• Proceedings of the Korea Inteligent Information System Society Conference
• /
• 2001.06a
• /
• pp.293-304
• /
• 2001

frauds detection is a difficult problem, requiring huge computer resources and complicated search activities. researchers have struggled with the problem. Even though a flew research approaches have claimed that their solution is much bettor than others, research community has not found 'the best solution'well fitting every fraud. Because of the evolving nature of the frauds, a Revel and self-adapting method should be devised. In this research a new approach is suggested to solving frauds in insurance claims and credit card transaction. Based on evolutionary computing approach, the method is itself self-adjusting and evolving enough to generate a new set of decision-making rules. We believe that this new approach will provide a promising alternative to conventional ones, in terms of computation performance and classification accuracy.

• The Journal of the Korea Contents Association
• /
• v.19 no.11
• /
• pp.567-577
• /
• 2019

Recently, more and more attempts have been made to solve the problems faced by academia and industry through machine learning. Accordingly, various attempts are being made to solve non-general situations through machine learning, such as deviance, fraud detection and disability detection. A variety of attempts have been made to resolve the non-normal situation in which data is distributed disproportionately, generally resulting in errors. In this paper, we propose handling method of imbalance data for machine learning. The proposed method to such problem of an imbalance in data by verifying that the population distribution of major class is well extracted. Performance Evaluations have proven the proposed method to be better than the existing methods.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.3
• /
• pp.704-719
• /
• 2024

Botnet pandemics are becoming more prevalent with the growing use of mobile phone technologies. Mobile phone technologies provide a wide range of applications, including entertainment, commerce, education, and finance. In addition, botnet refers to the collection of compromised devices managed by a botmaster and engaging with each other via a command server to initiate an attack including phishing email, ad-click fraud, blockchain, and much more. As the number of botnet attacks rises, detecting harmful activities is becoming more challenging in handheld devices. Therefore, it is crucial to evaluate mobile botnet assaults to find the security vulnerabilities that occur through coordinated command servers causing major financial and ethical harm. For this purpose, we propose a hybrid analysis approach that integrates permissions and API and experiments on the machine-learning classifiers to detect mobile botnet applications. In this paper, the experiment employed benign, botnet, and malware applications for validation of the performance and accuracy of classifiers. The results conclude that a classifier model based on a simple decision tree obtained 99% accuracy with a low 0.003 false-positive rate than other machine learning classifiers for botnet applications detection. As an outcome of this paper, a hybrid approach enhances the accuracy of mobile botnet detection as compared to static and dynamic features when both are taken separately.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.26 no.6
• /
• pp.1513-1526
• /
• 2016

Since finance companies started e-banking services, those services have been diversified and use of them has continued to increase. Finance companies are implementing financial security policy for safe e-banking services, but e-Banking incidents are continuing to increase and becoming more intelligent. Along with the rise of internet banks and boosting Fintech industry, financial supervisory institutes are not only promoting user convenience through improving e-banking regulations such as enforcing Non-face-to-face real name verification policy and abrogating mandatory use of public key certificate or OTP(One time Password) for e-banking transactions, but also recommending the prevention of illegal money transfer incidents through upgrading FDS(Fraud Detection System). In this study, we assessed a blacklist based auto detection method suitable for overall situations for finance company, a real-time based suspicious transaction detection method linking with blacklist statistics model by each security level, and an alternative FDS model responding to typical transaction patterns of which information were collected from previous e-Banking incidents.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.25 no.5
• /
• pp.1067-1075
• /
• 2015

With the recent increase of the number of mobile game users, the side effects such as the manipulation of game points, levels and game speed and payment fraud are emerging. Especially, the emulators which make it possible for mobile applications to run on PC is a great threat to mobile game security since debugging specific game application or automating the game playing can be done easier with them. Therefore, we research the efficient ways to detect widely used Android Emulators such as BlueStacks, GenyMotion, Andy, YouWave and ARC Welder from the perspective of client(app), game server and network to reduce threat to mobile game security.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.28 no.6
• /
• pp.1499-1508
• /
• 2018

Although fast-growing e-commerce markets gave a lot of companies opportunities to expand their customer bases, it is also the case that there are growing number of cases in which the so-called 'black consumers' cause much damage on many companies. In this study, we will implement and optimize a machine learning model that detects black consumers using customer data from e-commerce store. Using filter method for feature selection and 4 different algorithms for classification, we could get the best-performing machine learning model that detects black consumer with F-measure 0.667 and could also yield improvements in performance which are 11.44% in F-measure, 10.51% in AURC, and 22.87% in TPR.

• Journal of Intelligence and Information Systems
• /
• v.23 no.3
• /
• pp.119-138
• /
• 2017

Recently, SNS has become an important channel for marketing as well as personal communication. However, cybercrime has also evolved with the development of information and communication technology, and illegal advertising is distributed to SNS in large quantity. As a result, personal information is lost and even monetary damages occur more frequently. In this study, we propose a method to analyze which sentences and documents, which have been sent to the SNS, are related to financial fraud. First of all, as a conceptual framework, we developed a matrix of conceptual characteristics of cybercriminality on SNS and emergency management. We also suggested emergency management process which consists of Pre-Cybercriminality (e.g. risk identification) and Post-Cybercriminality steps. Among those we focused on risk identification in this paper. The main process consists of data collection, preprocessing and analysis. First, we selected two words 'daechul(loan)' and 'sachae(private loan)' as seed words and collected data with this word from SNS such as twitter. The collected data are given to the two researchers to decide whether they are related to the cybercriminality, particularly financial fraud, or not. Then we selected some of them as keywords if the vocabularies are related to the nominals and symbols. With the selected keywords, we searched and collected data from web materials such as twitter, news, blog, and more than 820,000 articles collected. The collected articles were refined through preprocessing and made into learning data. The preprocessing process is divided into performing morphological analysis step, removing stop words step, and selecting valid part-of-speech step. In the morphological analysis step, a complex sentence is transformed into some morpheme units to enable mechanical analysis. In the removing stop words step, non-lexical elements such as numbers, punctuation marks, and double spaces are removed from the text. In the step of selecting valid part-of-speech, only two kinds of nouns and symbols are considered. Since nouns could refer to things, the intent of message is expressed better than the other part-of-speech. Moreover, the more illegal the text is, the more frequently symbols are used. The selected data is given 'legal' or 'illegal'. To make the selected data as learning data through the preprocessing process, it is necessary to classify whether each data is legitimate or not. The processed data is then converted into Corpus type and Document-Term Matrix. Finally, the two types of 'legal' and 'illegal' files were mixed and randomly divided into learning data set and test data set. In this study, we set the learning data as 70% and the test data as 30%. SVM was used as the discrimination algorithm. Since SVM requires gamma and cost values as the main parameters, we set gamma as 0.5 and cost as 10, based on the optimal value function. The cost is set higher than general cases. To show the feasibility of the idea proposed in this paper, we compared the proposed method with MLE (Maximum Likelihood Estimation), Term Frequency, and Collective Intelligence method. Overall accuracy and was used as the metric. As a result, the overall accuracy of the proposed method was 92.41% of illegal loan advertisement and 77.75% of illegal visit sales, which is apparently superior to that of the Term Frequency, MLE, etc. Hence, the result suggests that the proposed method is valid and usable practically. In this paper, we propose a framework for crisis management caused by abnormalities of unstructured data sources such as SNS. We hope this study will contribute to the academia by identifying what to consider when applying the SVM-like discrimination algorithm to text analysis. Moreover, the study will also contribute to the practitioners in the field of brand management and opinion mining.

• 한국데이터정보과학회:학술대회논문집
• /
• 2005.04a
• /
• pp.164-173
• /
• 2005

Data mining is the method to find useful information for large amounts of data in database. It is used to find hidden knowledge by massive data, unexpectedly pattern, relation to new rule. The methods of data mining are decision tree, association rules, clustering, neural network and so on. The decision tree approach is most useful in classification problems and to divide the search space into rectangular regions. Decision tree algorithms are used extensively for data mining in many domains such as retail target marketing, fraud detection, data reduction and variable screening, category merging, etc. We analyze waste database united with local information using decision tree techniques for environmental information. We can use these decision tree outputs for environmental preservation and improvement.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.781-784
• /
• 2017

본 논문에서는 최근 금융, 보험 등에서 빈번하게 발생하는 불법/이상 행위를 탐지하기 위해 데이터 그래프에서 사용자가 찾고자 하는 이상 패턴을 찾아 결과를 보여주는 그래프 가시화 툴을 제안한다. 개발한 툴은 정점과 간선 추가 및 삭제 등의 유용한 기능을 제공하기 때문에, 동적 그래프에 대한 불법/이상 행위 탐지를 위한 응용 프로그램에서도 널리 사용될 수 있을 것이다.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2017.04a
• /
• pp.820-821
• /
• 2017

최근 전자상거래의 활성화로 인해 전자금융거래에서 불법/이상 행위로 인한 피해규모가 증가하고 그 수법이 다양해지고 있다. 본 논문에서는 동적 그래프 처리 기술인 스트리밍 그래프 데이터에 대한 서브그래프 매칭 기술과 그래프 가시화 기술을 활용하여 불법/이상 행위를 탐지하는 클라이언트-서버 아키텍처 기반의 프레임워크를 설계한다. 그리고 불법/이상 행위를 탐지하는데 활용될 수 있는 기반 기술인 동적 그래프 매칭 기술과 그래프 가시화 기술의 최신 동향을 리뷰하고 최신 기술이 가진 한계 및 이슈를 제시한다.