基于链上数据的区块链欺诈账户检测研究

针对区块链上存在的欺诈账户给交易带来的安全问题,提出了基于机器学习的欺诈账户的检测及特征分析模型,将以太坊上真实的链上数据进行特征提取后作为模型的数据来源,通过对不同的机器学习方法进行比较得到最优模型并进行迭代训练以获得最佳的预测模型,同时引入SHAP值对数据特征进行分析。实验结果表明,基于XGBoost的欺诈账户检测模型在RMSE、MAE和R²三组指标上达到了0.205、0.084和0.833,优于其余的对比模型,并结合SHAP值识别出预测欺诈账户的关键因素,为区块链的交易安全提供决策参考。     

A survey of signature based methods for financial fraud detection

Fraud detection mechanisms support the successful identification of fraudulent system transactions performed through security flaws within deployed technology frameworks while maintaining optimal levels of service delivery and a minimal numbers of false alarms. Knowledge discovery techniques have been widely applied in fraud detection for data analysis and training of supervised learning algorithms to support the extraction of fraudulent account behaviour within static data sets. Escalating costs associated with fraud however have continued to drive the migration towards increasingly proactive methods of fraud detection, to support the real-time screening of transactional data and detection of ambiguous user behaviour prior to transaction completion. This shift in data processing from post to pre data storage significantly reduces the available time within which to evaluate newly arriving system requests and produce an accurate fraud decision, demanding increasingly robust and intelligent user profiling technologies to support advanced fraud detection. This paper provides a comprehensive survey of existing research into account signatures, an innovative account profiling technology which maintains a statistical representation of normal account usage for rapid recalculation in real-time. Fraud detection architectures, processing models and applications to date are critically examined and evaluated with respect to their proactive capabilities for detection of fraud within streaming financial data. Discussion is also presented on challenges which remain within the proactive profiling of account behaviour and future research directions within the signature domain.     

Detecting credit card fraud using expert systems

In this paper, we set forth an expert system model to help alert banks and other financial institutions to fraudulent usage of credit cards. The objective of this model is to identify suspected fraud during the authorization process. The paper presents results from analysis of real data from a Canadian bank. The paper concludes with an estimate of savings from fraud losses.     

面向非平衡数据集的金融欺诈账户检测研究

针对非平衡金融数据集,提出一种银行欺诈账户检测框架iForest-SMOTE。基于账户的动态交易特点,从统计、时序、监督信息维度抽取账户交易行为特征。针对过采样技术ADASYN在金融账户数据集中存在的跨区域样本合成问题,提出一种基于iForest算法的数据集均衡预处理策略,通过iForest算法对数据进行混合采样,在去除多数类噪声数据的同时降低分类器对少数类的学习难度。在此基础上,设计随机森林分类器实现金融欺诈账户检测。在真实金融账户交易数据集上进行实验,结果表明,与ADASYN、SMOTE等采样技术相比,iForest-SMOTE在召回率和准确率方面具有明显优势,F-value值至少能够提升2.13个百分点。     

Re-examining the security issues of ATM systems

The automated teller machine (ATM) system is the well-known system in E-society that provides us with easy access to banking activities, e.g. money transfers between a user's accounts. This article focuses on the security issues of ATM systems. We examine a criminal case concerning large-scale fraudulent cash withdrawals at ATMs around Taiwan. The common tricks used by criminals are copies of cards as well as the use of tiny cameras to record the personal identification numbers of card users. With continued advances in technology, the criminal case can be handled easily. We also discuss security policies to prevent fraudulent cash withdrawals.     

Using the health belief model to explore users' perceptions of ‘being safe and secure’ in the world of technology mediated financial transactions

Fraudulent transactions occurring via the Internet or Automatic Teller Machines (ATMs) present a considerable problem for financial institutions and consumers alike. Whilst a number of technological improvements have helped reduce the likelihood of security breaches, users themselves have an integral role to play in reducing technology mediated fraud. This paper focuses on the role of the user, specifically capturing information about their perceptions and behaviour when using technology to complete financial transactions. Semi-structured interviews with twenty-nine participants were conducted to increase knowledge and understanding in this domain. The findings are guided by the components of the health belief model (HBM) which is used as a framework for exploring critical issues associated with behavioural change. Results indicate that users typically felt safe and secure whilst conducting financial transactions online and at the ATM. The users' perceived level of threat was low mainly because they thought it unlikely that they would be a victim of fraud and because of a reduced sense of responsibility for any negative outcomes. Whilst users were aware at a superficial level of what fraudulent activities take place they were less sure about behaviours designed to counteract fraud and their potential efficacy. Furthermore, security concerns among ATM users were not as high as concerns among Internet users with Internet users appearing to take more individual responsibility for their more personal technologies in more private spaces. The paper concludes with some practical implications based around the HBM suggesting user focused ways forward for encouraging secure behaviour.     

Employing transaction aggregation strategy to detect credit card fraud

Credit card fraud costs consumers and the financial industry billions of dollars annually. However, there is a dearth of published literature on credit card fraud detection. In this study we employed transaction aggregation strategy to detect credit card fraud. We aggregated transactions to capture consumer buying behavior prior to each transaction and used these aggregations for model estimation to identify fraudulent transactions. We use real-life data of credit card transactions from an international credit card operation for transaction aggregation and model estimation.     

A cost-sensitive decision tree approach for fraud detection

With the developments in the information technology, fraud is spreading all over the world, resulting in huge financial losses. Though fraud prevention mechanisms such as CHIP&PIN are developed for credit card systems, these mechanisms do not prevent the most common fraud types such as fraudulent credit card usages over virtual POS (Point Of Sale) terminals or mail orders so called online credit card fraud. As a result, fraud detection becomes the essential tool and probably the best way to stop such fraud types. In this study, a new cost-sensitive decision tree approach which minimizes the sum of misclassification costs while selecting the splitting attribute at each non-terminal node is developed and the performance of this approach is compared with the well-known traditional classification models on a real world credit card data set. In this approach, misclassification costs are taken as varying. The results show that this cost-sensitive decision tree algorithm outperforms the existing well-known methods on the given problem set with respect to the well-known performance metrics such as accuracy and true positive rate, but also a newly defined cost-sensitive metric specific to credit card fraud detection domain. Accordingly, financial losses due to fraudulent transactions can be decreased more by the implementation of this approach in fraud detection systems.     

Feature Extraction Method Based on Social Network Analysis

Due to rapid development of Internet technology and electronic business, fraudulent activities have increased. One of the ways to cope with damages of them is fraud detection. In this field, there is a need for methods accurate and fast. Therefore, a novel and efficient feature extraction method based on social network analysis called FEMBSNA is proposed for fraud detection in banking accounts. In this method, in order to increase accuracy and control runtime in the first step, features based on network level are considered using social network analysis and extracted feature is combined with other features based on user level in the next phase. To evaluate our feature extraction method, we use PCK-means method as a basic method to learn. The results show using the proposed feature extraction as a pre-processing step in fraud detection improves the accuracy remarkably while it controls runtime in comparison with other methods.     

Adaptive Fraud Detection

One method for detecting fraud is to check for suspicious changes in user behavior. This paper describes the automatic design of user profiling methods for the purpose of fraud detection, using a series of data mining techniques. Specifically, we use a rule-learning program to uncover indicators of fraudulent behavior from a large database of customer transactions. Then the indicators are used to create a set of monitors, which profile legitimate customer behavior and indicate anomalies. Finally, the outputs of the monitors are used as features in a system that learns to combine evidence to generate high-confidence alarms. The system has been applied to the problem of detecting cellular cloning fraud based on a database of call records. Experiments indicate that this automatic approach performs better than hand-crafted methods for detecting fraud. Furthermore, this approach can adapt to the changing conditions typical of fraud detection environments.     

电话诈骗识别系统的设计与实现

本文将当前频发的电话诈骗问题与人工智能技术相结合,设计并实现了一个基于卷积神经网络的电话诈骗识别系统,该系统首先清洗并处理已采集的大批量用户话单数据,将其构建成用户特征图片,然后使用基于卷积神经网络技术构造的电话诈骗识别模型,对输入的用户通话特征图片进行挖掘,识别出诈骗人员的用户行为,从而帮助人们在通话初期提前识别出诈骗电话。     

A novel two-stage phased modeling framework for early fraud detection in online auctions

Reported dollar losses from online auction fraud were over $43M in 2008 in the US (NW3C, 2009). In general, reputation systems provided by online auction sites are the most common countermeasure available for buyers to evaluate a seller’s credit. Unfortunately, feedback score mechanisms are too easily manipulated, creating falsely overrated reputations. In addition, existing research on online auction fraud shows that a more complicated reputation management system could weaken the motivation of committing a fraud. However, very few of the previous work addresses the most important issue of a fraud detection mechanism is to discover a fraudster before he defrauds as early as possible. Therefore, developing an effective early fraud detection mechanism is necessary to prevent fraud for online auction participants.This paper proposes a novel two-stage phased modeling framework that integrates hybrid-phased models with a successive filtering procedure to identify latent fraudsters by examining the phased features of potential fraudsters’ lifecycles. This framework improves the performance of identifying latent fraudsters disguising as legitimate accounts with diverse features. In addition, a composite of measuring attributes we devised in this study is also helpful in modeling fraudulent behavior. To demonstrate the effectiveness of the proposed methods, real transaction data were collected from Yahoo!Taiwan (http://tw.bid.yahoo.com/) for training and testing. The experimental results show that the true positive rate of detecting fraudsters is over 93% on average. Furthermore, the proposed framework can significantly improve the precision and the success rate of fraud detection; the experimental results also show that the fraud detection models constructed by conventional methods are ineffective in detecting latent fraudsters.     

Designing an expert system for fraud detection in private telecommunications networks

Telecommunications fraud not only burdens telecom provider’s accountings but burdens individual users as well. The latter are particularly affected in the case of superimposed fraud where the fraudster uses a legitimate user’s account in parallel with the user. These cases are usually identified after user complaints for excess billing. However, inside the network of a large firm or organization, superimposed fraud may go undetected for some time. The present paper deals with the detection of fraudulent telecom activity inside large organizations’ premises. Focus is given on superimposed fraud detection. The problem is attacked via the construction of an expert system which incorporates both the network administrator’s expert knowledge and knowledge derived from the application of data mining techniques on real world data.     

Feature engineering strategies for credit card fraud detection

Every year billions of Euros are lost worldwide due to credit card fraud. Thus, forcing financial institutions to continuously improve their fraud detection systems. In recent years, several studies have proposed the use of machine learning and data mining techniques to address this problem. However, most studies used some sort of misclassification measure to evaluate the different solutions, and do not take into account the actual financial costs associated with the fraud detection process. Moreover, when constructing a credit card fraud detection model, it is very important how to extract the right features from the transactional data. This is usually done by aggregating the transactions in order to observe the spending behavioral patterns of the customers. In this paper we expand the transaction aggregation strategy, and propose to create a new set of features based on analyzing the periodic behavior of the time of a transaction using the von Mises distribution. Then, using a real credit card fraud dataset provided by a large European card processing company, we compare state-of-the-art credit card fraud detection models, and evaluate how the different sets of features have an impact on the results. By including the proposed periodic features into the methods, the results show an average increase in savings of 13%.     

Data Mining techniques for the detection of fraudulent financial statements

This paper explores the effectiveness of Data Mining (DM) classification techniques in detecting firms that issue fraudulent financial statements (FFS) and deals with the identification of factors associated to FFS. In accomplishing the task of management fraud detection, auditors could be facilitated in their work by using Data Mining techniques. This study investigates the usefulness of Decision Trees, Neural Networks and Bayesian Belief Networks in the identification of fraudulent financial statements. The input vector is composed of ratios derived from financial statements. The three models are compared in terms of their performances.     

点击欺诈群体检测与发现*

在线广告中的欺诈点击(click fraud)是指所有利用欺诈性手段或带有欺诈意图并被搜索引擎承认的点击行为。传统点击欺诈检测主要集中在检测个体用户点击的合法性。然而,目前存在很多的发布商雇佣大批网络用户,以群体形式进行欺诈点击。针对这一问题,提出了一种检测点击欺诈群组的方法。首先使用频繁项集挖掘算法来发现共同点击过大量广告的个体用户,作为疑似欺诈组。然后,在对组内用户点击行为属性分析的基础上,运用孤立点检测方法找到与组内其它用户有显著差异的疑似欺诈用户。最后,运用贝叶斯分类方法对检测到的所有疑似欺诈成员分类,得到真正的欺诈群组和欺诈用户。在真实数据集上的实验结果证明了方法的可行性与有效性。     

Analysis of fraudulent behavior strategies in online auctions for detecting latent fraudsters

Online auction fraudsters constantly monitor the contextual situations of the auction and change their behavior strategies accordingly to distract the attention of their targets. This flipping of behavior makes it difficult to identify fraudsters. Thus, legitimate traders need appropriate countermeasures to avoid becoming victimized. To help online auction users detect fraudsters as early as possible, this study develops a systematic method to discover the fraudulent strategies from proven cases of online auction fraud. First, according to the results of cluster analysis on the proven fraudsters, four typical types of fraud are identified, which are Aggressive, Classical, Luxury and Low-profiled. To provide better insight, a strategy is further represented by a series of status transitions. Hidden statuses of latent fraudsters are discovered by applying X-means clustering to the phased profiles of their transaction histories. As a result, various strategies can be extracted by such a systematic method and interesting characteristics are found in these strategies. For example, about 80% fraudsters in the Yahoo!Taiwan auction site flip their behavior no more than two times, which is not as complicated as expected originally. Based on these discovered fraudulent statuses, a high-resolution fraud detection method is performed to classify suspects into legitimate users or fraudsters in different statuses, potentially improving overall detection accuracy. A two-way monitoring procedure is then proposed to successively examine the statuses of a suspicious account. Analysis shows that the two-way monitoring method is promising for better detection of well-camouflaged fraudsters.     

Mining for fraud

As technological advances open new avenues for communications and commerce, they also open new markets for fraud. To combat fraud, vulnerable businesses subject their databases of customer transactions to several data mining techniques that search for patterns indicative of fraud. The difficulty is that real-life fraud takes many different forms and is constantly evolving. Thus, one big challenge in fraud detection is coming up with algorithms that can learn to recognize a great variety of fraud scenarios and adapt to identify and predict new scenarios. Another challenge is creating systems that work quickly enough to detect fraudulent activities as they occur.     

Exploiting the Community Structure of Fraudulent Keywords for Fraud Detection in Web Search

Internet users heavily rely on web search engines for their intended information.The major revenue of search engines is advertisements (or ads).However,the search advertising suffers from fraud.Fraudsters generate fake traffic which does not reach the intended audience,and increases the cost of the advertisers.Therefore,it is critical to detect fraud in web search.Previous studies solve this problem through fraudster detection (especially bots) by leveraging fraudsters' unique behaviors.However,they may fail to detect new means of fraud,such as crowdsourcing fraud,since crowd workers behave in part like normal users.To this end,this paper proposes an approach to detecting fraud in web search from the perspective of fraudulent keywords.We begin by using a unique dataset of 150 million web search logs to examine the discriminating features of fraudulent keywords.Specifically,we model the temporal correlation of fraudulent keywords as a graph,which reveals a very well-connected community structure.Next,we design DFW (detection of fraudulent keywords) that mines the temporal correlations between candidate fraudulent keywords and a given list of seeds.In particular,DFW leverages several refinements to filter out non-fraudulent keywords that co-occur with seeds occasionally.The evaluation using the search logs shows that DFW achieves high fraud detection precision (99％) and accuracy (93％).A further analysis reveals several typical temporal evolution patterns of fraudulent keywords and the co-existence of both bots and crowd workers as frandsters for web search fraud.