On the Implementation and Protection of Fraud Detection Systems

Doktorsavhandling, 2004

Society of today is becoming increasingly dependent on the availability and correctness of IT-systems. There are a growing number of industries that base their business almost exclusively on creating growth and economic value using IT-systems. Banks, credit card providers, online gambling brokers and providers of telecommunication services are a few examples where secure and reliable communication and computing environments are of the outmost importance for survival. These new services can create increased customer value and provide new business opportunities. However, history shows that fraudsters constantly seek economic gain by exploiting weaknesses in technical systems or business models of service offerings. Thus, minimizing economic loss due to fraud is an important goal in many enterprises. An important tool in that process is an efficient fraud detection system (FDS) that can give early indications of misuse of products and services offered to customers. This thesis addresses the subject of implementing and protecting an FDS. Specifically, we give arguments for the importance of thorough testing, training and sufficient protection when deploying a successful fraud detection system. We show how emerging computing environments put new demands on the security mechanisms and security extensions that protect the information and resources of their target environment. Fraud detection systems are no exception and we argue that detection mechanisms will play an important role in such environments. We propose and implement a methodology for generating synthetic data sets that can be used for testing and training fraud detection systems prior to real-life deployment. A comparison of fraud and intrusion detection system is made, where we highlight differences and similarities. Our study shows that the similarities clearly outweigh the differences, and research in one area is most often applicable for both types of systems. Finally, we discuss the topic of protecting fraud detection systems from malicious environments. Specifically, we study the importance of such systems from reverse engineering and propose mechanisms for achieving secrecy of the inherent information, even when deployed in hostile environments.