1,908 research outputs found
Intelligent Financial Fraud Detection Practices: An Investigation
Financial fraud is an issue with far reaching consequences in the finance
industry, government, corporate sectors, and for ordinary consumers. Increasing
dependence on new technologies such as cloud and mobile computing in recent
years has compounded the problem. Traditional methods of detection involve
extensive use of auditing, where a trained individual manually observes reports
or transactions in an attempt to discover fraudulent behaviour. This method is
not only time consuming, expensive and inaccurate, but in the age of big data
it is also impractical. Not surprisingly, financial institutions have turned to
automated processes using statistical and computational methods. This paper
presents a comprehensive investigation on financial fraud detection practices
using such data mining methods, with a particular focus on computational
intelligence-based techniques. Classification of the practices based on key
aspects such as detection algorithm used, fraud type investigated, and success
rate have been covered. Issues and challenges associated with the current
practices and potential future direction of research have also been identified.Comment: Proceedings of the 10th International Conference on Security and
Privacy in Communication Networks (SecureComm 2014
An Assessment on Credit Card Fraud Detection: Survey
Credit card fraud is a costly problem for many financial institutions, costing businesses billions of dollars a year. Many adversaries still escape fraud detection systems because these systems often do not include information about the adversary's knowledge of the fraud detection mechanism. This thesis aims to include information on the motivations of "crooks" and the knowledge base in an adaptive fraud detection system. In this thesis, we use a theoretical adversarial learning approach to classification to model the best fraudster strategy. We proactively adapt the fraud detection system to classify these future fraudulent transactions better. Therefore, this document aims to provide an over-supervised bird's-eye approach with a suitable feature extraction technique that improves fraud detection rather than mistakenly classifying an actual transaction as fraud
A Comprehensive Survey of Data Mining-based Fraud Detection Research
This survey paper categorises, compares, and summarises from almost all
published technical and review articles in automated fraud detection within the
last 10 years. It defines the professional fraudster, formalises the main types
and subtypes of known fraud, and presents the nature of data evidence collected
within affected industries. Within the business context of mining the data to
achieve higher cost savings, this research presents methods and techniques
together with their problems. Compared to all related reviews on fraud
detection, this survey covers much more technical articles and is the only one,
to the best of our knowledge, which proposes alternative data and solutions
from related domains.Comment: 14 page
Finding Needles in a Moving Haystack: Prioritizing Alerts with Adversarial Reinforcement Learning
Detection of malicious behavior is a fundamental problem in security. One of
the major challenges in using detection systems in practice is in dealing with
an overwhelming number of alerts that are triggered by normal behavior (the
so-called false positives), obscuring alerts resulting from actual malicious
activity. While numerous methods for reducing the scope of this issue have been
proposed, ultimately one must still decide how to prioritize which alerts to
investigate, and most existing prioritization methods are heuristic, for
example, based on suspiciousness or priority scores. We introduce a novel
approach for computing a policy for prioritizing alerts using adversarial
reinforcement learning. Our approach assumes that the attackers know the full
state of the detection system and dynamically choose an optimal attack as a
function of this state, as well as of the alert prioritization policy. The
first step of our approach is to capture the interaction between the defender
and attacker in a game theoretic model. To tackle the computational complexity
of solving this game to obtain a dynamic stochastic alert prioritization
policy, we propose an adversarial reinforcement learning framework. In this
framework, we use neural reinforcement learning to compute best response
policies for both the defender and the adversary to an arbitrary stochastic
policy of the other. We then use these in a double-oracle framework to obtain
an approximate equilibrium of the game, which in turn yields a robust
stochastic policy for the defender. Extensive experiments using case studies in
fraud and intrusion detection demonstrate that our approach is effective in
creating robust alert prioritization policies.Comment: v1.
Chip and Skim: cloning EMV cards with the pre-play attack
EMV, also known as "Chip and PIN", is the leading system for card payments
worldwide. It is used throughout Europe and much of Asia, and is starting to be
introduced in North America too. Payment cards contain a chip so they can
execute an authentication protocol. This protocol requires point-of-sale (POS)
terminals or ATMs to generate a nonce, called the unpredictable number, for
each transaction to ensure it is fresh. We have discovered that some EMV
implementers have merely used counters, timestamps or home-grown algorithms to
supply this number. This exposes them to a "pre-play" attack which is
indistinguishable from card cloning from the standpoint of the logs available
to the card-issuing bank, and can be carried out even if it is impossible to
clone a card physically (in the sense of extracting the key material and
loading it into another card). Card cloning is the very type of fraud that EMV
was supposed to prevent. We describe how we detected the vulnerability, a
survey methodology we developed to chart the scope of the weakness, evidence
from ATM and terminal experiments in the field, and our implementation of
proof-of-concept attacks. We found flaws in widely-used ATMs from the largest
manufacturers. We can now explain at least some of the increasing number of
frauds in which victims are refused refunds by banks which claim that EMV cards
cannot be cloned and that a customer involved in a dispute must therefore be
mistaken or complicit. Pre-play attacks may also be carried out by malware in
an ATM or POS terminal, or by a man-in-the-middle between the terminal and the
acquirer. We explore the design and implementation mistakes that enabled the
flaw to evade detection until now: shortcomings of the EMV specification, of
the EMV kernel certification process, of implementation testing, formal
analysis, or monitoring customer complaints. Finally we discuss
countermeasures
Business intelligence in risk management: Some recent progresses
Risk management has become a vital topic both in academia and practice during the past several decades. Most business intelligence tools have been used to enhance risk management, and the risk management tools have benefited from business intelligence approaches. This introductory article provides a review of the state-of-the-art research in business intelligence in risk management, and of the work that has been accepted for publication in this issue of Information Sciences
- …