cause unnecessary stress. Therefore, a system is needed that monitors users' real-time communications and analyzes their emotions to issue warnings in the most appropriate way.
[0780] The specific processing performed by the specific processing unit 290 of the data processing device 12 in Application Example 2 is realized by the following means.
[0781] In this invention, the server includes means for collecting information on new fraud techniques from a database on the internet, means for training a generative model using the received information to improve the accuracy of fraud detection, and means for analyzing the user's emotions and adjusting warnings according to the user's emotional state. This makes it possible to take effective fraud prevention measures without causing stress to the user.
[0782] An "internet database" is a collection of information that exists online and collects and manages various types of information.
[0783] "Fraudulent practices" refer to dishonest acts or methods used to deceive people and gain profit.
[0784] A "generative model" is an algorithm that uses machine learning to learn patterns and perform inferences on new data.
[0785] "Fraud detection accuracy" refers to the degree of the ability to accurately identify fraudulent activities.
[0786] "Real-time monitoring" means monitoring and analyzing an event or data instantly at that moment.
[0787] "Signs of fraud" are evidence or indicators that indicate fraudulent activity is taking place or is about to take place.
[0788] "User emotions" refer to the internal feelings and psychological states that an individual experiences in a particular situation.
[0789] "Adjusting warnings" means changing the content and timing of warnings to be issued according to the situation.
[0790] "Feedback information" refers to reactions and opinions received from users, and is useful for improving and adjusting the system.
[0791] A "user-friendly interface" is a user interface that is designed to be intuitively easy to use and operate for the user.
[0792] An "encryption protocol" refers to the rules and procedures used to securely send and receive data, and includes technologies to protect data from unauthorized access.
[0793] To realize this invention, the system mainly consists of three elements: a server, a terminal, and a user. The server continuously collects information on new fraudulent methods from databases on the internet. This makes it possible to accumulate newly detected fraud patterns in the database. The received information is used to train a generative AI model, improving the accuracy of fraud detection. The server utilizes machine learning frameworks such as "TensorFlow" and "PyTorch" as its central processing unit.
[0794] The terminal monitors the user's real-time communication data using a generative AI model provided by the server. The terminal refers to a mobile device such as a smartphone or tablet, and its built-in camera and microphone are used to analyze the user's emotions. For example, the terminal uses natural language processing libraries such as "NLTK" or "spaCy" to analyze the content of messaging apps and emails. Furthermore, it uses "Emotion API" and "OpenCV" to analyze the user's facial expressions and voice tone, and identifies emotions in real time.
[0795] Users receive immediate alerts from their devices when signs of fraud are detected. These warnings are displayed through a user-friendly interface, tailored to the user's emotional state. For example, if a user is about to click a link in a phishing email, a standard warning is issued if the user is detected as calm, but a gentler, more guiding message is provided if the user is confused.
[0796] As a concrete example, when a user receives a phishing email, the device analyzes the email's content and, the moment it determines there are signs of fraud, uses the camera and microphone to determine the user's emotions. Based on this, it generates and displays the most appropriate warning message. The server collects this data as feedback information to help train the next model.
[0797] An example of a prompt for a generative AI model is: "Simulate an application that analyzes the content of an email received by a user, assesses the likelihood of fraud, and provides a warning message tailored to the user's emotions."
[0798] The flow of a specific process in Application Example 2 will be explained using Figure 14.
[0799] Step 1:
[0800] The server collects information on new fraud methods from databases on the internet. This collection process is automated, and data is retrieved periodically via an API. The input is raw data obtained from internet databases, and the output is the result of extracting information related to fraud methods from that data. This information is prepared as training material for a generative AI model.
[0801] Step 2:
[0802] The server inputs the collected fraud techniques information into a generative AI model to train it. This process uses machine learning frameworks such as TensorFlow and PyTorch. The input is the fraud information extracted in the previous step, and backpropagation is performed to update the model's weights and biases. The output is the updated generative AI model.
[0803] Step 3:
[0804] The device receives a generative AI model distributed from the server and monitors the user's communication data in real time. The device utilizes natural language processing libraries such as "NLTK" and "spaCy" for data analysis. The input is real-time communication data from email and messaging apps, and the output is an analyzed indicator of the likelihood of fraud. Based on this indicator, signs of fraud are detected.
[0805] Step 4:
[0806] If a user makes a communication that suggests fraud, the device uses its camera and microphone to collect and analyze the user's emotions. It uses "Emotion API" and "OpenCV" for facial expression and voice analysis. The input is the user's facial image and voice data, and the output is the analyzed emotional state. The content of the warning is then adjusted based on this emotional state.
[0807] Step 5:
[0808] The device displays warnings to the user based on the results of sentiment analysis. The warnings are generated in a user-friendly interface, taking into account the risk of fraud and the user's emotional state. Inputs are emotional state and fraud indicator data, and output is a appropriately tailored warning message. The warning message is presented to the user in real time.
[0809] Step 6:
[0810] The device monitors user responses and behaviors and sends feedback to the server. This feedback is used to update and improve the generative model in the future. The input is user response behavior data, and the output is information collected on the server as feedback.
[0811] The specific processing unit 290 transmits the result of the specific processing to the robot 414. In the robot 414, the control unit 46A causes the speaker 240 and the controlled object 443 to output the result of the specific processing. The microphone 238 acquires audio indicating user input for the result of the specific processing. The control unit 46A transmits the audio data indicating user input acquired by the microphone 238 to the data processing unit 12. In the data processing unit 12, the specific processing unit 290 acquires the audio data.
[0812] Data generation model 58 is a type of so-called generative AI (Artificial Intelligence). One example of data generation model 58 is ChatGPT (Internet search<URL: https: / / openai.com / blog / chatgpt> ), Gemini (Internet search) <url: https: gemini.google.com ?hl="ja">Examples of generative AI include the following. The data generation model 58 is obtained by performing deep learning on a neural network. The data generation model 58 is input with prompts containing instructions, and with inference data such as audio data representing speech, text data representing text, and image data representing images. The data generation model 58 infers from the input inference data according to the instructions indicated by the prompts, and outputs the inference results in data formats such as audio data and text data. Here, inference refers to, for example, analysis, classification, prediction, and / or summarization.
[0813] In the above embodiment, an example was given in which the specific processing is performed by the data processing device 12, but the technology of this disclosure is not limited thereto, and the specific processing may also be performed by the robot 414.
[0814] Furthermore, the emotion identification model 59, acting as an emotion engine, may determine the user's emotion according to a specific mapping. Specifically, the emotion identification model 59 may determine the user's emotion according to a specific mapping, which is an emotion map (see Figure 9). Similarly, the emotion identification model 59 may also determine the robot's emotion, and the identification processing unit 290 may perform identification processing using the robot's emotion.
[0815] Figure 9 shows an emotion map 400 in which multiple emotions are mapped. In the emotion map 400, emotions are arranged in concentric circles radiating from the center. The closer to the center of the concentric circles, the more primitive the emotions are located. Further out of the concentric circles, emotions representing states and actions arising from mental states are located. Emotion is a concept that includes feelings and mental states. On the left side of the concentric circles, emotions that are generally generated from reactions occurring in the brain are located. On the right side of the concentric circles, emotions that are generally induced by situational judgment are located. Above and below the concentric circles, emotions that are generally generated from reactions occurring in the brain and induced by situational judgment are located. In addition, the emotion of "pleasure" is located on the upper side of the concentric circles, and the emotion of "displeasure" is located on the lower side. Thus, in the emotion map 400, multiple emotions are mapped based on the structure in which emotions arise, and emotions that are likely to occur simultaneously are mapped close together.
[0816] These emotions are distributed at the 3 o'clock position on the Emotion Map 400, and usually fluctuate between feelings of security and anxiety. In the right half of the Emotion Map 400, situational awareness takes precedence over internal feelings, resulting in a calm impression.
[0817] The inside of the Emotion Map 400 represents inner thoughts, while the outside represents actions. Therefore, the further you go from the outside of the Emotion Map 400, the more visible (expressed in actions) your emotions become.
[0818] Here, human emotions are based on various balances, such as posture and blood sugar levels. When these balances deviate from the ideal, it results in discomfort, and when they approach the ideal, it results in pleasure. Similarly, in robots, cars, motorcycles, etc., emotions can be created based on various balances, such as posture and battery level. When these balances deviate from the ideal, it results in discomfort, and when they approach the ideal, it results in pleasure. The emotion map can be generated, for example, based on Dr. Mitsuyoshi's emotion map (Research on a system for analyzing brain physiological signals of speech emotion recognition and emotion, Tokushima University, doctoral dissertation: https: / / ci.nii.ac.jp / naid / 500000375379). The left half of the emotion map contains emotions belonging to a region called "response," where sensation is dominant. The right half of the emotion map contains emotions belonging to a region called "situation," where situational awareness is dominant.
[0819] The emotion map defines two emotions that promote learning. One is the emotion around the middle of the negative "repentance" and "reflection" on the situation side. In other words, it is when the robot experiences negative emotions such as "I never want to feel this way again" or "I don't want to be scolded again." The other is the emotion around the positive "desire" on the reaction side. In other words, it is when the robot has positive feelings such as "I want more" or "I want to know more."
[0820] The emotion identification model 59 inputs user input into a pre-trained neural network, obtains emotion values representing each emotion shown in the emotion map 400, and determines the user's emotion. This neural network is pre-trained based on multiple training data sets, which are combinations of user input and emotion values representing each emotion shown in the emotion map 400. Furthermore, this neural network is trained so that emotions located close together have similar values, as shown in the emotion map 900 in Figure 10. Figure 10 shows an example where multiple emotions such as "reassured," "calm," and "confident" have similar emotion values.
[0821] The above description primarily focuses on the functions of the data processing device 12 in relation to this disclosure. However, the system related to this disclosure is not necessarily implemented on a server. The system related to this disclosure may be implemented as a general information processing system. This disclosure may be implemented, for example, as a software program that runs on a personal computer or as an application that runs on a smartphone. The method related to this disclosure may be provided to users in SaaS (Software as a Service) format.
[0822] In the above embodiment, an example was given in which a specific process is performed by a single computer 22. However, the technology of this disclosure is not limited thereto, and a distributed processing of the specific process may be performed by multiple computers, including computer 22. For example, a data generation model 58 may be provided in an external device of the data processing device 12, and the external device may generate data according to the input data.
[0823] In the above embodiment, an example was given in which the specific processing program 56 is stored in the storage 32, but the technology of this disclosure is not limited thereto. For example, the specific processing program 56 may be stored in a portable, computer-readable, non-temporary storage medium such as a USB (Universal Serial Bus) memory. The specific processing program 56 stored in the non-temporary storage medium is installed in the computer 22 of the data processing device 12. The processor 28 executes specific processing according to the specific processing program 56.
[0824] Alternatively, the specific processing program 56 may be stored in a storage device such as a server connected to the data processing device 12 via the network 54, and the specific processing program 56 may be downloaded and installed on the computer 22 in response to a request from the data processing device 12.
[0825] Furthermore, it is not necessary to store the entirety of the specific processing program 56 in a storage device such as a server connected to the data processing device 12 via the network 54, or to store the entirety of the specific processing program 56 in the storage 32; it is acceptable to store only a portion of the specific processing program 56.
[0826] The following types of processors can be used as hardware resources to perform specific processing. Examples of processors include a CPU, a general-purpose processor that functions as a hardware resource to perform specific processing by executing software, i.e., a program. Other examples of processors include dedicated electrical circuits, such as FPGAs (Field-Programmable Gate Arrays), PLDs (Programmable Logic Devices), or ASICs (Application Specific Integrated Circuits), which have circuit configurations specifically designed to perform specific processing. All of these processors have built-in or connected memory, and all of them perform specific processing by using memory.
[0827] The hardware resource that performs a specific process may consist of one of these various processors, or it may consist of a combination of two or more processors of the same or different types (for example, a combination of multiple FPGAs, or a combination of a CPU and an FPGA). Alternatively, the hardware resource that performs a specific process may consist of a single processor.
[0828] Examples of configurations using a single processor include, firstly, a configuration in which one or more CPUs and software are combined to form a single processor, and this processor functions as a hardware resource that performs a specific process. Secondly, there is a configuration using a processor that realizes the functions of the entire system, including multiple hardware resources that perform a specific process, on a single IC chip, as exemplified by SoCs (System-on-a-chip). In this way, a specific process is realized using one or more of the above types of processors as hardware resources.
[0829] Furthermore, the hardware structure of these various processors can more specifically utilize electrical circuits that combine circuit elements such as semiconductor devices. Also, the specific processing described above is merely an example. Therefore, it goes without saying that unnecessary steps can be deleted, new steps added, or the processing order rearranged, as long as it does not deviate from the main purpose.
[0830] The descriptions and illustrations presented above are detailed explanations of the technical aspects of this disclosure and are merely examples of the technical aspects. For example, the above descriptions of the structure, function, operation, and effect are examples of the structure, function, operation, and effect of the technical aspects of this disclosure. Therefore, it goes without saying that you may delete unnecessary parts, add new elements, or replace elements in the descriptions and illustrations presented above, as long as you do not deviate from the essence of the technical aspects of this disclosure. Furthermore, in order to avoid confusion and facilitate understanding of the technical aspects of this disclosure, explanations of common technical knowledge and the like that do not require special explanation to enable the implementation of the technical aspects of this disclosure have been omitted from the descriptions and illustrations presented above.
[0831] All documents, patent applications, and technical standards described herein are incorporated by reference to the same extent as if each individual document, patent application, and technical standard were specifically and individually noted to be incorporated by reference.
[0832] The following is further disclosed regarding the embodiments described above.
[0833] (Claim 1)
[0834] A means of collecting information on new fraud methods from internet databases,
[0835] A means of improving the accuracy of fraud detection by training a generative model using the received information,
[0836] A means of monitoring user communication data in real time and detecting signs of fraud,
[0837] A means of immediately issuing a warning to the user when signs of fraud are detected,
[0838] A means of collecting user feedback information and using it to update the next model,
[0839] A system that includes this.
[0840] (Claim 2)
[0841] The system according to claim 1, wherein a warning is displayed by a user-friendly interface.
[0842] (Claim 3)
[0843] The system according to claim 1, which uses an encryption protocol to perform secure data transfer.
[0844] "Example 1"
[0845] (Claim 1)
[0846] A means of collecting information on new fraud methods from information storage devices on a communication network,
[0847] A means to improve the accuracy of fraud detection using a learning algorithm generated with the acquired information,
[0848] A means of monitoring users' communication activities in real time and detecting signs of fraud,
[0849] A means of immediately issuing a warning to the user when signs of fraud are detected,
[0850] A means of collecting user feedback and using it to update the next algorithm,
[0851] A system that includes this.
[0852] (Claim 2)
[0853] The system according to claim 1, wherein a warning is displayed using a user-friendly display method.
[0854] (Claim 3)
[0855] The system according to claim 1, which uses an encryption procedure to ensure secure information transmission.
[0856] "Application Example 1"
[0857] (Claim 1)
[0858] A means for collecting information on new fraudulent activities from data sets on an information network,
[0859] A means to improve the accuracy of fraud detection by training a predictive model using acquired information,
[0860] A means of monitoring users' communication information in real time and detecting signs of fraud,
[0861] A means of immediately notifying the user when signs of fraud are detected,
[0862] A means of collecting user evaluation information and using it to update subsequent models,
[0863] Means including an application that runs on a mobile communication device,
[0864] A system that includes this.
[0865] (Claim 2)
[0866] The system according to claim 1, wherein notifications are displayed using a user-friendly display device.
[0867] (Claim 3)
[0868] The system according to claim 1, which uses an encoding procedure to perform secure information transfer.
[0869] "Example 2 of combining an emotion engine"
[0870] (Claim 1)
[0871] A means of collecting data on new fraudulent methods from internet sources,
[0872] A means of improving the accuracy of fraud detection by training a generative model using collected data,
[0873] A means of monitoring user communication information in real time and detecting signs of fraud,
[0874] A means of analyzing the user's emotional state when signs of fraud are detected and immediately issuing appropriate warnings,
[0875] A means of collecting user response data and using it for the next model update,
[0876] A system that includes this.
[0877] (Claim 2)
[0878] The system according to claim 1, which displays warnings according to emotional state through an interactive and user-friendly interface.
[0879] (Claim 3)
[0880] The system according to claim 1, which uses a communication means for encrypting data for the purpose of secure information transfer.
[0881] "Application example 2 when combining with an emotional engine"
[0882] (Claim 1)
[0883] A means of collecting information on new fraud methods from internet databases,
[0884] A means of improving the accuracy of fraud detection by training a generative model using the received information,
[0885] A means of monitoring user communication data in real time and detecting signs of fraud,
[0886] A means of immediately issuing a warning to the user when signs of fraud are detected,
[0887] A means for analyzing user emotions and adjusting warnings according to the user's emotional state,
[0888] A means of collecting user feedback information and using it to update the next model,
[0889] A system that includes this.
[0890] (Claim 2)
[0891] The system according to claim 1, which displays a warning based on sentiment analysis through a user-friendly interface.
[0892] (Claim 3)
[0893] The system according to claim 1, which uses an encryption protocol to perform secure data transfer. [Explanation of Symbols]
[0894] 10, 210, 310, 410 Data Processing Systems 12 Data Processing Devices 14 Smart Devices 214 Smart Glasses 314 Headset-type terminal 414 Robots< / url:> < / url:> < / url:> < / url:>
Claims
1. A means of collecting information on new fraud methods from internet databases, A means of improving the accuracy of fraud detection by training a generative model using the received information, A means of monitoring user communication data in real time and detecting signs of fraud, A means to immediately warn users when signs of fraud are detected, A means of collecting user feedback information and using it to update the next model, A system that includes this.
2. The system according to claim 1, which displays a warning through a user-friendly interface.
3. The system according to claim 1, which uses an encryption protocol to perform secure data transfer.