Technical Field

The present invention relates to a system for detecting fraudulent transactions without damaging data stream by ensuring that the data, which are gathered by means of rule-based analysis of the data gathered on a large scale and from different sources, are controlled.

Background of the Invention

Today, a great number of data are generated and the generated data are transferred to digital media. Various means are utilized for preparing, saving, compressing data. It is required to protect security of data during transfer of data from one point to another. Malicious persons can damage content of data or access important information within data, by making adjustments in actual data. Firms, companies, subscribers may suffer financially in cases where it is not possible to detect fraudulent activities. In the state of the art, data are analysed by means of predetermined rules in order to detect fraudulent cases. However, due to the fact that rules enabling to capture fraudulent cases cannot improve themselves in time, it takes much longer to prevent fraudulent data streams. In the state of the art, there is no solution which enables to gather information included in data at different sources independently of the related sources and to avoid interruption of data stream by enabling to change the rules -which are used during detection of fraudulent, abnormal cases within data stream- in the rule engine instantly and dynamically. Due to the above-mentioned reasons, it is understood that there is need for a system for detecting fraudulent cases in data stream which enables to gather information included in data at different sources independently of the related sources and to avoid interruption of data stream by enabling to change the rules -which are used during detection of fraudulent, abnormal cases within data stream- in the rule engine instantly and dynamically.

The Chinese patent document no. CN110674174A, an application in the state of the art, discloses a system and method for real-time data processing and anti-fraud by means of machine learning. The said invention comprises the following steps: receiving a first input over a user interface and generating an operator of a task of streaming data according to the first input. The operators generated comprise an application rule operator and the application rule operator comprises rules in at least one rule set; a task of streaming data is constructed according to the operator of the task and the task of the streaming data is run. The invention can process real-time streaming data by a real-time data processing system and the data processing efficiency is greatly improved. However, this invention does not mention gathering data from a large number of sources independently of the system and carrying out control, standardization and enrichment transactions on data.

Summary of the Invention

An objective of the present invention is to realize a system for detecting fraudulent cases in data stream which enables to gather information included in data at different sources independently of the related sources; to avoid interruption of data stream by enabling to change the rules -which are used during detection of fraudulent, abnormal cases within data stream- in the rule engine instantly and dynamically; and ensures that recommendations that will enable rules to operate more effectively are transmitted to authorized persons by examining the rule engines, which are used for detecting fraudulent cases in data, by means of machine learning algorithms.

Detailed Description of the Invention

“A System for Detecting Fraudulent Cases in Data Stream” realized to fulfil the objective of the present invention is shown in the figure attached, in which:

Figure 1 is a schematic view of the inventive system for detecting fraudulent cases in data stream

The components illustrated in the figure are individually numbered, where the numbers refer to the following:

1. System

2. Electronic device

3. Application

4. Database

5. Server

U. Authorized User

ES. External source

F. Firm

The inventive system (1) for detecting fraudulent cases in data stream which enables to detect fraudulent transactions without damaging data stream by ensuring that the data, that are gathered by means of rule-based analysis of the data gathered on a large scale and from different external sources (ES), are controlled comprises: at least one electronic device (2) which is configured to enable the authorized user (U) to get in contact with the firm (F); at least one application (3) which operates on the electronic device (2) and is configured to enable the authorized user (U) to view the information in the data transferred to the firm (F), to take various actions for subscribers who are affiliated with the firm (F); at least one database (4) which is connected with the application (3), the external sources (ES) and configured to ensure storage of data of the external sources (ES); and at least one server (5) which is connected with the database (4) and the application (3); configured to perform data enrichment on the raw data of the external sources (ES) stored in the database (4); to transfer the enriched data to at least one data stream processing platform included on thereof; to check whether fraudulent cases are included in the analysed data set by ensuring that the rule engine, which is determined by the authorized user (U), is operated on the enriched data in the data stream processing platform; to ensure that the authorized user (U) can take action against the firm (F) subscribers in the data comprising a fraudulent case by enabling the data set, which comprises a fraudulent case, is transmitted to the application (3).

The electronic device (2) included in the inventive system (1) is a smart device such as mobile phone, tablet, computer used by the authorized user (U) and configured to enable the authorized user (U) to get in contact with the firm (F).

The application (3) included in the inventive system (1) is configured to enable the authorized user (U) to determine the parameters in the rule engine operating in the server (5), by means of an interface included on thereof. The application (3) is configured to enable the authorized user (U) to determine the threshold values in connection with the manipulation, fraud conditions related to the firm (F), by means of an interface included on thereof. The database (4) included in the inventive system (1) is configured to store the data transmitted from the server (5) and gathered from the external sources (ES). The database (4) is configured in the form of nosql.

The server (5) included in the inventive system (1) is configured to bring the periods of data gathering and processing into an optimum level, by using a horizontallyexpanding distributed programming. The server (5) is configured to carry out transactions of control and standardization on the data received from files in the said external sources (ES), from web services, from tables in external databases, from various external applications independently of the external sources (ES), by getting in contact with the external sources (ES). The server (5) is configured to interpret the said data according to the mapping information on thereof while it carries out transactions of control and standardization on the data received from the external sources (ES), and to enrich the interpreted data such that they can be analysed better. The server (5) is configured to enable the data, that are received from the external sources (ES) and enriched, to be stored by transmitting them to the database (4). The server (5) is configured to write the enriched data -that it will process- to the topics in the data stream processing platform on thereof, by getting in contact with the database (4). The server (5) is configured to continuously listen the topics in the data stream processing platform by means of the rule engine included on thereof. The server (5) is configured to access the information of threshold value determined by the authorized user (U), by getting in contact with the application (3); to detect whether manipulation, fraud conditions are included in the analysed data or not according to the threshold value determined by the authorized user (U), by analysing the data -that are written into the topics in the data stream processing platform- via a plurality of data processing functions in the rule engine operating on thereof; to ensure that the information about the said suspicious subscriber groups are reported to the authorized user (U) upon transmitting them to the application (3) in the form of alarm, by determining the potential suspicious subscriber groups who are in association with the detected manipulation, fraud conditions. The server (5) is configured to write the alarm data, that it created related to the suspicious subscriber groups, into the topics in the data stream processing platform included on thereof. The server (5) is configured to enable the rule engine to detect fraudulent subscribers more precisely by analysing the rules -that are included in the rule engine used for detecting the manipulation, fraud conditions in the data received from the external sources (ES)- by means of machine learning algorithms included on thereof; to manage the threshold values determined by the authorized user (U) on the application (3) dynamically; to transmit the threshold value information, that will enable the rule engine to detect fraudulent subscribers more precisely, to the application (3) as a recommendation. The server (5) is configured to enable the authorized user (U) to request advance payment against fraudulent subscribers by means of the application (3), by transmitting the alarm data -that are generated about the fraudulent subscriber groups- to the application (3); and to request a verification process for the line.

In the inventive system (1), the authorized user (U) is configured to determine the threshold value to be used or detecting the fraudulent data, by using the application (3). The server (5) included in the system (1) carries out transactions of data enrichment on the data received from the external sources (ES) that may generate data in a large number and different file formats. The server (5) stores the enriched data in the database (4) included in the system (1), upon performing data enrichment on the data received from the external sources (ES). The server (5) operates the rule engine comprising a plurality of rules on the enriched data, which are stored in the database (4), and then detects the data sets that provide the fraudulent conditions in the enriched data. The fraudulent data sets are reported to the authorized user (U), upon being transmitted to the application (3) over the server (5). Thus, the authorized user (U) can take deterrent actions for the subscribers in the firm (F) related with the fraudulent data. With the inventive system (1), it is enabled to gather information included in data at different sources independently of the related sources; to avoid interruption of data stream by enabling to change the rules -which are used during detection of fraudulent, abnormal cases within data stream- in the rule engine instantly and dynamically; and ensured that recommendations that will enable rules to operate more effectively are transmitted to authorized persons by examining the rule engines, which are used for detecting fraudulent cases in data, by means of machine learning algorithms. Within these basic concepts; it is possible to develop various embodiments of the inventive system (1) for detecting fraudulent cases in data stream; the invention cannot be limited to examples disclosed herein and it is essentially according to claims.