基于网络表示学习的区块链异常交易检测

由于具有巨大的流通市值、庞大的用户量和账户匿名性的特点,区块链交易频繁受到盗窃、庞氏骗局、欺诈等异常行为的威胁。针对区块链异常交易,提出一种网络表示学习模型DeepWalk-Ba用于特征提取,以比特币为例,对区块链交易的网络结构和属性进行学习,从交易的邻域结构中挖掘隐含信息作为节点特征,再使用5种有监督和1种无监督的机器学习算法进行异常检测。实验表明,有监督模型随机森林表现最好,达到了99.3%的精确率和86.4%的召回率,比使用传统的特征提取方法的异常检测模型具有更好的检测效果。     

基于区块链的应用系统开发方法研究

本文从区块链的技术层面及应用层面分析其特征,并给出区块链的分类。挖掘区块链的设计需求,针对区块链的一致性和可扩展性的应用需求进行深入分析。对区块链的应用系统开发方法及区块链建模进行研究,提出了账户区块链（account blockchain,简称ABC）和交易区块链（trading blockchain,简称TBC）的双链设计模型。对智能合约进行深入剖析,提出了链上代码并行执行模型应用原则。最后对区块链应用技术进行总结和展望。     

基于联盟链的能源交易数据隐私保护方案

区块链技术可以有效地解决分布式能源交易系统中的信任缺失、恶意篡改和虚假交易等问题,但区块链开放、透明的特性使得基于区块链的能源交易系统极易受到攻击,导致用户隐私泄露。为此,提出了一种基于差分隐私算法和账户映射技术的隐私保护方案BLDP-AM(Blockchain Local Differential Privacy-Account Mapping),用于保护交易数据的隐私。该方案重新设计了本地差分隐私算法的数据扰动机制使之适用于区块链技术,并基于该扰动机制构造了BLDP(Blockchain Local Differential Privacy)算法来保护交易数据的隐私。同时,为了保证交易正确性以及隐藏交易曲线特征,该方案首先通过账户映射(Account Mapping, AM)技术实现用户与多个账户关联,然后采用指数平滑预测(Exponential Smoothing Prediction, ESP)算法计算各账户的交易预测值,最后使用BLDP算法扰动交易预测值来获得真实交易值并进行交易。通过隐私分析证明了该方案在保护数据隐私方面的可行性,且实验分析表明该方案具有较好的性能。     

基于交易特征对以太网多类型非法账户的分析与预测

日益频繁的非法交易行为妨害以太坊安全交易,针对电子货币的匿名性使得非法交易行为难于跟踪分析问题。以太坊平台交易数据作为数据源,以被标记得非法账户和未标记的正常账户数据集作为训练集,利用交易数据的特征属性为构造基础,通过CatBoost算法对其中包含多种类型的非法账户进行整体预测。其过程通过T-SNE算法实现交易特征的降维可视化,采用多倍交叉验证,引入SHAP value因子判断特征影响的正负属性,所建立模型的预测效果准确率达到了94.29%,感受者曲线下面积（AUC）数值的评估度量达到了0.984 6。建议的方案能较为准确地预测以太坊交易平台上存在的非法行为,有效改善基于区块链的交易环境。     

基于联盟区块链的安全能源交易方案

目前区块链技术广泛应用于车载网、能源互联网、智能电网等领域，但攻击者可以结合社会工程学与数据挖掘算法获取用户记录在区块链网络中的隐私数据，尤其是微网中相邻能源节点之间由于博弈产生的数据更容易导致隐私的泄露。为了解决这一安全问题，基于联盟区块链技术提出一个以一对多的能源节点账户匹配机制为核心的安全能源互联网交易模型。该模型主要通过新账户的生成来防止攻击者通过数据挖掘算法从交易记录中获取能源节点的账户、地理位置、能源使用情况等隐私数据。仿真实验结合联盟链的特点、能源节点新账户生成数量、交易验证时间变化情况，给出对隐私保护性能、交易效率、安全性效率的分析结果。实验结果表明，所提模型在交易发起和验证阶段所需时间较少，具有较高的安全性，且模型能对相邻用户间的交易趋势进行隐藏。所提方案能够很好地适用于能源互联网交易场景。     

基于分布式异常检测的电网区块链安全防护方案

区块链具有去中心化、可追溯和不可篡改等特点,与智能电网的设计需求相契合。虽然区块链为电力交易账本及操作提供了强大的加密保护,但底层的区块链网络仍然容易受到潜在攻击行为的威胁。为了进一步了解电网区块链网络生态的潜在运行规律,提升电网区块链网络针对非法交易行为及已知甚至未知攻击行为的安全防护能力,设计了一种基于实时数据分布式异常检测的电网区块链安全防护方案,将深度学习模型与区块链技术相结合,实时收集区块链网络中的多维度运行数据,并利用数据降维技术对所收集的多维样本数据进行数据特征降维;基于深度学习的异常检测技术构建电网区块链网络数据预测模型的分布式应用架构,通过超参数搜索方法多轮优化预测模型;将已降维样本数据通过预测模型,输出对应输入序列的时序预测结果,并将预测结果与实时数据通过分类器判定,对于判定结果为异常的节点进行访问控制权限限制,以达到安全防护目的。     

区块链技术综述

基于区块链整体架构介绍技术栈层级,以比特币为例分析区块链工作原理,从分布式账本的角度描述区块链账本存储模型和账本分类情况。区块链中的数据通过共识算法在全网传播、达成共识并存储。在不存在可信第三方的情况下,利用智能合约实现交易、事务及分布式应用的独立运行,保证区块链数据的完整性、安全性及合法性。同时将哈希算法与默克尔树相结合降低区块链存储空间,基于数字签名算法为区块链参与者提供匿名身份证明,并使用加解密技术进一步保护区块链数据隐私。针对区块链安全、隐私保护、钱包管理等问题对当前研究的不足和未来的研究方向进行分析和展望。     

基于星火区块链的跨链机制

针对当前区块链技术飞速发展的过程中,不同区块链之间相对孤立,数据不能交互共享的问题,提出一种基于星火区块链的跨链机制.首先,对常见跨链技术和当前主流跨链项目作了分析,研究了不同技术和项目的实现原理,并总结了它们的区别和优缺点;然后,利用主子链模式的区块链架构,设计了智能合约组件、交易校验组件、交易超时组件等关键核心组件...     

基于同态加密的区块链交易数据隐私保护方案

区块链技术因其去中心化、去信任、防篡改等特性而被广泛认为是一种很有前景的应用方案.然而分布式系统的高度自主性,使得使用受信任的加密技术来确保公开网络环境中用户的隐私和信息安全显得尤为重要.本文提出基于同态加密算法的交易数据隐私保护方案,在不依赖可信第三方的情况下,为用户在区块链交易中提供完整且可靠的隐私保护机制.为了克服区块链交易费用较高和确认时间过长带来的不可扩展问题,使用基于支付渠道网络的支付方案在支持快速和频繁的交易的同时赋予链下交易的账户余额以及交易金额完整的隐私保护机制.在交易安全和隐私保护需求背景下对该方案进行了安全性分析和性能评估,结果表明该方案在利用区块链保护基础交易的同时实现了交易数据的完整机密性.     

区块链下电力数据的统一监管与共享交易模型

传统模式下能源数据正面临着易篡改、复制和泄密等安全风险,难以实现可信可靠的数据监管和共享。因此,以私有链、联盟链和公有链三种类型区块链搭建能源数据监管和交易逻辑架构,着重分析了区块链支撑数据的分布式存储、防篡改、可溯源监管和交易机制。并且以不同发电厂的数据类型为例,结合发电集团大数据分析结果模型,提出基于区块链的电力数据统一监管与共享交易模型,设计基于摘要目录树集中式检索的电力数据共享交易第三方平台,形成了区块链下以"弱化第三方数据集中托管中心,强化点对点交易"为特点的数据共享交易机制。     

Identifying the signs of fraudulent accounts using data mining techniques

In today’s technological society there are various new means to commit fraud due to the advancement of media and communication networks. One typical fraud is the ATM phone scams. The commonality of ATM phone scams is basically to attract victims to use financial institutions or ATMs to transfer their money into fraudulent accounts. Regardless of the types of fraud used, fraudsters can only collect victims’ money through fraudulent accounts. Therefore, it is very important to identify the signs of such fraudulent accounts and to detect fraudulent accounts based on these signs, in order to reduce victims’ losses. This study applied Bayesian Classification and Association Rule to identify the signs of fraudulent accounts and the patterns of fraudulent transactions. Detection rules were developed based on the identified signs and applied to the design of a fraudulent account detection system. Empirical verification supported that this fraudulent account detection system can successfully identify fraudulent accounts in early stages and is able to provide reference for financial institutions.     

A survey of signature based methods for financial fraud detection

Fraud detection mechanisms support the successful identification of fraudulent system transactions performed through security flaws within deployed technology frameworks while maintaining optimal levels of service delivery and a minimal numbers of false alarms. Knowledge discovery techniques have been widely applied in fraud detection for data analysis and training of supervised learning algorithms to support the extraction of fraudulent account behaviour within static data sets. Escalating costs associated with fraud however have continued to drive the migration towards increasingly proactive methods of fraud detection, to support the real-time screening of transactional data and detection of ambiguous user behaviour prior to transaction completion. This shift in data processing from post to pre data storage significantly reduces the available time within which to evaluate newly arriving system requests and produce an accurate fraud decision, demanding increasingly robust and intelligent user profiling technologies to support advanced fraud detection. This paper provides a comprehensive survey of existing research into account signatures, an innovative account profiling technology which maintains a statistical representation of normal account usage for rapid recalculation in real-time. Fraud detection architectures, processing models and applications to date are critically examined and evaluated with respect to their proactive capabilities for detection of fraud within streaming financial data. Discussion is also presented on challenges which remain within the proactive profiling of account behaviour and future research directions within the signature domain.     

Feature Extraction Method Based on Social Network Analysis

Due to rapid development of Internet technology and electronic business, fraudulent activities have increased. One of the ways to cope with damages of them is fraud detection. In this field, there is a need for methods accurate and fast. Therefore, a novel and efficient feature extraction method based on social network analysis called FEMBSNA is proposed for fraud detection in banking accounts. In this method, in order to increase accuracy and control runtime in the first step, features based on network level are considered using social network analysis and extracted feature is combined with other features based on user level in the next phase. To evaluate our feature extraction method, we use PCK-means method as a basic method to learn. The results show using the proposed feature extraction as a pre-processing step in fraud detection improves the accuracy remarkably while it controls runtime in comparison with other methods.     

图表示学习方法在消费金融领域团伙欺诈检测中的研究

消费金融的欺诈检测是学术界和产业界的一个重要问题,现阶段比较流行的做法是利用机器学习方法通过提取用户的固有特征来实现。随着团伙化欺诈的出现,传统的机器学习方法在欺诈用户样本数量小及特征数据不足的情况下,显得无能为力。团伙欺诈用户之间有很强的关联关系,该文利用用户间的通话数据构建用户关联网络,通过网络统计指标和DeepWalk算法提取用户节点的图特征,充分利用图的拓扑结构信息和邻居节点信息,将其与用户固有特征一起作为特征输入,使用LightGBM模型对上述多种特征进行学习。实验结果表明,采用图表示学习方法后,AUC指标与仅使用用户固有特征相比提高了7.3%。     

CAT-RFE:点击欺诈的集成检测框架

点击欺诈是近年来最常见的网络犯罪手段之一,互联网广告行业每年都会因点击欺诈而遭受巨大损失。为了能够在海量点击中有效地检测欺诈点击,构建了多种充分结合广告点击与时间属性关系的特征,并提出了一种点击欺诈检测的集成学习框架——CAT-RFE集成学习框架。CAT-RFE集成学习框架包含3个部分:基分类器、递归特征消除(RFE,recursive feature elimination)和voting集成学习。其中,将适用于类别特征的梯度提升模型——CatBoost(categorical boosting)作为基分类器;RFE是基于贪心策略的特征选择方法,可在多组特征中选出较好的特征组合;Voting集成学习是采用投票的方式将多个基分类器的结果进行组合的学习方法。该框架通过CatBoost和RFE在特征空间中获取多组较优的特征组合,再在这些特征组合下的训练结果通过voting进行集成,获得集成的点击欺诈检测结果。该框架采用了相同的基分类器和集成学习方法,不仅克服了差异较大的分类器相互制约而导致集成结果不理想的问题,也克服了RFE在选择特征时容易陷入局部最优解的问题,具备更好的检测能力。在实际互联网点击欺诈数据集上的性能评估和对比实验结果显示,CAT-RFE集成学习框架的点击欺诈检测能力超过了CatBoost模型、CatBoost和RFE组合的模型以及其他机器学习模型,证明该框架具备良好的竞争力。该框架为互联网广告点击欺诈检测提供一种可行的解决方案。     

A Novel Strategy for Mining Highly Imbalanced Data in Credit Card Transactions

The design of an efficient credit card fraud detection technique is, however, particularly challenging, due to the most striking characteristics which are; imbalancedness and non-stationary environment of the data. These issues in credit card datasets limit the machine learning algorithm to show a good performance in detecting the frauds. The research in the area of credit card fraud detection focused on detection the fraudulent transaction by analysis of normality and abnormality concepts. Balancing strategy which is designed in this paper can facilitate classification and retrieval problems in this domain. In this paper, we consider the classification problem in supervised learning scenario by creating a contrast vector for each customer based on its historical behaviors. The performance evaluation of proposed model is made possible by a real credit card data-set provided by FICO, and it is found that the proposed model has significant performance than other state-of-the-art classifiers.     

A Multi-Module Machine Learning Approach to Detect Tax Fraud

Tax fraud is one of the substantial issues affecting governments around the world. It is defined as the intentional alteration of information provided on a tax return to reduce someone’s tax liability. This is done by either reducing sales or increasing purchases. According to recent studies, governments lose over $500 billion annually due to tax fraud. A loss of this magnitude motivates tax authorities worldwide to implement efficient fraud detection strategies. Most of the work done in tax fraud using machine learning is centered on supervised models. A significant drawback of this approach is that it requires tax returns that have been previously audited, which constitutes a small percentage of the data. Other strategies focus on using unsupervised models that utilize the whole data when they search for patterns, though ignore whether the tax returns are fraudulent or not. Therefore, unsupervised models are limited in their usefulness if they are used independently to detect tax fraud. The work done in this paper focuses on addressing such limitations by proposing a fraud detection framework that utilizes supervised and unsupervised models to exploit the entire set of tax returns. The framework consists of four modules: A supervised module, which utilizes a tree-based model to extract knowledge from the data; an unsupervised module, which calculates anomaly scores; a behavioral module, which assigns a compliance score for each taxpayer; and a prediction module, which utilizes the output of the previous modules to output a probability of fraud for each tax return. We demonstrate the effectiveness of our framework by testing it on existent tax returns provided by the Saudi tax authority.     

Exploiting the Community Structure of Fraudulent Keywords for Fraud Detection in Web Search

Internet users heavily rely on web search engines for their intended information.The major revenue of search engines is advertisements (or ads).However,the search advertising suffers from fraud.Fraudsters generate fake traffic which does not reach the intended audience,and increases the cost of the advertisers.Therefore,it is critical to detect fraud in web search.Previous studies solve this problem through fraudster detection (especially bots) by leveraging fraudsters' unique behaviors.However,they may fail to detect new means of fraud,such as crowdsourcing fraud,since crowd workers behave in part like normal users.To this end,this paper proposes an approach to detecting fraud in web search from the perspective of fraudulent keywords.We begin by using a unique dataset of 150 million web search logs to examine the discriminating features of fraudulent keywords.Specifically,we model the temporal correlation of fraudulent keywords as a graph,which reveals a very well-connected community structure.Next,we design DFW (detection of fraudulent keywords) that mines the temporal correlations between candidate fraudulent keywords and a given list of seeds.In particular,DFW leverages several refinements to filter out non-fraudulent keywords that co-occur with seeds occasionally.The evaluation using the search logs shows that DFW achieves high fraud detection precision (99％) and accuracy (93％).A further analysis reveals several typical temporal evolution patterns of fraudulent keywords and the co-existence of both bots and crowd workers as frandsters for web search fraud.