[92] in Intrusion Detection Systems
Anti-fraud systems
daemon@ATHENA.MIT.EDU (Justin J. Lister)
Wed May 10 13:08:07 1995
From: ruf@osiris.cs.uow.edu.au (Justin J. Lister)
To: ids@uow.edu.au (Intrusion Detection System Mailing List)
Date: Wed, 10 May 1995 22:47:49 +1000 (EST)
Reply-To: ids@uow.edu.au
A recent article appeared in Tuesdays "The Australian" Computer Section
Tuesday 9 May, it was by reported by Vanessa Houlder of the Financial
Times (London). I thought I would mention it as others might have more
information on the topic that might lead to some useful discussion.
The article titled ``Anti-fraud systems work well, but cost a
fortune'' discusses the use of artificial intelligence technology in
detecting fraud in financial systems. It discusses various knowledge
based, neural networks and case-based reasoning systems being
used/experimented with, by Barclays, Touche Ross, Visa International,
and Coopers and Lybrand.
The specific systems mentioned included:
Fraud 2000 - Barclays and Touche Ross.
Fraud 2000 uses empirical rules on the size, frequency and
combinations of transactions to detect possible fraudulent activities.
The transactions that are suspected (estimate given was 20%) are
further analyzed by comparing them against the customers spending
patterns, the anomalous transactions are followed up by the fraud
referral unit.
Cardholder Risk Identification System (CRIS) and Merchant Risk
Identification System (MRIS) - Visa International. At central
computer system in McLean Virginia.
Neural network based system (claimed to be the most advanced)
``learn'' the individuals spending patterns (where and when and types
of goods and service received).
The MRIS system is being developed to identify the favorite locations for
fraud.
Netmap - Active Analysis.
A Graphical analysis program that illustrates hidden associations in
data. Used by BBC's Panorama program to visually analyze links between
Lloyd's Names and syndicates. Also being used in conjunction to a
neural net and knowledge base system by Coopers & Lybrand in detecting
mobile phone fraud. Figures provided suggested that out of 100
million, 100,000 potential suspicious could be identified.
The last system mentioned was by Touche Ross in which a case-based
system was being used to identify possible money laundering and
corporate fraud. It compares instances to closest possible example
from library of several hundred past cases, and is able to detect
several individuals or companies colluding to manipulate the market.
The article was based on a recent report by the financial services
industry for the UK Government sponsored Technology Foresight Program.
[I am wondering why none the UK subscribers here noticed/mentioned the
report.]
At the end of the article it suggests that such systems could be
extended to money laundering, computer hacking and fraudulent transfer
of funds. B)
``The constraint on there usage is often cost, rather than efficacy.''
With ``the real issue is not whether we have the systems'', ``The
question is whether we have the data and commercial justification'' -
Mr Mark Tantum (Touche Ross).
From the level of fraud in telephony, I would have expected these
types of systems to have been implemented long ago. I would expect
that the common forms of abuse (use of stolen access codes or cellular
masquerading) would be very distinctive against the normal user
behavior, even in corporate accounts.
Any comments, further insight or references ?
--
+---------------------+--------------------------------------------------+
| ____ ___ | Justin Lister ruf@cs.uow.edu.au |
| | \\ /\ __\ | Center for Computer Security Research |
| | |) / \_/ / |_ | Dept. Computer Science voice: 61-42-214-327 |
| | _ \\ /| _/ | University of Wollongong fax: 61-42-214-329 |
| |_/ \/ \_/ |_| (tm) | Computer Security a utopian dream... |
| | Disclaimer: dreaming is at own risk |
+---------------------+--------------------------------------------------+
