ORACLE: Anticipating Scams from Partial Trajectories in Streaming App Usage

· Source: cs.LG updates on arXiv.org · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Cybersecurity & Data Privacy, Data Science & Analytics · Depth: Expert, extended

Summary

ORACLE (Online Reasoning for Anticipating Cross-temporal Latent thrEats) is a novel agentic framework designed for early scam anticipation from streaming smartphone app-usage trajectories. Traditional scam detection methods often fail because real-world scams unfold across multiple applications and over extended periods, with malicious intent emerging gradually from fragmented evidence. ORACLE addresses this by employing a self-evolving context manager that consolidates entity-centric interactions over time, reconstructing cross-temporal evidence from partial observations. It also features an on-policy self-distillation scheme where a teacher model, informed by anti-scam reflections, supervises a student model to enhance sensitivity to latent early-stage signals. The framework is evaluated on a curated, real-world long-horizon benchmark covering 12 scam types, 95 apps, and average spans of 15 days, demonstrating improved early scam anticipation with timely warnings and reduced false alerts compared to existing LLM baselines like GPT-5.1.

Key takeaway

For research scientists developing fraud detection systems, ORACLE's approach to anticipating multi-stage scams from streaming app usage offers a robust framework. You should consider implementing agentic designs with self-evolving context managers and on-policy self-distillation to improve early warning capabilities and reduce false positives, moving beyond isolated content analysis to cross-temporal behavioral reasoning.

Key insights

ORACLE anticipates multi-stage smartphone scams by integrating cross-temporal app usage and distilling expert knowledge.

Principles

Method

ORACLE uses a self-evolving context manager for entity-centric memory and an on-policy self-distillation scheme. A teacher model with anti-scam reflections supervises a student model, internalizing evidence-informed knowledge for early fraud pattern recognition.

In practice

Topics

Best for: Research Scientist, AI Scientist, Machine Learning Engineer, AI Security Engineer

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by cs.LG updates on arXiv.org.