• Journal of Intelligence and Information Systems
• /
• v.16 no.1
• /
• pp.93-116
• /
• 2010

Ensemble approach is applied to the detection modeling of illegal cash accommodation (ICA) that is the well-known type of fraudulent usages of credit cards in far east nations and has not been addressed in the academic literatures. The performance of fraud detection model (FDM) suffers from the imbalanced data problem, which can be remedied to some extent using an ensemble of many classifiers. It is generally accepted that ensembles of classifiers produce better accuracy than a single classifier provided there is diversity in the ensemble. Furthermore, recent researches reveal that it may be better to ensemble some selected classifiers instead of all of the classifiers at hand. For the effective detection of ICA, we adopt ensemble size reduction technique that prunes the ensemble of all classifiers using accuracy and diversity measures. The diversity in ensemble manifests itself as disagreement or ambiguity among members. Data imbalance intrinsic to FDM affects our approach for ICA detection in two ways. First, we suggest the training procedure with over-sampling methods to obtain diverse training data sets. Second, we use some variants of accuracy and diversity measures that focus on fraud class. We also dynamically calculate the diversity measure-Forward Addition and Backward Elimination. In our experiments, Neural Networks, Decision Trees and Logit Regressions are the base models as the ensemble members and the performance of homogeneous ensembles are compared with that of heterogeneous ensembles. The experimental results show that the reduced size ensemble is as accurate on average over the data-sets tested as the non-pruned version, which provides benefits in terms of its application efficiency and reduced complexity of the ensemble.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.5
• /
• pp.1179-1195
• /
• 2018

Recently, a variety of attacks on web services have been occurring through a multiple access environment such as PC, tablet, and smartphone. These attacks are causing various subsequent damages such as online fraud transactions, takeovers and theft of accounts, fraudulent logins, and information leakage through web service vulnerabilities. Creating a new fake account for Fraud attacks, hijacking accounts, and bypassing IP while using other usernames or email addresses is a relatively easy attack method, but it is not easy to detect and block these attacks. In this paper, we have studied a method to detect online fraud transaction and obsession by identifying and managing devices accessing web service using web-based device fingerprinting. In particular, it has been proposed to identify devices and to manage them by scoring process. In order to secure the validity of the proposed scheme, we analyzed the application cases and proved that they can effectively defend against various attacks because they actively cope with online fraud and obtain visibility of user accounts.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.3
• /
• pp.1348-1375
• /
• 2018

Support Vector Machine (SVM) is a well-known machine learning classification algorithm, which has been widely applied to many data mining problems, with good accuracy. However, SVM classification speed decreases with increase in dataset size. Some applications, like video surveillance and intrusion detection, requires a classifier to be trained very quickly, and on large datasets. Hence, this paper introduces two filter-based instance selection techniques for optimizing SVM training speed. Fast classification is often achieved at the expense of classification accuracy, and some applications, such as phishing and spam email classifiers, are very sensitive to slight drop in classification accuracy. Hence, this paper also introduces two wrapper-based instance selection techniques for improving SVM predictive accuracy and training speed. The wrapper and filter based techniques are inspired by Cuckoo Search Algorithm and Bat Algorithm. The proposed techniques are validated on three popular e-fraud types: credit card fraud, spam email and phishing email. In addition, the proposed techniques are validated on 20 other datasets provided by UCI data repository. Moreover, statistical analysis is performed and experimental results reveals that the filter-based and wrapper-based techniques significantly improved SVM classification speed. Also, results reveal that the wrapper-based techniques improved SVM predictive accuracy in most cases.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.5
• /
• pp.1099-1105
• /
• 2017

Enterprises use different accounting programs to process vast amounts of accounting data. Due to the characteristic of the accounting program, in addition to the accounting data used by the accounting program, there is a variety of information to help detect accounting fraud. Existing forensic accounting techniques have limited scope of analysis because they analyze only accounting data like accounting ledger without using such information. When you do accounting fraud detection, information obtained from characteristics of accounting program can be used to obtain various information that can not be obtained by accounting data analysis alone. In this paper, we try to contribute to effective accounting fraud investigation by suggesting a technique to effectively detect accounting fraud by using other data obtained from characteristics of accounting program used in Windows system.

• 한국경영정보학회:학술대회논문집
• /
• 2007.06a
• /
• pp.597-602
• /
• 2007

데이터 마이닝 분야에서 앙상블 모형의 유용성은 널리 인정되고 있다. 앙상블을 구성하는 단위모형들 사이의 다양성이 보장되는 경우, 최종 모형의 정확성 및 안정성이 향상되기 때문이다. 하지만, 얼마나 많은 단위 모형들이 어떤 방식으로 결합되어야 하는가에 대해서는 아직도 더 많은 연구가 필요하다. 본 연구에서는 신용카드 부정사용 유형 중 하나인 현금불법융통 문제에 대해 앙상블 모형의 유용성을 검증하고자 한다. 부정행위 적발 모형은 전형적인 분류 문제의 한 유형이나, 클래스간 불균형이 매우 심하다는 특징이 있다. 따라서, 현금불법융통 문제에 적합한 다양성(Diversity) 척도를 개발하여 최소한의 단위모형들로 앙상블 모형을 구성하는 방안을 제시하였다. 축소된 앙상블 모형이 많은 수의 모형을 결합한 앙상블 모형과 거의 같은 정확성 및 안정성을 보임을 국내 신용카드사의 실제 자료를 사용하여 입증하였다.

• 한국IT서비스학회:학술대회논문집
• /
• 2009.05a
• /
• pp.357-360
• /
• 2009

본 연구는 데이터마이닝 기법을 이용하여 건강보험청구료에 있어서 이상정도가 심한 요양기관을 탐지하고, 실제 의료영역에 적용하기 위한 시스템 개발을 목적으로 한다. 현재 건강보험 심사평가원의 이상탐지시스템은 평가대상이 되는 항목을 개별적으로 평가하고, 탐지된 기관의 선정 이유에 대한 근거제시가 부족한 단점을 가지고 있다. 따라서 본 연구에서는 항목을 종합적으로 평가할 수 있는 정량적 지표를 설계하고, 항목들의 상대적 중요도를 파악할 수 있도록 항목들에 대한 가중치 부여한다. 또한 지표에서 얻어진 값으로 등급을 구분하고, 의사결정나무기법(decision tree)를 이용하여 해석력을 높이는 방법을 제시한다.

• Information Systems Review
• /
• v.22 no.4
• /
• pp.135-161
• /
• 2020

With the growth of blockchain and cryptocurrency-related markets, cryptocurrency exchanges are growing as a new industry. However, as the legal and regulatory definitions of cryptocurrencies are still in progress, unlike existing industrial groups, they are not under the supervision of regulatory agencies. As a result, users (i.e., cryptocurrency investors) have suffered two types of damage that could occur from hacking and other accidents on the exchanges. One type of the damage is the loss of assets caused by the extortion of personal information or account and the other is the damage from users who might be involved in external frauds. Both are analyzed in comparison with existing operators whose functions are like the exchanges. The results of this study show that membership (KYC: Know Your Client), log-in, and additional authentication in transactions are on the similar level to those of the operators while the fraud detection system (FDS) and anti-money laundering (AML) of fiat currencies and cryptocurrencies need rapid improvement.

• The Journal of Society for e-Business Studies
• /
• v.27 no.2
• /
• pp.65-77
• /
• 2022

Due to the recent development in electronic financial services, transactions of electronic prepayment are rapidly growing, leading to growing fraud attempts. This paper proposes a methodology that can effectively detect fraud transactions in electronic prepayment by machine learning algorithms, including support vector machines, decision trees, and artificial neural networks. Actual transaction data of electronic prepayment services were collected and preprocessed to extract the most relevant variables from raw data. Two different approaches were explored in the paper. One is a transaction-based approach, and the other is a user ID-based approach. For the transaction-based approach, the first model is primarily based on raw data features, while the second model uses extra features in addition to the first model. The user ID-based approach also used feature engineering to extract and transform the most relevant features. Overall, the user ID-based approach showed a better performance than the transaction-based approach, where the artificial neural networks showed the best performance. The proposed method could be used to reduce the damage caused by financial accidents by detecting and blocking fraud attempts.

• Korean Security Journal
• /
• no.62
• /
• pp.185-203
• /
• 2020

While overall crime has been on the decline since 2009, voice phishing has rather been on the rise. The government and academia have presented various measures and conducted research to eradicate it, but it is not enough to catch up with evolving voice phishing. In the study, researchers focused on catching criminals and preventing damage from voice phishing, which is difficult to recover from. In particular, a voice phishing prediction method using the Fraud Detection System (FDS), which is being used to detect financial fraud, was studied based on the fact that the victim engaged in financial transaction activities (such as account transfers). As a result, it was conceptually derived to combine big data such as call details, messenger details, abnormal accounts, voice phishing type and 112 report related to voice phishing in machine learning-based Fraud Detection System(FDS). In this study, the research focused mainly on government measures and literature research on the use of big data. However, limitations in data collection and security concerns in FDS have not provided a specific model. However, it is meaningful that the concept of voice phishing responses that converge FDS with the types of data needed for machine learning was presented for the first time in the absence of prior research. Based on this research, it is hoped that 'Voice Phishing Damage Prediction System' will be developed to prevent damage from voice phishing.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.16 no.11
• /
• pp.3723-3737
• /
• 2022

Google Play is one of the largest Android phone app markets and it contains both free and paid apps. It provides a variety of categories for every target user who has different needs and purposes. The customer's rate every product based on their experience of apps and based on the average rating the position of an app in these arch varies. Fraudulent behaviors emerge in those apps which incorporate search rank maltreatment and malware proliferation. To distinguish the fraudulent behavior, a novel framework is structured that finds and uses follows left behind by fraudsters, to identify both malware and applications exposed to the search rank fraud method. This strategy correlates survey exercises and remarkably joins identified review relations with semantic and behavioral signals produced from Google Play application information, to distinguish dubious applications. The proposed model accomplishes 90% precision in grouping gathered informational indexes of malware, fakes, and authentic apps. It finds many fraudulent applications that right now avoid Google Bouncers recognition technology. It also helped the discovery of fake reviews using the reviewer relationship amount of reviews which are forced as positive reviews for each reviewed Google play the android app.