Computer-aided financial fraud detection: Promise and applicability in monitoring financial transaction fraud

Anti-money Laundering (AML) and Financial Fraud Detection (FFD) have been receiving increasing attention in the past few years, especially in light of the global financial crisis. Closer systems integration and a number of latest steep technological developments in areas like Big Data; High Frequency Trading; e-payments; and mobile payment systems, to name a few, are now promising enhanced risk management through superior decision support for the global financial industry. At the same time, however, resident regulatory frameworks, national and international, appear to lack the connectivity and flexibility required to support integrated AML and FFD approaches. This is strongly testified by the disparate technological approaches to FFD across different Financial Institutions and their reluctance to share practice within the industry. Focusing on Financial Transaction Fraud, this paper draws on the authors’ past research work which presented a prototype system that uses a workflow approach to identify abnormal financial transactions and applies Artificial Intelligence for classification. That work has shown successful applicability at short scale experiments, limited by the wide concern that information sharing should be achieved within the broader sector in order to achieve improved results. Drawing from there, this paper proposes that extending that approach across transaction infrastructure will deliver higher quality intelligent monitoring against Financial Transaction Fraud. Following from that, we argue that the necessary technological maturity does exist to support full-scale operable FFD systems working on large disparate datasets. We then discuss the evidence in favour of the view that such systems can only be realised in the presence of wider regulatory consensus. There is, therefore, the need for a framework within which the technical infrastructure, business architecture and regulatory rules will harness that technological capability to deliver superior fraud prevention. The paper first reviews computer-aided techniques and approaches for FFD available to the financial sector and discusses the business value of their application. It then addresses the main impediments for their full-scale applicability and uses an analytical framework for assessing their significance, in technological, business-specific and regulatory terms. A brief account of the authors’ workflow-based approach is then provided and its capabilities are outlined

Towards real-time profiling of human attackers and bot detection

Characterising the person behind a cyber attack can be highly useful. At a practical security and forensic level, it can help profile adversaries during and after an attack, and at a theoretical level it can allow us to build improved threat models. This is, however, a challenging problem, as relevant data cannot easily be found. They are not often released publicly and may be the result of criminal investigation. Moreover, the identity of an attacker is rarely revealed in an attack. Here, we attempt a rather unusual approach. We attempt to classify the adversary as a type of human user, arguing that if it does not fit in any realistic profile of a human user, then it is probably a bot. Hence, we are working towards a system that is both a human attacker profiler and an anomaly-based bot detector. For this, we first need to build a technical system that collects relevant data in real- time. As no such information exists, we experimented with several different measurable input data and human profile characteristics, evaluating the usefulness of the former in determining the latter. We then present a case-based reason- ing approach that classifies an attacker based on the values of these metrics. For this, we use experimental data that we have previously collected and are the result of a set of cyber-attack scenarios carried out by 87 users. As a practical application, we have developed an automated profiling tool demonstrating the potential real-time use of the proposed system in a quasi-realistic setting. We discuss this approach’s ability for an adversary that has already gained access to a target system. The profile identified should tell us the characteristics of the adversary if it is human. If no profile can be identified, we argue that this is a good indication it is a bot

Towards the ensemble: IPCBR model in investigating financial bubbles

Asset value predictability remains a major research concern in financial market especially when considering the effect of unprecedented market fluctuations on the behaviour of market participants. This paper presents preliminary results toward the building a reliable forward problem on ensemble approach IPCBR model, that leverages the capabilities of Case based Reasoning(CBR) and Inverse Problem Techniques (IPTs) to describe and model abnormal stock market fluctuations (often associated with asset bubbles) using datasets from historical stock market prices. The framework uses a rich set of past observations and geometric pattern description and then applies a CBR to formulate the forward problem, Inverse Problem formulation is then applied to identify a set of parameters that can statistically be associated with the occurrence of the observed patterns. This research work presents a formative strategy aimed to determine the causes of behaviour, rather than predict future time series points which brings a novel perspective to the problem of asset bubbles predictability, and a deviation from the existing research trend. The results depict the stock dynamics and statistical fluctuating evidence associated with the envisaged bubble problem

Preface: case-based reasoning and deep learning.

Recent advances in deep learning (DL) have helped to usher in a new wave of confidence in the capability of artificial intelligence. Increasingly, we are seeing DL architectures out perform long established state-of-the-art algorithms in a number of diverse tasks. In fact, DL has reached a point where it currently rivals or has surpassed human performance in a number of challenges e.g. image classification, speech recognition and game play

Profiling cyber attackers using case-based reasoning

Computer security would arguably benefit from more information on the characteristics of the particular human attacker behind a security incident. Nevertheless, technical security mechanisms have always focused on the at- tack's characteristics rather than the attacker's. The latter is a challenging prob- lem, as relevant data cannot easily be found. We argue that the cyber traces left by a human attacker during an intrusion attempt can help towards building a profile of the particular person. To illustrate this concept, we have developed an approach using case-based reasoning that indirectly measures an attacker’s characteristics for given attack scenarios. Our results reveal that case-based rea- soning has the potential of being used to assist security and forensic investiga- tors in profiling human attackers