• Title/Summary/Keyword: Legitimate transactions

Search Result 41, Processing Time 0.022 seconds

Enhancing E-commerce Security: A Comprehensive Approach to Real-Time Fraud Detection

  • Sara Alqethami;Badriah Almutanni;Walla Aleidarousr
    • International Journal of Computer Science & Network Security
    • /
    • v.24 no.4
    • /
    • pp.1-10
    • /
    • 2024
  • In the era of big data, the growth of e-commerce transactions brings forth both opportunities and risks, including the threat of data theft and fraud. To address these challenges, an automated real-time fraud detection system leveraging machine learning was developed. Four algorithms (Decision Tree, Naïve Bayes, XGBoost, and Neural Network) underwent comparison using a dataset from a clothing website that encompassed both legitimate and fraudulent transactions. The dataset exhibited an imbalance, with 9.3% representing fraud and 90.07% legitimate transactions. Performance evaluation metrics, including Recall, Precision, F1 Score, and AUC ROC, were employed to assess the effectiveness of each algorithm. XGBoost emerged as the top-performing model, achieving an impressive accuracy score of 95.85%. The proposed system proves to be a robust defense mechanism against fraudulent activities in e-commerce, thereby enhancing security and instilling trust in online transactions.

Some Theoretical Foundations on the Necessities and Functions of Global Electronic Transactions Act (전자무역 활성화를 위한 글로벌 전자무역거래법의 요건과 역할기능의 이론적 기초)

  • Kim, Ki-Sun
    • THE INTERNATIONAL COMMERCE & LAW REVIEW
    • /
    • v.17
    • /
    • pp.129-146
    • /
    • 2002
  • The electronic technology development have occurred in the face of existing legal barriers to legal efficacy of computer information goods, and the liberating promise of electronic transactions cannot fully realized unless there is predictability in the legal rules that govern such transactions. This study analyzes some theoretical fundamentals of the Act. First, it proposes that the Act clarify and set forth uniform legal principles applicable to computer information transactions. Secondly, it suggests that if the individual is risk averse, the acceptance set for electronic transactions will be a convex set, and that the application of the Act will make the acceptance set more expanded by lowering the probability of conflicts and by downsizing the risk averness. Thirdly, it also suggest that through the mothod of contingent commodities analysis, the application of the Act by means of its restricted regulations will give more expected utility than the absence of the Act. Fourthly, it derives some implications that the degree of legitimate restriction will be affected by the objective risk inherent to the electronic transactions, and the individual's subjective risk-averseness. Finally, it concludes that harmonization of restriction and protection of individual's rights in electronic transaction process will be a necessary condition for more efficient body of law from the law-economic perspectives.

  • PDF

Traffic Seasonality aware Threshold Adjustment for Effective Source-side DoS Attack Detection

  • Nguyen, Giang-Truong;Nguyen, Van-Quyet;Nguyen, Sinh-Ngoc;Kim, Kyungbaek
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.13 no.5
    • /
    • pp.2651-2673
    • /
    • 2019
  • In order to detect Denial of Service (DoS) attacks, victim-side detection methods are used popularly such as static threshold-based method and machine learning-based method. However, as DoS attacking methods become more sophisticated, these methods reveal some natural disadvantages such as the late detection and the difficulty of tracing back attackers. Recently, in order to mitigate these drawbacks, source-side DoS detection methods have been researched. But, the source-side DoS detection methods have limitations if the volume of attack traffic is relatively very small and it is blended into legitimate traffic. Especially, with the subtle attack traffic, DoS detection methods may suffer from high false positive, considering legitimate traffic as attack traffic. In this paper, we propose an effective source-side DoS detection method with traffic seasonality aware adaptive threshold. The threshold of detecting DoS attack is adjusted adaptively to the fluctuated legitimate traffic in order to detect subtle attack traffic. Moreover, by understanding the seasonality of legitimate traffic, the threshold can be updated more carefully even though subtle attack happens and it helps to achieve low false positive. The extensive evaluation with the real traffic logs presents that the proposed method achieves very high detection rate over 90% with low false positive rate down to 5%.

Wiretapping Strategies for Artificial Noise Assisted Communication in MU-MIMO wiretap channel

  • Wang, Shu;Da, Xinyu;Chu, Zhenyong
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.5
    • /
    • pp.2166-2180
    • /
    • 2016
  • We investigate the opposite of artificial noise (AN)-assisted communication in multiple-input-multiple-output (MIMO) wiretap channels for the multiuser case by taking the side of the eavesdropper. We first define a framework for an AN-assisted multiuser multiple-input-multiple-output (MU-MIMO) system, for which eavesdropping methods are proposed with and without knowledge of legitimate users' channel state information (CSI). The proposed method without CSI is based on a modified joint approximate diagonalization of eigen-matrices algorithm, which eliminates permutation indetermination and phase ambiguity, as well as the minimum description length algorithm, which blindly estimates the number of secret data sources. Simulation results show that both proposed methods can intercept information effectively. In addition, the proposed method without legitimate users' CSI performs well in terms of robustness and computational complexity.

Risk Prediction Model of Legal Contract Based on Korean Machine Reading Comprehension (한국어 기계독해 기반 법률계약서 리스크 예측 모델)

  • Lee, Chi Hoon;Woo, Noh Ji;Jeong, Jae Hoon;Joo, Kyung Sik;Lee, Dong Hee
    • Journal of Information Technology Services
    • /
    • v.20 no.1
    • /
    • pp.131-143
    • /
    • 2021
  • Commercial transactions, one of the pillars of the capitalist economy, are occurring countless times every day, especially small and medium-sized businesses. However, small and medium-sized enterprises are bound to be the legal underdogs in contracts for commercial transactions and do not receive legal support for contracts for fair and legitimate commercial transactions. When subcontracting contracts are concluded among small and medium-sized enterprises, 58.2% of them do not apply standard contracts and sign contracts that have not undergone legal review. In order to support small and medium-sized enterprises' fair and legitimate contracts, small and medium-sized enterprises can be protected from legal threats if they can reduce the risk of signing contracts by analyzing various risks in the contract and analyzing and informing them of toxic clauses and omitted contracts in advance. We propose a risk prediction model for the machine reading-based legal contract to minimize legal damage to small and medium-sized business owners in the legal blind spots. We have established our own set of legal questions and answers based on the legal data disclosed for the purpose of building a model specialized in legal contracts. Quantitative verification was carried out through indicators such as EM and F1 Score by applying pine tuning and hostile learning to pre-learned machine reading models. The highest F1 score was 87.93, with an EM value of 72.41.

Key Efficiency Evaluation of Blockchain Based Cloud Proxy Server (블록체인 기반 클라우드 프락시 서버의 키 효율성 연구)

  • Soon-hwa Sung
    • Journal of the Korea Institute of Information Security & Cryptology
    • /
    • v.34 no.2
    • /
    • pp.289-299
    • /
    • 2024
  • Blockchains are not efficient for real-time processing because the growing number of transactions and users delays many computations and network communications. This study proposes a cloud proxy server, so that legitimate users can use blockchain as well as reduce network latency. To proceed with a blockchain transaction, the blockchain copy server verifies all transaction-related data, but the cloud proxy server verifies legitimate users with a simple zero-knowledge proof algorithm, enabling efficient blockchain real-time processing. The cloud proxy server can support blockchain anonymity, security, and scalability that can verify legitimate users with the proposed zero-knowledge proof by receiving the registered key pair of the blockchain user. In the proposed research analysis, blockchain-based cloud proxy server reduces network latency compared to previous studies and key processing on cloud proxy servers reduces the cost of key computation compared to previous studies.

An OpenFlow User-Switch Remapping Approach for DDoS Defense

  • Wei, Qiang;Wu, Zehui;Ren, Kalei;Wang, Qingxian
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.10 no.9
    • /
    • pp.4529-4548
    • /
    • 2016
  • DDoS attacks have had a devastating effect on the Internet, which can cause millions of dollars of damage within hours or even minutes. In this paper we propose a practical dynamic defense approach that overcomes the shortage of static defense mechanisms. Our approach employs a group of SDN-based proxy switches to relay data flow between users and servers. By substituting backup proxy switches for attacked ones and reassigning suspect users onto the new proxy switches, innocent users are isolated and saved from malicious attackers through a sequence of remapping process. In order to improve the speed of attacker segregation, we have designed and implemented an efficient greedy algorithm which has been demonstrated to have little influence on legitimate traffic. Simulations, which were then performed with the open source controller Ryu, show that our approach is effective in alleviating DDoS attacks and quarantining the attackers by numerable remapping process. The simulations also demonstrate that our dynamic defense imposes little effect on legitimate users, and the overhead introduced by remapping procedure is acceptable.

A New Reputation System for Reducing the Liars in P2P (P2P에서 Liar 감소를 위한 새로운 평판 시스템)

  • Shin, Jung-Hwa;Rhee, Kyung-Hyune
    • The KIPS Transactions:PartA
    • /
    • v.13A no.7 s.104
    • /
    • pp.599-606
    • /
    • 2006
  • As the P2P service does not have any administration authorities that are able to manage the behavior of participants and control the malicious users, malicious user can give harm to legitimate users for the benefit of themselves. To perform the secure transaction with new members who did not have past experiences on transaction, service users can differentiate malicious users and legitimate users by referring to the reputation information that provided by users having past experience. However, users can intentionally give false evaluation to other users on Performed transaction. We call these users as 'liar'. In this Paper, we propose a new reputation system for liar reduction to guarantee an accuracy on reputation information.

A Novel Jamming Detection Technique for Wireless Sensor Networks

  • Vijayakumar, K.P.;Ganeshkumar, P.;Anandaraj, M.
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.10
    • /
    • pp.4223-4249
    • /
    • 2015
  • A novel jamming detection technique to detect the presence of jamming in the downstream direction for cluster based wireless sensor networks is proposed in this paper. The proposed technique is deployed in base station and in cluster heads. The proposed technique is novel in two aspects: Firstly, whenever a cluster head receives a packet it verifies whether the source node is legitimate node or new node. Secondly if a source node is declared as new node in the first step, then this technique observes the behavior of the new node to find whether the new node is legitimate node or jammed node. In order to monitor the behavior of the existing node and new node, the second step uses two metrics namely packet delivery ratio (PDR) and received signal strength indicator (RSSI). The rationality of using PDR and RSSI is presented by performing statistical test. PDR and RSSI of every member in the cluster is measured and assessed by the cluster head. And finally the cluster head determines whether the members of the cluster are jammed or not. The CH can detect the presence of jamming in the cluster at member level. The base station can detect the presence of jamming in the wireless sensor network at CH level. The simulation result shows that the proposed technique performs extremely well and achieves jamming detection rate as high as 99.85%.

New Approach for Detecting Leakage of Internal Information; Using Emotional Recognition Technology

  • Lee, Ho-Jae;Park, Min-Woo;Eom, Jung-Ho;Chung, Tai-Myoung
    • KSII Transactions on Internet and Information Systems (TIIS)
    • /
    • v.9 no.11
    • /
    • pp.4662-4679
    • /
    • 2015
  • Currently, the leakage of internal information has emerged as one of the most significant security concerns in enterprise computing environments. Especially, damage due to internal information leakage by insiders is more serious than that by outsiders because insiders have considerable knowledge of the system's identification and password (ID&P/W), the security system, and the main location of sensitive data. Therefore, many security companies are developing internal data leakage prevention techniques such as data leakage protection (DLP), digital right management (DRM), and system access control, etc. However, these techniques cannot effectively block the leakage of internal information by insiders who have a legitimate access authorization. The security system does not easily detect cases which a legitimate insider changes, deletes, and leaks data stored on the server. Therefore, we focused on the insider as the detection target to address this security weakness. In other words, we switched the detection target from objects (internal information) to subjects (insiders). We concentrated on biometrics signals change when an insider conducts abnormal behavior. When insiders attempt to leak internal information, they appear to display abnormal emotional conditions due to tension, agitation, and anxiety, etc. These conditions can be detected by the changes of biometrics signals such as pulse, temperature, and skin conductivity, etc. We carried out experiments in two ways in order to verify the effectiveness of the emotional recognition technology based on biometrics signals. We analyzed the possibility of internal information leakage detection using an emotional recognition technology based on biometrics signals through experiments.