소셜 네트워크와 이커머스 플랫폼에서의 잠재 네트워크 마이닝

학위논문(박사) -- 서울대학교대학원 : 공과대학 컴퓨터공학부, 2023. 2. 권태경.웹 기반 서비스의 폭발적인 발달로 사용자들은 온라인 상에서 폭넓게 연결되고 있다. 온라인 플랫폼 상에서, 사용자들은 서로에게 영향을 주고받으며 의사 결정에 그들의 경험과 의견을 반영하는 경향을 보인다. 본 학위 논문에서는 대표적인 온라인 플랫폼인 소셜 네트워크 서비스와 이커머스 플랫폼에서의 사용자 행동에 대해 연구하였다. 온라인 플랫폼에서의 사용자 행동은 사용자와 플랫폼 구성 요소 간의 관계로 표현할 수 있다. 사용자의 구매는 사용자와 상품 간의 관계로, 사용자의 체크인은 사용자와 장소 간의 관계로 나타내진다. 여기에 행동의 시간과 레이팅, 태그 등의 정보가 포함될 수 있다. 본 연구에서는 두 플랫폼에서 정의된 사용자의 행동 그래프에 영향을 미치는 잠재 네트워크를 파악하는 연구를 제시한다. 위치 기반의 소셜 네트워크 서비스의 경우 특정 장소에 방문하는 체크인 형식으로 많은 포스트가 만들어지는데, 사용자의 장소 방문은 사용자 간에 사전에 존재하는 친구 관계에 의해 영향을 크게 받는다. 사용자 활동 네트워크의 저변에 잠재된 사용자 간의 관계를 파악하는 것은 활동 예측에 도움이 될 수 있으며, 이를 위해 본 논문에서는 비지도학습 기반으로 활동 네트워크로부터 사용자 간 사회적 관계를 추출하는 연구를 제안하였다. 기존에 연구되었던 방법들은 두 사용자가 동시에 방문하는 행위인 co-visitation을 중점적으로 고려하여 사용자 간의 관계를 예측하거나, 네트워크 임베딩 또는 그래프 신경망(GNN)을 사용하여 표현 학습을 수행하였다. 그러나 이러한 접근 방식은 주기적인 방문이나 장거리 이동 등으로 대표되는 사용자의 행동 패턴을 잘 포착하지 못한다. 행동 패턴을 더 잘 학습하기 위해, ANES는 사용자 컨텍스트 내에서 사용자와 관심 지점(POI) 간의 측면(Aspect) 지향 관계를 학습한다. ANES는 User-POI 이분 그래프의 구조에서 사용자의 행동을 여러 개의 측면으로 나누고, 각각의 관계를 고려하여 행동 패턴을 추출하는 최초의 비지도학습 기반 접근 방식이다. 실제 LBSN 데이터에서 수행된 광범위한 실험에서, ANES는 기존에 제안되었던 기법들보다 높은 성능을 보여준다. 위치 기반 소셜 네트워크와는 다르게, 이커머스의 리뷰 시스템에서는 사용자들이 능동적인 팔로우/팔로잉 등의 행위를 수행하지 않고도 플랫폼에 의해 서로의 정보를 주고받고 영향력을 행사하게 된다. 이와 같은 사용자들의 행동 특성은 리뷰 스팸에 의해 쉽게 악용될 수 있다. 리뷰 스팸은 실제 사용자의 의견을 숨기고 평점을 조작하여 잘못된 정보를 전달하는 방식으로 이루어진다. 나는 이를 해결하기 위해 사용자 리뷰 데이터에서 사용자 간 사전 공모성(Collusiveness)의 가능성을 찾고, 이를 스팸 탐지에 활용한 방법인 SC-Com을 제안한다. SC-Com은 행동의 공모성으로부터 사용자 간 공모 점수를 계산하고 해당 점수를 바탕으로 전체 사용자를 유사한 사용자들의 커뮤니티로 분류한다. 그 후 스팸 유저와 일반 유저를 구별하는 데에 중요한 그래프 기반의 특징을 추출하여 감독 학습 기반의 분류기의 입력 데이터로 활용하는 방법을 제시한다. SC-Com은 공모성을 갖는 스팸 유저의 집합을 효과적으로 탐지한다. 실제 데이터셋을 이용한 실험에서, SC-Com은 기존 논문들 대비 스팸 탐지에 뛰어난 성능을 보여주었다. 위 논문에서 다양한 데이터에 대해 연구된 암시적 연결망 탐지 모델은 레이블이 없는 데이터에 대해서도 사전에 연결되었을 가능성이 높은 사용자들을 예측하므로, 실시간 위치 데이터나, 앱 사용 데이터 등의 다양한 데이터에서 활용할 수 있는 유용한 정보를 제공하여 광고 추천 시스템이나, 악성 유저 탐지 등의 분야에서 기여할 수 있을 것으로 기대한다.Following the exploding usage on online services, people are connected with each other more broadly and widely. In online platforms, people influence each other, and have tendency to reflect their opinions in decision-making. Social Network Services (SNSs) and E-commerce are typical example of online platforms. User behaviors in online platforms can be defined as relation between user and platform components. A user's purchase is a relationship between a user and a product, and a user's check-in is a relationship between a user and a place. Here, information such as action time, rating, tag, etc. may be included. In many studies, platform user behavior is represented in graph form. At this time, the elements constituting the nodes of the graph are composed of objects such as users and products and places within the platform, and the interaction between the platform elements and the user can be expressed as two nodes being connected. In this study, I present studies to identify potential networks that affect the user's behavior graph defined on the two platforms. In ANES, I focus on representation learning for social link inference based on user trajectory data. While traditional methods predict relations between users by considering hand-crafted features, recent studies first perform representation learning using network/node embedding or graph neural networks (GNNs) for downstream tasks such as node classification and link prediction. However, those approaches fail to capture behavioral patterns of individuals ingrained in periodical visits or long-distance movements. To better learn behavioral patterns, this paper proposes a novel scheme called ANES (Aspect-oriented Network Embedding for Social link inference). ANES learns aspect-oriented relations between users and Point-of-Interests (POIs) within their contexts. ANES is the first approach that extracts the complex behavioral pattern of users from both trajectory data and the structure of User-POI bipartite graphs. Extensive experiments on several real-world datasets show that ANES outperforms state-of-the-art baselines. In contrast to active social networks, people are connected to other users regardless of their intentions in some platforms, such as online shopping websites and restaurant review sites. They do not have any information about each other in advance, and they only have a common point which is that they have visited or have planned to visit same place or purchase a product. Interestingly, users have tendency to be influenced by the review data on their purchase intentions. Unfortunately, this instinct is easily exploited by opinion spammers. In SC-Com, I focus on opinion spam detection in online shopping services. In many cases, my decision-making process is closely related to online reviews. However, there have been threats of opinion spams by hired reviewers increasingly, which aim to mislead potential customers by hiding genuine consumers opinions. Opinion spams should be filed up collectively to falsify true information. Fortunately, I propose the way to spot the possibility to detect them from their collusiveness. In this paper, I propose SC-Com, an optimized collusive community detection framework. It constructs the graph of reviewers from the collusiveness of behavior and divides a graph by communities based on their mutual suspiciousness. After that, I extract community-based and temporal abnormality features which are critical to discriminate spammers from other genuine users. I show that my method detects collusive opinion spam reviewers effectively and precisely from their collective behavioral patterns. In the real-world dataset, my approach showed prominent performance while only considering primary data such as time and ratings. These implicit network inference models studied on various data in this thesis predicts users who are likely to be pre-connected to unlabeled data, so it is expected to contribute to areas such as advertising recommendation systems and malicious user detection by providing useful information.Chapter 1 Introduction 1 Chapter 2 Social link Inference in Location-based check-in data 5 2.1 Background 5 2.2 Related Work 12 2.3 Location-based Social Network Service Data 15 2.4 Aspect-wise Graph Decomposition 18 2.5 Aspect-wise Graph learning 19 2.6 Inferring Social Relation from User Representation 21 2.7 Performance Analysis 23 2.8 Discussion and Implications 26 2.9 Summary 34 Chapter 3 Detecting collusiveness from reviews in Online platforms and its application 35 3.1 Background 35 3.2 Related Work 39 3.3 Online Review Data 43 3.4 Collusive Graph Projection 44 3.5 Reviewer Community Detection 47 3.6 Review Community feature extraction and spammer detection 51 3.7 Performance Analysis 53 3.8 Discussion and Implications 55 3.9 Summary 62 Chapter 4 Conclusion 63박

Spam Reviews Detection in the Time of COVID-19 Pandemic: Background, Definitions, Methods and Literature Analysis

This work has been partially funded by projects PID2020-113462RB-I00 (ANIMALICOS), granted by Ministerio Espanol de Economia y Competitividad; projects P18-RT-4830 and A-TIC-608-UGR20 granted by Junta de Andalucia, and project B-TIC-402-UGR18 (FEDER and Junta de Andalucia).During the recent COVID-19 pandemic, people were forced to stay at home to protect their own and others’ lives. As a result, remote technology is being considered more in all aspects of life. One important example of this is online reviews, where the number of reviews increased promptly in the last two years according to Statista and Rize reports. People started to depend more on these reviews as a result of the mandatory physical distance employed in all countries. With no one speaking to about products and services feedback. Reading and posting online reviews becomes an important part of discussion and decision-making, especially for individuals and organizations. However, the growth of online reviews usage also provoked an increase in spam reviews. Spam reviews can be identified as fraud, malicious and fake reviews written for the purpose of profit or publicity. A number of spam detection methods have been proposed to solve this problem. As part of this study, we outline the concepts and detection methods of spam reviews, along with their implications in the environment of online reviews. The study addresses all the spam reviews detection studies for the years 2020 and 2021. In other words, we analyze and examine all works presented during the COVID-19 situation. Then, highlight the differences between the works before and after the pandemic in terms of reviews behavior and research findings. Furthermore, nine different detection approaches have been classified in order to investigate their specific advantages, limitations, and ways to improve their performance. Additionally, a literature analysis, discussion, and future directions were also presented.Spanish Government PID2020-113462RB-I00Junta de Andalucia P18-RT-4830 A-TIC-608-UGR20 B-TIC-402-UGR18European Commission B-TIC-402-UGR1

Enhancing Graph Neural Network-based Fraud Detectors against Camouflaged Fraudsters

Graph Neural Networks (GNNs) have been widely applied to fraud detection problems in recent years, revealing the suspiciousness of nodes by aggregating their neighborhood information via different relations. However, few prior works have noticed the camouflage behavior of fraudsters, which could hamper the performance of GNN-based fraud detectors during the aggregation process. In this paper, we introduce two types of camouflages based on recent empirical studies, i.e., the feature camouflage and the relation camouflage. Existing GNNs have not addressed these two camouflages, which results in their poor performance in fraud detection problems. Alternatively, we propose a new model named CAmouflage-REsistant GNN (CARE-GNN), to enhance the GNN aggregation process with three unique modules against camouflages. Concretely, we first devise a label-aware similarity measure to find informative neighboring nodes. Then, we leverage reinforcement learning (RL) to find the optimal amounts of neighbors to be selected. Finally, the selected neighbors across different relations are aggregated together. Comprehensive experiments on two real-world fraud datasets demonstrate the effectiveness of the RL algorithm. The proposed CARE-GNN also outperforms state-of-the-art GNNs and GNN-based fraud detectors. We integrate all GNN-based fraud detectors as an opensource toolbox: https://github.com/safe-graph/DGFraud. The CARE-GNN code and datasets are available at https://github.com/YingtongDou/CARE-GNN.Comment: Accepted by CIKM 202

Public procurement fraud in Malaysia: A political economy approach

This study investigates the practice of public procurement fraud in Malaysia. The aim of this research is to understand the nature and extent of the persistence of procurement fraud in the Malaysian public sector. Fraud in public procurement results in large losses of public funds which are needed by the government for delivering public services in order to build public infrastructure and facilities for healthcare and education, poverty eradication, security, defense and economic growth. A primarily qualitative methodology is employed in this study using the political economy approach in order to understand this social phenomenon. First, documentary analysis helps identifying some possible factors for the existence of fraud in public procurement in Malaysia. Then, qualitative data from semi-structured interviews are obtained using the Snowball Sampling Method (SSM). The interviews with 40 stakeholders (regulators, professionals, politicians, academics and media actors) reveal their „hidden‟ voices so as to understand public procurement fraud in Malaysia. Nevertheless, this study does not aim to make generalizations and reach concrete conclusions about this issue, but instead seeks to understand why public procurement fraud persists in Malaysia through an analysis of the subjective narratives of the stakeholders. This research identifies several possible factors explaining why fraud in Malaysian public procurement continues to exist: (1) the prevailing power of political and economic forces, (2) complexities in the check and balance system, (3) deficiencies in procurement practices, (4) constraints on the civil servants, and (5) characteristics of the Malaysian society. The findings contribute to the body of knowledge by focusing on an unexplored area of the institutional arrangements between the state and businesses in Malaysia. The institutional arrangements between state and private sector appear to be legitimate, but they have the potential to conceal fraudulent practices, thus making fraud possible. Given the sensitive nature of the subject matter of this research and the fact that fraud by its nature is often concealed, it is possible that the findings have only revealed the „tip of the iceberg‟ of public procurement fraud in Malaysia

Fraud in the banking industry: a case study of Kenya

Fraud has become a worldwide problem that is not set to abate in the near future. It is eroding the profitability of organisations with devastating effects on firm solvency. This research aims to contribute to the knowledge and understanding of fraud in Kenya’s financial institutions and focuses on the Kenyan banking industry, which includes forty three commercial banks of local, national, regional and international standing. The research conducted uses a theoretical framework based on the Fraud Triangle to analyse the incidence of fraud and the motivations of fraudsters. The research uses a sample of audit, fraud, security and other managers involved in fraud fighting from thirty banks across the industry to conduct a mixed qualitative and quantitative study based on a survey of sixty respondents and seventeen semi-structured interviews. The research found that fraud is considered to be a major problem within the Kenyan banking industry, although the relative size of frauds conducted was relatively small and unsophisticated. Fraud detection and prevention methods used in the industry were standard and no different from global standards. The fraud triangle worked effectively to predict the patterns of fraud described by respondents. However from this study it is argued that the Fraud Triangle is not as effective in explaining the collusive and predatory nature of the Kenyan bank fraudster

Delivering the recommendations of the Fraud Review 2006 and the paradox of police leadership

The purpose of this context statement is to investigate those factors which either contributed towards or impeded delivery of key recommendations from the Fraud Review, Attorney General (2006). These public works comprise three independent but intrinsically linked projects; the National Fraud Reporting Centre (NFRC), National Fraud Intelligence Bureau (NFIB) and the Economic Crime Academy (ECA). Critical analysis shows how the success of each project influenced and contributed directly to the next project. Examination is made of how, without vision and the continuity of leadership, these public works would either not exist today or would have failed to be as successful as they are. Reflection upon this, together with analyses of individual and organisational leadership styles, stimulated two unavoidable and fundamental questions to be raised: What does the Police Service now stand for? Is the current model of police leadership fit for purpose? Critical analysis of the role of police leadership in the delivery of these public works led to a further, specific question: Is the police response to fraud appropriate? This is because police responses to fraud often appear to be in conflict with Peelian Principles, ACPO (2012) and are more biased towards serving the criminal justice system rather than delivering social justice through interventions that are morally and ethically grounded. On commencement of this context statement the intention was for it to be read by like-minded leaders and visionaries, those who do not fit the norm or stereotype of a typical police manager; as the context statement evolved so too has the intended readership. Throughout reflective assessment and consideration of police leadership and today’s performance culture, it became increasingly apparent that this subject should be core reading for police leaders of the future. However, on completion of the context statement, it is apparent that readership audience should extend beyond the Police Service and the policy makers within government and the Ministry of Justice. The real audience should be the public we serve, those with whose consent we police. Therefore, it seems logical that public should be the ultimate critical assessors of this contribution, together with the effectiveness and appropriateness of the current and ongoing culture of police leadership and the response to fraud

Manager’s and citizen’s perspective of positive and negative risks for small probabilities

So far „risk‟ has been mostly defined as the expected value of a loss, mathematically PL, being P the probability of an adverse event and L the loss incurred as a consequence of the event. The so called risk matrix is based on this definition. Also for favorable events one usually refers to the expected gain PG, being G the gain incurred as a consequence of the positive event. These “measures” are generally violated in practice. The case of insurances (on the side of losses, negative risk) and the case of lotteries (on the side of gains, positive risk) are the most obvious. In these cases a single person is available to pay a higher price than that stated by the mathematical expected value, according to (more or less theoretically justified) measures. The higher the risk, the higher the unfair accepted price. The definition of risk as expected value is justified in a long term “manager‟s” perspective, in which it is conceivable to distribute the effects of an adverse event on a large number of subjects or a large number of recurrences. In other words, this definition is mostly justified on frequentist terms. Moreover, according to this definition, in two extreme situations (high-probability/low-consequence and low-probability/high-consequence), the estimated risk is low. This logic is against the principles of sustainability and continuous improvement, which should impose instead both a continuous search for lower probabilities of adverse events (higher and higher reliability) and a continuous search for lower impact of adverse events (in accordance with the fail-safe principle). In this work a different definition of risk is proposed, which stems from the idea of safeguard: (1Risk)=(1P)(1L). According to this definition, the risk levels can be considered low only when both the probability of the adverse event and the loss are small. Such perspective, in which the calculation of safeguard is privileged to the calculation of risk, would possibly avoid exposing the Society to catastrophic consequences, sometimes due to wrong or oversimplified use of probabilistic models. Therefore, it can be seen as the citizen‟s perspective to the definition of risk