Advanced cyber-threats, specifically targeted to financial institutions, are growing in frequency and sophistication, both globally and in individual countries. To counter this trend, effective solutions are needed that are able to reliably and timely detect frauds across multiple channels that process millions of transactions per day. These security solutions are required to process logs produced by different systems and correlate massive amounts of information in real-time. In this paper, we propose an approach based on the Dempster–Shafer (DS) theory, that results in high performance of the detection process, i.e. high detection rates and low false positive rates. The approach is based on combining multiple (and heterogeneous) data feeds to get to a degree of belief that takes into account all the available evidence. The proposed approach has been validated with respect to a challenging demonstration case, specifically the detection of frauds performed against a mobile money transfer (MMT) service. An extensive experimental campaign has been conducted, using synthetic data generated by a simulator which closely mimics the behavior of a real system, from a major MMT service operator.
Use of the Dempster–Shafer theory to detect account takeovers in mobile money transfer services
COPPOLINO, Luigi;D'ANTONIO, Salvatore;FORMICOLA, Valerio;MASSEI, CARMINE;ROMANO, LUIGI
2015-01-01
Abstract
Advanced cyber-threats, specifically targeted to financial institutions, are growing in frequency and sophistication, both globally and in individual countries. To counter this trend, effective solutions are needed that are able to reliably and timely detect frauds across multiple channels that process millions of transactions per day. These security solutions are required to process logs produced by different systems and correlate massive amounts of information in real-time. In this paper, we propose an approach based on the Dempster–Shafer (DS) theory, that results in high performance of the detection process, i.e. high detection rates and low false positive rates. The approach is based on combining multiple (and heterogeneous) data feeds to get to a degree of belief that takes into account all the available evidence. The proposed approach has been validated with respect to a challenging demonstration case, specifically the detection of frauds performed against a mobile money transfer (MMT) service. An extensive experimental campaign has been conducted, using synthetic data generated by a simulator which closely mimics the behavior of a real system, from a major MMT service operator.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.