A survey of signature based methods for financial fraud detection

Fraud detection mechanisms support the successful identification of fraudulent system transactions performed through security flaws within deployed technology frameworks while maintaining optimal levels of service delivery and a minimal numbers of false alarms. Knowledge discovery techniques have been widely applied in fraud detection for data analysis and training of supervised learning algorithms to support the extraction of fraudulent account behaviour within static data sets. Escalating costs associated with fraud however have continued to drive the migration towards increasingly proactive methods of fraud detection, to support the real-time screening of transactional data and detection of ambiguous user behaviour prior to transaction completion. This shift in data processing from post to pre data storage significantly reduces the available time within which to evaluate newly arriving system requests and produce an accurate fraud decision, demanding increasingly robust and intelligent user profiling technologies to support advanced fraud detection. This paper provides a comprehensive survey of existing research into account signatures, an innovative account profiling technology which maintains a statistical representation of normal account usage for rapid recalculation in real-time. Fraud detection architectures, processing models and applications to date are critically examined and evaluated with respect to their proactive capabilities for detection of fraud within streaming financial data. Discussion is also presented on challenges which remain within the proactive profiling of account behaviour and future research directions within the signature domain.     

EVoIP: Energy efficient voice over IP privacy

Due to the convergence of telecommunication technologies and pervasive computing, voice is increasingly being transmitted over IP networks, in what is commonly known as Voice over IP (VoIP). Despite many advantages offered by this technology, VoIP applications inherit many challenging characteristics from the underlying IP network related to quality of service and security concerns. Traditional ways to secure data over IP networks have negative effects on real-time applications and on power consumption, which is scarce in power-constrained handheld devices. In this work, a new codec-independent Energy Efficient Voice over IP Privacy (E²VoIP²) algorithm is devised to limit the overhead of the encryption process, without compromising the end-to-end confidentiality of the conversation. The design takes advantage of VoIP stream characteristics to encrypt selected packets using a secure algorithm, while relaxing the encryption procedure in-between these packets. We evaluated experimentally the difficulty of conducting known plaintext attacks on VoIP by demonstrating that a sound recorded simultaneously by different sources results in apparently random encoded files. Regarding E²VoIP², experimental and simulation results show a substantial improvement in terms of the number of CPU cycles which results in a reduction of latency and a reduction in consumed power with respect to that of the SRTP. In addition, the proposed method is flexible in terms of the balance between security and power consumption.     

mVoIP for P2P service based authentication system using AA authentication server

VoIP (Voice over Internet Protocol), which provides voice calls as well as additional services at cheaper prices than PSTN (Public Switched Telephone Network), is gaining ground over the latter, which had been the dominant telephone network in the past. This kind of a VoIP service is evolving into a dedicated mVoIP service for the smartphone which allows calls to be made at cheap prices using a WiFi network, as the number of smartphone users is skyrocketing as of late. While an increase in the user base is expected for mVoIP, a packet network is an open network which means anyone can easily gain access and so there can be various problems. To mitigate this, in this paper an authentication system is designed which has an AA (Attribute Authority) server added to VoIP in order to increase security and discriminate user access. In this paper a system for addressing security vulnerabilities from the increase in the use of VoIP services and providing differentiated services according to user access privileges is designed. This paper is organized as follows: Chapter 1 gives the introduction; Chapter 2 is on related research; Chapter 3 describes the proposed technique and system; Chapter 4 implements the system and analyzes its the performance; and Chapter 5 gives the conclusions.     

Classification cost: An empirical comparison among traditional classifier, Cost-Sensitive Classifier, and MetaCost

Loan fraud is a critical factor in the insolvency of financial institutions, so companies make an effort to reduce the loss from fraud by building a model for proactive fraud prediction. However, there are still two critical problems to be resolved for the fraud detection: (1) the lack of cost sensitivity between type I error and type II error in most prediction models, and (2) highly skewed distribution of class in the dataset used for fraud detection because of sparse fraud-related data. The objective of this paper is to examine whether classification cost is affected both by the cost-sensitive approach and by skewed distribution of class. To that end, we compare the classification cost incurred by a traditional cost-insensitive classification approach and two cost-sensitive classification approaches, Cost-Sensitive Classifier (CSC) and MetaCost. Experiments were conducted with a credit loan dataset from a major financial institution in Korea, while varying the distribution of class in the dataset and the number of input variables. The experiments showed that the lowest classification cost was incurred when the MetaCost approach was used and when non-fraud data and fraud data were balanced. In addition, the dataset that includes all delinquency variables was shown to be most effective on reducing the classification cost.     

What are suspicious VoIP delays?

Voice over IP (VoIP) is unquestionably the most popular real-time service in IP networks today. Recent studies have shown that it is also a suitable carrier for information hiding. Hidden communication may pose security concerns as it can lead to confidential information leakage. In VoIP, RTP (Real-time Transport Protocol) in particular, which provides the means for the successful transport of voice packets through IP networks, is suitable for steganographic purposes. It is characterised by a high packet rate compared to other protocols used in IP telephony, resulting in a potentially high steganographic bandwidth. The modification of an RTP packet stream provides many opportunities for hidden communication as the packets may be delayed, reordered or intentionally lost. In this paper, to enable the detection of steganographic exchanges in VoIP, we examined real RTP traffic traces to answer the questions, what do the “normal” delays in RTP packet streams look like? and, is it possible to detect the use of known RTP steganographic methods based on this knowledge?     

Identifying the signs of fraudulent accounts using data mining techniques

In today’s technological society there are various new means to commit fraud due to the advancement of media and communication networks. One typical fraud is the ATM phone scams. The commonality of ATM phone scams is basically to attract victims to use financial institutions or ATMs to transfer their money into fraudulent accounts. Regardless of the types of fraud used, fraudsters can only collect victims’ money through fraudulent accounts. Therefore, it is very important to identify the signs of such fraudulent accounts and to detect fraudulent accounts based on these signs, in order to reduce victims’ losses. This study applied Bayesian Classification and Association Rule to identify the signs of fraudulent accounts and the patterns of fraudulent transactions. Detection rules were developed based on the identified signs and applied to the design of a fraudulent account detection system. Empirical verification supported that this fraudulent account detection system can successfully identify fraudulent accounts in early stages and is able to provide reference for financial institutions.     

Strategies to Keep Your VoIP Network Secure

As VoIP technology matures, more IT departments have made the jump to integrate VoIP into their enterprise communication systems. But, before an organization fully commits to the technology, it should perform a risk assessment, paying close attention to any security measures needed to protect these IP-based voice networks. For telephone systems where controlled access throughout the communications infrastructure isn't necessary, services that leverage machines on the public Internet could be a cost-effective choice. However, for systems where secured network control is critical, VoIP networks based on private enterprise infrastructures should be considered. This article focuses on the security measures associated with private-enterprise-based VoIP networks.     

无线VoIP系统语音加密算法的研究

随着无线网络的飞速发展和VoIP技术的日渐成熟,无线VoIP技术应运而生。由于无线网络安全的脆弱性和VoIP系统本身的安全问题使得无线VoIP系统在安全方面存在着各种隐患。为提高无线VoIP的安全性,采用高压缩率的语音编解码技术G.729提高无线VoIP的通话质量;采用高级加密标准(AES算法)加解密采用G.729压缩过的语音信息;选用椭圆曲线密码(ECC算法)传输AES算法中用到的会话密钥;利用混沌系统可以提供可重复的随机数序列且其序列仅与系统参数和初值有关的性质确保了会话密钥的保密性。     

Designing an expert system for fraud detection in private telecommunications networks

Telecommunications fraud not only burdens telecom provider’s accountings but burdens individual users as well. The latter are particularly affected in the case of superimposed fraud where the fraudster uses a legitimate user’s account in parallel with the user. These cases are usually identified after user complaints for excess billing. However, inside the network of a large firm or organization, superimposed fraud may go undetected for some time. The present paper deals with the detection of fraudulent telecom activity inside large organizations’ premises. Focus is given on superimposed fraud detection. The problem is attacked via the construction of an expert system which incorporates both the network administrator’s expert knowledge and knowledge derived from the application of data mining techniques on real world data.     

Learned lessons in credit card fraud detection from a practitioner perspective

Billions of dollars of loss are caused every year due to fraudulent credit card transactions. The design of efficient fraud detection algorithms is key for reducing these losses, and more algorithms rely on advanced machine learning techniques to assist fraud investigators. The design of fraud detection algorithms is however particularly challenging due to non-stationary distribution of the data, highly imbalanced classes distributions and continuous streams of transactions.At the same time public data are scarcely available for confidentiality issues, leaving unanswered many questions about which is the best strategy to deal with them.In this paper we provide some answers from the practitioner’s perspective by focusing on three crucial issues: unbalancedness, non-stationarity and assessment. The analysis is made possible by a real credit card dataset provided by our industrial partner.     

无线Mesh网络中VOIP的QoS性能分析

针对VoIP(Voice over IP)业务在无线Mesh网上进行传输时存在服务质量(QoS)需求难以保证、带宽利用率低的问题,介绍了VoIP的QoS影响因素,分析了端到端时延、时延抖动和丢包率等几个重要参数,并对VoIP在无线Mesh网中的传输性能进行了论述。提出了基于无线Mesh网络的QoS保证机制,可以为端到端的数据传输公平的分配带宽,并能在保证QoS下实现大规模的实时任务的多跳转发。仿真试验表明能有效降低端到端时延,有着更好的QoS性能。     

电信诈骗犯罪侦查浅析

本文介绍了电信诈骗的特点、VoIP工作原理,以及利用VoIP软件改号工作原理,揭示了电信诈骗的主要手段,最后提出了正常经营应采取的措施。     

Artificial immune systems for the detection of credit card fraud: an architecture,prototype and preliminary results

Some biological phenomena offer clues to solving real‐life, complex problems. Researchers have been studying techniques such as neural networks and genetic algorithms for computational intelligence and their applications to such complex problems. The problem of security management is one of the major concerns in the development of eBusiness services and networks. Recent incidents have shown that the perpetrators of cybercrimes are using increasingly sophisticated methods. Hence, it is necessary to investigate non‐traditional mechanisms, such as biological techniques, to manage the security of evolving eBusiness networks and services. Towards this end, this paper investigates the use of an Artificial Immune System (AIS). The AIS emulates the mechanism of human immune systems that save human bodies from complex natural biological attacks. The paper discusses the use of AIS on one aspect of security management, viz. the detection of credit card fraud. The solution is illustrated with a case study on the management of frauds in credit card transactions, although this technique may be used in a range of security management applications in eBusiness.     

ADVS: a reputation-based model on filtering SPIT over P2P-VoIP networks

Interconnection among VoIP networks over the Internet is being an important trend. Therefore, distributed and self-organized VoIP networks are emerging as the times require. Because of VoIP’s cheapness and simplicity, many institutes forecast that it emerges as next spam entryway, like e-mail service. Especially, interconnected VoIP networks are self-organized and lack centralized authority. In this paper, we propose a novel scheme, called ADVS (Anti-Distributed Voice Spam), against SPIT (SPam over Internet Telephony) on the distributed and self-organized VoIP networks. ADVS presents a proper reputation model to evaluate end-user’s past behavior and accumulate other users’ referrals for detecting and filtering spam calls. In the VoIP network, ADVS acts as a middleware of VoIP proxy and constructs a DHT-based P2P network over call proxies and part of P2P-VoIP client to interlink each other and share end-user’s reputation. At the end of the paper, we verify AVDS through building simulation test bed. The results of experiment show that ADVS could detect spam calls accurately and stably.     

Design and implementation of QoS-provisioning system for voice over IP

In this paper, we address issues in implementing voice over IP (VoIP) services in packet switching networks. VoIP has been identified as a critical real-time application in the network QoS research community and has been implemented in commercial products. To provide competent quality of service for VoIP systems comparable to traditional PSTN systems, a call admission control (CAC) mechanism has to be introduced to prevent packet loss and over-queuing. Several well-designed CAC mechanisms, such as the site-utilization-based CAC-and the link-utilization-based CAC mechanisms have been in place. However, the existing commercial VoIP systems have not been able to adequately apply and support these CAC mechanisms and, hence, have been unable to provide QoS guarantees to voice over IP networks. We have designed and implemented a QoS-provisioning system that can be seamlessly integrated with the existing VoIP systems to overcome their weakness in offering QoS guarantees. A practical implementation of our QoS-provisioning system has been realized.     

Transaction aggregation as a strategy for credit card fraud detection

The problem of preprocessing transaction data for supervised fraud classification is considered. It is impractical to present an entire series of transactions to a fraud detection system, partly because of the very high dimensionality of such data but also because of the heterogeneity of the transactions. Hence, a framework for transaction aggregation is considered and its effectiveness is evaluated against transaction-level detection, using a variety of classification methods and a realistic cost-based performance measure. These methods are applied in two case studies using real data. Transaction aggregation is found to be advantageous in many but not all circumstances. Also, the length of the aggregation period has a large impact upon performance. Aggregation seems particularly effective when a random forest is used for classification. Moreover, random forests were found to perform better than other classification methods, including SVMs, logistic regression and KNN. Aggregation also has the advantage of not requiring precisely labeled data and may be more robust to the effects of population drift.     

计算机网络的安全威胁及其防御机制研究

计算机网络正面临着严重的安全威胁,这些威胁主要有端口扫描、网页软件漏洞、拒绝服务攻击、IP欺骗等,而现行的防火墙技术、入侵检测系统、加密技术、虚拟专用网技术等在防范计算机安全威胁方面都有其自身的弱点,因此,必须进一步改进和加强计算机网络安全技术,完善计算机网络安全的有效管理。     

The effect of intention analysis-based fraud detection systems in repeated supply Chain quality inspection: A context of learning and contract

As a result of the information asymmetry on product quality, there is a risk of unethical suppliers defrauding buyers in a supply chain. Buyers often conduct quality inspection on shipments and frame supply contracts to punish quality fraud. Due to cost concerns, buyers need to estimate the suppliers’ fraud possibilities and choose appropriate testing methods and frequencies. As suppliers’ fraud intentions depend on their cost-benefit analysis, it is possible to analyze suppliers’ fraud intention with appropriate modeling of their profit-seeking behavior. In this research, we are interested in how fraud intention analysis may affect the quality inspection process. It should be noted that quality inspection can be a repeated process, with suppliers and buyers conducting multiple rounds of transactions (including transactions with frauds) and learning about each other during the process. Their supply contracts may also affect suppliers’ profit-seeking attitude. We conduct a laboratory experiment to examine the effect of fraud intention analysis systems on inspection decision making considering the learning and contract effects. We put the experiment in the context of a dairy supply chain as a critical and interesting example application. The experiment shows that if there are no strong punitive terms for fraud in the contract, fraud intention analysis can improve buyers’ decision-making efficiency after controlling the learning effect, in terms of decision time, inspection cost, and correctness of rejecting suppliers’ fraudulent shipments.     

基于防火墙的园区网VoIP的安全策略研究

分析了VoIP目前存在的问题,并针对其中的安全问题,提出了基于园区网防火墙技术解决VOIP的安全实施策略.通过防火墙增强的地址转换功能提供了外界对语音设备的访问限制,并有效地防范了TCP的SYN洪泛攻击;通过使用全状态防火墙的应用级检测功能,实现了VoIP的动态访问控制;利用拒绝IP地址欺骗及逆向路径检查技术,为VolP在园区网提供了有效的安全保障.