FraudBuster : time-based analysis of Internet banking fraud

We have observed an increasing number of online banking frauds, originated from cyber attacks. To protect their customers, financial institutions rely on fraud analysis system, in order to detect anomalous behaviors. State-of-art systems help banking analysts in the investigation of online banking frauds, by providing an anomaly score computed with respect to the customer’s past transactions. In contrast, cyber-criminals are improving their attacks by forging fraudulent transactions that are similar to legitimate ones, with the aim to remain undetected, allowing the perpetration of frauds over time. We define this kind of attack as stealthy frauds. In this thesis we propose FraudBuster an approach capable of automatically detecting stealthy frauds. FraudBuster builds a series of temporal profiles, based on user’s transactions history, and then compares new transactions against them. To do so, we explored the user’s behavior temporal component, rarely studied in literature. Then, we designed a specific method to model users characterized by periodic usage patterns based on dynamic time warping, which exploits their recurrent spending patterns. Moreover, we developed profiles based on time windows for both periodic and non-periodic users to increase the capability of our system in detecting stealthy frauds. To measure the quality and the performance of FraudBuster we test it on a real-world, anonymised dataset. We show that FraudBuster is able to detect stealthy frauds with an high accuracy and an acceptable false positive rate.