Detecting online auction shilling frauds using supervised learning

Online auction sites are a target for fraud due to their anonymity, number of potential targets and low likelihood of identification. Researchers have developed methods for identifying fraud. However, these methods must be individually tailored for each type of fraud, since each differs in the characteristics important for their identification. Using supervised learning methods, it is possible to produce classifiers for specific types of fraud by providing a dataset where instances with behaviours of interest are assigned to a separate class. However this requires multiple labelled datasets: one for each fraud type of interest. It is difficult to use real-world datasets for this purpose since they are difficult to label, often limited in size, and contain zero or multiple suspicious behaviours that may or may not be under investigation.The aims of this work are to: (1) demonstrate the approach of using supervised learning together with a validated synthetic data generator to create fraud detection models that are experimentally more accurate than existing methods and that is effective over real data, and (2) to evaluate a set of features for use in general fraud detection is shown to further improve the performance of the created detection models.The approach is as follows: the data generator is an agent-based simulation modelled on users in commercial online auction data. The simulation is extended using fraud agents which model a known type of online auction fraud called competitive shilling. These agents are added to the simulation to produce the synthetic datasets. Features extracted from this data are used as training data for supervised learning. Using this approach, we optimise an existing fraud detection algorithm, and produce classifiers capable of detecting shilling fraud.Experimental results with synthetic data show the new models have significant improvements in detection accuracy. Results with commercial data show the models identify users with suspicious behaviour.     

基于概率图的银行电信诈骗检测方法

近几年,经由电信网络实施的诈骗频发,给银行用户带来了巨大的经济损失。现有的银行欺诈检测方法通常先提取账户交易的RFM(Recency,Frequency,Monetary Value)特征,然后采用有监督的方法训练分类器来识别诈骗交易。但是,这类方法没有考虑交易网络的结构特征。电信诈骗具有明显的集团特性,在交易网络中会呈现出特定的结构特征,使用交易网络的结构特征有助于识别电信诈骗。针对电信诈骗的集团特性,设计相应的马尔可夫网络用于识别电信诈骗中的欺诈账户。给出了该马尔可夫网络的线性迭代优化式,并证明了其理论收敛条件。最后在模拟数据和真实数据上测试了所提方法的性能,并将其与CIA和SybilRank进行比较。实验结果表明,所提方法具有更低的假阳性和更好的抗噪性。在真实数据上,将基于账户交易特征的方法与所提方法结合,可以取得比单独使用两种方法更好的识别性能。     

Improved competitive learning neural networks for network intrusion and fraud detection

In this research, we propose two new clustering algorithms, the improved competitive learning network (ICLN) and the supervised improved competitive learning network (SICLN), for fraud detection and network intrusion detection. The ICLN is an unsupervised clustering algorithm, which applies new rules to the standard competitive learning neural network (SCLN). The network neurons in the ICLN are trained to represent the center of the data by a new reward-punishment update rule. This new update rule overcomes the instability of the SCLN. The SICLN is a supervised version of the ICLN. In the SICLN, the new supervised update rule uses the data labels to guide the training process to achieve a better clustering result. The SICLN can be applied to both labeled and unlabeled data and is highly tolerant to missing or delay labels. Furthermore, the SICLN is capable to reconstruct itself, thus is completely independent from the initial number of clusters.To assess the proposed algorithms, we have performed experimental comparisons on both research data and real-world data in fraud detection and network intrusion detection. The results demonstrate that both the ICLN and the SICLN achieve high performance, and the SICLN outperforms traditional unsupervised clustering algorithms.     

基于迁移学习的讽刺检测

准确的讽刺检测对于情感分析等任务至关重要.传统的方法严重依赖于离散的人工制定的特征.现有的研究大多将讽刺检测作为一种标准的监督学习文本分类任务,但是监督学习需要有大量数据,而这些数据的收集和标注都存在困难.由于目标任务有限的数据集可能导致讽刺检测的低性能,为此将讽刺检测作为一种迁移学习任务,将讽刺标记文本的监督学习与外部分析资源的知识转移相结合.通过转移的资源知识来改进神经网络模型,以此提升对目标任务的检测性能.在公开可用的数据集上的实验结果表明,提出的基于迁移学习的讽刺检测模型优于现有较先进的讽刺检测模型.     

Error detection through mouse movement in an online adaptive learning environment

While response time and accuracy indicate overall performance, their value in uncovering cognitive processes, underlying learning, is limited. A promising online measure, designed to track decision-making, is computer mouse tracking, where mouse attraction towards different locations may reflect the consideration of alternative response options. Using a speedy arithmetic multiple-choice game in an online adaptive learning environment, we examined whether mouse movements could reflect arithmetic difficulties when error rates are low. Results showed that mouse movements towards alternative responses in correctly answered questions mapped onto the frequency of errors made in this online learning system. This mapping was stronger for the younger children, as well as for easy arithmetic problems. On an individual level, users showed more mouse movement towards their previously made response errors than towards other alternative options. This opens the possibility of adapting feedback and instruction on an individual basis through mouse tracking.     

基于深度学习的安卓恶意应用检测

针对传统安卓恶意程序检测技术检测准确率低,对采用了重打包和代码混淆等技术的安卓恶意程序无法成功识别等问题,设计并实现了DeepDroid算法。首先,提取安卓应用程序的静态特征和动态特征,结合静态特征和动态特征生成应用程序的特征向量;然后,使用深度学习算法中的深度置信网络（DBN）对收集到的训练集进行训练,生成深度学习网络;最后,利用生成的深度学习网络对待测安卓应用程序进行检测。实验结果表明,在使用相同测试集的情况下,DeepDroid算法的正确率比支持向量机（SVM）算法高出3.96个百分点,比朴素贝叶斯（Naive Bayes）算法高出12.16个百分点,比K最邻近（KNN）算法高出13.62个百分点。DeepDroid算法结合了安卓应用程序的静态特征和动态特征,采用了动态检测和静态检测相结合的检测方法,弥补了静态检测代码覆盖率不足和动态检测误报率高的缺点,在特征识别的部分采用DBN算法使得网络训练速度得到保证的同时还有很高的检测正确率。     

Incremental learning framework for real‐world fraud detection environment

For detecting malicious bidding activities in e‐auctions, this study develops a chunk‐based incremental learning framework that can operate in real‐world auction settings. The self‐adaptive framework first classifies incoming bidder chunks to counter fraud in each auction and take necessary actions. The fraud classifier is then adjusted with confident bidders' labels validated via bidder verification and one‐class classification. Based on real fraud data produced from commercial auctions, we conduct an extensive experimental study wherein the classifier is adapted incrementally using only relevant bidding data while evaluating the subsequent adjusted models' detection and misclassification rates. We also compare our classifier with static learning and learning without data relevancy.     

基于机器学习算法的主机恶意代码检测技术研究

对机器学习算法下主机恶意代码检测的主流技术途径进行了研究,分别针对静态、动态这2种分析模式下的检测方案进行了讨论,涵盖了恶意代码样本采集、特征提取与选择、机器学习算法分类模型的建立等要点。对机器学习算法下恶意代码检测的未来工作与挑战进行了梳理。为下一代恶意代码检测技术的设计和优化提供了重要的参考。     

Identifying composite crosscutting concerns through semi‐supervised learning

Aspect mining improves the modularity of legacy software systems through identifying their underlying crosscutting concerns (CCs). However, a realistic CC is a composite one that consists of CC seeds and relative program elements, which makes it a great challenge to identify a composite CC. In this paper, inspired by the state‐of‐the‐art information retrieval techniques, we model this problem as a semi‐supervised learning problem. First, the link analysis technique is adopted to generate CC seeds. Second, we construct a coupling graph, which indicates the relationship between CC seeds. Then, we adopt community detection technique to generate groups of CC seeds as constraints for semi‐supervised learning, which can guide the clustering process. Furthermore, we propose a semi‐supervised graph clustering approach named constrained authority‐shift clustering to identify composite CCs. Two measurements, namely, similarity and connectivity, are defined and seeded graph is generated for clustering program elements. We evaluate constrained authority‐shift clustering on numerous software systems including large‐scale distributed software system. The experimental results demonstrate that our semi‐supervised learning is more effective in detecting composite CCs. Copyright © 2013 John Wiley & Sons, Ltd.     

The effect of intention analysis-based fraud detection systems in repeated supply Chain quality inspection: A context of learning and contract

As a result of the information asymmetry on product quality, there is a risk of unethical suppliers defrauding buyers in a supply chain. Buyers often conduct quality inspection on shipments and frame supply contracts to punish quality fraud. Due to cost concerns, buyers need to estimate the suppliers’ fraud possibilities and choose appropriate testing methods and frequencies. As suppliers’ fraud intentions depend on their cost-benefit analysis, it is possible to analyze suppliers’ fraud intention with appropriate modeling of their profit-seeking behavior. In this research, we are interested in how fraud intention analysis may affect the quality inspection process. It should be noted that quality inspection can be a repeated process, with suppliers and buyers conducting multiple rounds of transactions (including transactions with frauds) and learning about each other during the process. Their supply contracts may also affect suppliers’ profit-seeking attitude. We conduct a laboratory experiment to examine the effect of fraud intention analysis systems on inspection decision making considering the learning and contract effects. We put the experiment in the context of a dairy supply chain as a critical and interesting example application. The experiment shows that if there are no strong punitive terms for fraud in the contract, fraud intention analysis can improve buyers’ decision-making efficiency after controlling the learning effect, in terms of decision time, inspection cost, and correctness of rejecting suppliers’ fraudulent shipments.     

基于几何分析的迭代学习控制快速算法

基于几何分析, 对迭代学习控制问题进行了讨论. 在这种几何框架下获得了与目前算法完全不同的快速算法, 为迭代学习控制的研究开辟了一条全新的途径. 这种基于几何理论的新途径, 能明确的指引人们应该怎样去设计更好的学习算法, 而不是像目前的研究结果那样, 总是囿于Arimoto(1984)所提出的最基本的算法形式之中. 数值仿真结果表明新算法的有效性与优越性.     

Cultivating a longitudinal learning process through recurring crisis management training exercises in twelve Swedish municipalities

This study illustrates how crisis management capability is developed in series of recurring exercises, rather than in one single exercise. Over one hundred table‐top and role‐playing exercises were performed and evaluated in a longitudinal cross‐case action research study in 12 Swedish municipalities. By consciously adapting training formats, municipalities were lead through three learning phases: obtaining role understanding (phase 1: knowing what to do), developing information management skills (phase 2: knowing how to do it), and mastering self‐reflection in regular time‐outs (phase 3: knowing when and why to do something). This final learning outcome, being able to concurrently execute, evaluate, and reorganize an ongoing crisis management performance, may be the most valuable capability of a crisis management organization when crisis strikes.     

A community of practice approach to the development of non-traditional learners through networked learning

Abstract This paper analyses a sample of online discussions to evaluate the development of adult learners as reflective practitioners within a networked learning community. The context for our study is a blended learning course offering post-experience professional training to non-traditional university students. These students are parents and carers of people with autistic spectrum disorder (ASD). We use Lave and Wenger's 'communities of practice' as a theoretical framework for establishing how students develop a learning community based upon mutual engagement, joint enterprise and shared repertoires. Those three aspects are analysed according to two measures. The first focuses on learner appropriation of the professional discourse, values and goals of the ASD carer through the network. The second relates to changes in the quality of collaborative activity over time. Our analysis demonstrates that students belong to an overarching community of practice, with different subsets who work at sharing and co-constructing common understandings. This shared discourse and common notions of what constitutes good practice help create a safe interaction space for the students. Once group identity is consolidated, more challenging questions emerge and the group are able to define further common values, understandings and goals through processes of resolution.     

Brain Tumor Segmentation through Level Based Learning Model

Brain tumors are potentially fatal presence of cancer cells over a human brain, and they need to be segmented for accurate and reliable planning of diagnosis. Segmentation process must be carried out in different regions based on which the stages of cancer can be accurately derived. Glioma patients exhibit a different level of challenge in terms of cancer or tumors detection as the Magnetic Resonance Imaging (MRI) images possess varying sizes, shapes, positions, and modalities. The scanner used for sensing the location of tumors cells will be subjected to additional protocols and measures for accuracy, in turn, increasing the time and affecting the performance of the entire model. In this view, Convolutional Neural Networks deliver suitable models for efficient segmentation and thus delivered promising results. The previous strategies and models failed to adhere to diversity of sizes and shapes, proving to be a well-established solution for detecting tumors of bigger size. Tumors tend to be smaller in size and shape during their premature stages and they can easily evade the algorithms of Convolutional Neural Network (CNN). This proposal intends to furnish a detailed model for sensing early stages of cancer and hence perform segmentation irrespective of the current size and shape of tumors. The size of networks and layers will lead to a significant weightage when multiple kernel sizes are involved, especially in multi-resolution environments. On the other hand, the proposed model is designed with a novel approach including a dilated convolution and level-based learning strategy. When the convolution process is dilated, the process of feature extraction deals with multiscale objective and level-based learning eliminates the shortcoming of previous models, thereby enhancing the quality of smaller tumors cells and shapes. The level-based learning approach also encapsulates the feature reconstruction processes which highlights the sensing of small-scale tumors growth. Inclusively, segmenting the images is performed with better accuracy and hence detection becomes better when compared to that of hierarchical approaches.     

基于混合深度学习的多类型低速率DDoS攻击检测方法

低速率分布式拒绝服务攻击针对网络协议自适应机制中的漏洞实施攻击,对网络服务质量造成了巨大威胁,具有隐蔽性强、攻击速率低和周期性的特点。现有检测方法存在检测类型单一和识别精度低的问题,因此提出了一种基于混合深度学习的多类型低速率DDo S攻击检测方法。模拟不同类型的低速率DDo S攻击和5G环境下不同场景的正常流量,在网络入口处收集流量并提取其流特征信息,得到多类型低速率DDo S攻击数据集;从统计阈值和特征工程的角度,分别分析了不同类型低速率DDo S攻击的特征,得到了40维的低速率DDo S攻击有效特征集;基于该有效特征集采用CNN-RF混合深度学习算法进行离线训练,并对比该算法与LSTM-Light GBM和LSTM-RF算法的性能;在网关处部署CNN-RF检测模型,实现了多类型低速率DDo S攻击的在线检测,并使用新定义的错误拦截率和恶意流量检测率指标进行了性能评估。结果显示,在120 s的时间窗口下,所提方法能够在线检测出4种类型的低速率DDo S攻击,包括Slow Headers攻击、Slow Body攻击、SlowRead攻击和Shrew攻击,错误拦截率达到11.03%,恶...     

Gait analysis for human identification through manifold learning and HMM

With the increasing demands of visual surveillance systems, human identification at a distance has gained more attention from the researchers recently. Gait analysis can be used as an unobtrusive biometric measure to identify people at a distance without any attention of the human subjects. We propose a novel effective method for both automatic viewpoint and person identification by using only the silhouette sequence of the gait. The gait silhouettes are nonlinearly transformed into low-dimensional embedding by Gaussian process latent variable model (GP-LVM), and the temporal dynamics of the gait sequences are modeled by hidden Markov models (HMMs). The experimental results show that our method has higher recognition rate than the other methods.     

The expression of social presence through the use of figurative language in a web-based learning environment

The present paper’s aim is to investigate how the participants of an online learning environment employed written language in a creative way through the spontaneous use of figurative language. The content analysis showed that figurative language was a means to express the social dimension either to refer to the self, feelings and emotions, or to conceptualize the components of the virtual learning setting. The research context was a 10-week course, delivered at a distance via a computer conferencing system, addressed to 57 student teachers. The analysis was carried out in the social and meta-cognitive reflection areas, those areas which are mainly related to the expression of the social dimension The study had three different purposes: to investigate the distribution of figurative language during the course length; to explore the relation between the participants’ educational background and their use of figurative language, and to examine the relation between figurative language and the structure of the communication threads. The results indicate that participants tended to use figurative language more when meaningful or critical events happened. The higher the emotional involvement was, the more metaphorical language was adopted. Further results suggest that the adoption of figurative language seems to be related more to individual attitude, than to other factors such as educational background. Finally, figurative language occurrences were not concentrated in specific kinds of postings or threads and did not encourage further use of figurative language.     

Toward in-situ flaw detection in laser powder bed fusion additive manufacturing through layerwise imagery and machine learning

Process monitoring in additive manufacturing may allow components to be certified cheaply and rapidly and opens the possibility of healing defects, if detected. Here, neural networks (NNs) and convolutional neural networks (CNNs) are trained to detect flaws in layerwise images of a build, using labeled XCT data as a ground truth. Multiple images were recorded after each layer before and after recoating with various lighting conditions. Classifying networks were given a single image or multiple images of various lighting conditions for training and testing. CNNs demonstrated significantly better performance than NNs across all tasks. Furthermore, CNNs demonstrated improved generalizability, i.e., the ability to generalize to more diverse data than either the training or validation data sets. Specifically, CNNs trained on high-resolution layerwise images from one build showed minimal loss in performance when applied to data from an independent build, whereas the performance of the NNs degraded significantly. CNN accuracy was also demonstrated to be a function of flaw size, suggesting that smaller flaws may be produced by mechanisms that do not alter the surface morphology of the build plate. CNNs demonstrated accuracies of 93.5 % on large (>200 μm) flaws when testing and training on components from the same build and accuracies of 87.3 % when testing on a previously unseen build. Finally, evidence linking the formation of large lack-of-fusion defects to the presence of process ejecta is presented.     

Assessing facial beauty through proportion analysis by image processing and supervised learning

Perception of universal facial beauty has long been debated amongst psychologists and anthropologists. In this paper, we perform experiments to evaluate the extent of universal beauty by surveying a number of diverse human referees to grade a collection of female facial images. Results obtained show that there exists a strong central tendency in the human grades, thus exhibiting agreement on beauty assessment. We then trained an automated classifier using the average human grades as the ground truth and used it to classify an independent test set of facial images. The high accuracy achieved proves that this classifier can be used as a general, automated tool for objective classification of female facial beauty. Potential applications exist in the entertainment industry, cosmetic industry, virtual media, and plastic surgery.