Data Mining Application For Cyber Credit-card Fraud Detection System
Proceedings of the World Congress on Engineering 2013 Vol III,WCE 2013, July 3 - 5, 2013, London, U.K.Data Mining Application for Cyber Credit-cardFraud Detection SystemJohn AkhilomenAbstract: Since the evolution of the internet, many smalland large companies have moved their businesses to theinternet to provide services to customers worldwide. Cybercredit‐card fraud or no card present fraud is increasinglyrampant in the recent years for the reason that thecredit‐card i s majorly used to request payments by thesecompanies on the internet. Therefore the need to ensuresecured transactions for credit-card owners whenconsuming their credit cards to make electronic paymentsfor goods and services provided on the internet is acriterion. Data mining has popularly gained recognition incombating cyber credit-card fraud because of its effectiveartificial intelligence (AI) techniques and algorithms thatcan be implemented to detect or predict fraud throughKnowledge Discovery from unusual patterns derived fromgathered data. In this study, a system’s model for cybercredit card fraud detection is discussed and designed. Thissystem implements the supervised anomaly detectionalgorithm of Data mining to detect fraud in a real timetransaction on the internet, and thereby classifying thetransaction as legitimate, suspicious fraud and illegitimatetransaction. The anomaly detection algorithm is designedon the Neural Networks which implements the workingprincipal of the human brain (as we humans learns frompast experience and then make our present day decisionson what we have learned from our past experience). Tounderstand how cyber credit card fraud are beingcommitted, in this study the different types of cyberfraudsters that commit cyber credit card fraud and thetechniques used by these cyber fraudsters to commit fraudon the internet is discussed.Keywords: Cyber credit card fraud, cyber credit‐cardfraudsters, black‐hat hackers, neural networks, datamining.I.INTRODUCTIONImagine a scenario at the end of the month where you as acredit-card owner received your credit-card statement; younoticed on your credit-card statement that a purchase wasmade on your credit-card for a blackberry phone you neverbought nor made an order for. You called your credit cardcompany to explain to them that you never made thispurchase but you were told that you did made that ordersince it was recorded on their system the purchase madewith your legitimate information. Then they went ahead totell you that from their logged file, you actually made thatpurchase for a blackberry on “www.ebay.com” and themonetary transaction was successfully made to EBay. Nowafterwards your credit-card company decided to investigatefurther and they called the internet company EBay.John Akhilomen is with the School of Computing andMathematics, University Of Derby, Kedleston Rd, Derby DE221GB, United Kingdom.(email: Johnblithe@gmail.com)ISBN: 978-988-19252-9-9ISSN: 2078-0958 (Print); ISSN: 2078-0966 (Online)EBay checking their logged file for the transaction toldyour credit-card company that the blackberry phonewas delivered to a shipping address in Turkey whileyou the actual credit-card owner lived in the USA.Obviously in a case like this, you are a victim of aninternet credit-card fraud or no card present fraud.When your credit card or credit card information isstolen and used to make unauthorized purchases one-commercial systems on the internet, you become avictim of internet credit card fraud or no card presentfraud. This is nothing new and there is nothing unusualabout this because identity theft and credit-card fraudare present-day happenings affecting many people andinvolving substantial monetary losses. Fraud is amillion dollar business and it’s increasing every year.The PwC global economic crime survey of 2011suggests that 34% of companies worldwide havereported being victim of fraud in the past year andincreasing from 30% as reported in the year 2009 9.Fraud is as old as humanity itself and can take anunlimited variety of different forms. However, inrecent years, the development of new technologies likethe internet has provided further ways in whichfraudsters can commit fraud.Fraud is a very skilled crime; therefore a specialmethod of intelligent data analysis to detect andprevent it is necessary 11. These methods exist in theareas of Knowledge Discovery in Database, DataMining, Machine Learning and Statistics. They offerapplicable and successful solutions in different areas offraud crime. The aim of this study is actually focusedon modeling an applicable system for detecting fraudin a real-time transaction on the internet. This modelimplements the anomaly detection algorithm of DataMining, using Neural Networks to learn patterns usedby a particular credit-card owner and then match thepatterns learned with the pattern of the currenttransaction to detect anomalies.II. WHAT IS CYBER CREDIT-CARDFRAUD OR NO CARD PRESENT FRAUD?Recent and current scholars investigating credit-cardfraud have divided credit-card fraud into two types; theonline credit card fraud (or no card present fraud) andthe offline credit card fraud (card present fraud) 1. Theonline credit-card fraud (in this paper is cyber creditcard fraud) is committed with no presence of acredit-card but instead, the use of a credit-cardinformation to make electronic purchase for goods andservices on the internet. The offline credit-card fraud iscommitted with the presence of a credit-card which inmost cases have been stolen or counterfeited andthereby used at a local store or a physical location forthe purchase or some goods or services. However, todefine cyber credit-card fraud, it is a scenario whereWCE 2013
Proceedings of the World Congress on Engineering 2013 Vol III,WCE 2013, July 3 - 5, 2013, London, U.K.the credit-card information of a credit-card owner has beenstolen, or in some cases valid credit-card information hasbeen uniquely generated (just like credit-card companies orissuers do) and thereby used for electronic payment on theinternet or via the telephone. In most cases, no I.T orcomputer skill may be required to commit onlinecredit-card fraud because of the different techniques inwhich credit-card information can be stolen by cyberfraudsters.III.WHO ARE THE CYBER CREDIT-CARDFRAUDSTERS?I. Credit-card information buyers: They are fraudsterswith little or no professional computer skills (e.g.Computer Programming, Networking, etc.) who buyhacked (or stolen) credit-card information on an illegal“credit-card sales” website. They buy this credit-cardinformation with the intention of making electronicpayment for some good and services on the internet.II. Black hat hackers: Recent research on Hackers in termsof Computer Security defined a "black hat hacker" (alsoknown as a cracker) as a hacker who violates computersecurity with malicious intent or for personal gain 8. Theychoose their targets using a two-pronged process known asthe "pre-hacking stage"; Targeting, Research andInformation Gathering, and Finishing the Attack. Thesetypes of hackers are highly skilled in ComputerProgramming and Computer Networking and with suchskills can intrude a network of computers. The mainpurpose of their act of intrusion or hacking is to stealpersonal or private information (such as credit-cardinformation, bank-account information, etc.) for their ownpersonal gain (for instance creating a “credit-card sales”website where othercyber credit-card fraudsters with little or no computerskills can buy credit-card information).III. Physical credit-card stealers: They are the type offraudsters who physically steal credit-cards and write outthe information on them. They physically steal theseplastic credit-cards (maybe by pick-pocketing in a crowdedplace) and write out the credit-card’s information with theintention of using this credit-card information to makeelectronic payment for some good and services on theinternet.IV. DIFFERENT TECHNIQUES FORCREDIT-CARD INFORMATION THEFT BYCYBER CREDIT-CARD FRAUDSTERSLuhn algorithm that credit-card companies or issuersuse in generating credit-card numbers to theircredit-card consumers or users. In other cases, thissoftware is written by black-hat hackers with hackedcredit-card information stored on a database file fromwhich the software can display valid credit-cardinformation to other type of cyber credit-cardfraudsters who have bought the software to use. Thistechnique is some cases used by black-hat hackers tosell their hacked credit-card information to other onlinecredit-card fraudsters with little or no computer skills.II. Key-logger and Sniffers: Black-hat hackers withprofessional Programming or computer skills are ableto infect a computer by installing and automaticallyrunning sniffers or key-logger computer programs tolog all keyboard inputs made into the computer on afile with the intention of retrieving personalinformation (like credit-card information, etc.). Theseblack-hat hackers or fraudsters are able to infect users’computers by sending spam emails to computer-usersrequesting them to download free software or games,or sometimes they create some porn-sites so that whenthese computer-users browse these porn sites ordownload those free software or games, the sniffers orkey-loggers are automatically downloaded, installedand ran on the users’ computers. While the sniffer orkey-logger is running under the users’ computer, theysniff and log all the keyboard-input made by the userover a connected network. Therefore, anycomputer-user can unknowingly share their privateinformation (credit-card information, etc.) throughviral-infecting software such as these. In some cases,no Programming or computer skill is required to sniff acomputer-user’s key-board input because this softwareare also being shared or sold to other cyber credit-cardfraudsters with little or no computer skills.III. Spyware, Site-cloning and False Merchant sites:They are software created by black-hat hackers,installed and ran on users’ computer to keep track of alltheir website activities. From knowing the websiteactivities of the victimized computer-user on theinternet, electronic or banking websites regularlyvisited by the computer-user can be cloned and sent tothe user for usage with the intention of retrievingpersonal or private information ( like bank log-in’s). Inthe case of false merchant sites, fake websites can becreated to advertise and sell cheap products tocomputer-users, and thereby asking for payment viacredit-card. If a credit-card payment is made on any ofthese fake merchant sites, the user’s credit-cardinformation is therefore stolen.In other to detect cyber credit-card fraud activities on theinternet, a study conducted on how credit-card informationis stolen is a good approach. Listed below are studieddifferent techniques which are used for credit-card fraudinformation theft.IV. CC/CVV2 shopping websites: cyber credit-cardfraudsters with no professional computer skills can buyhacked credit-card information on these websites to usefor fraudulent electronic payment for some goods andservices on the internet.I. Credit-card fraud generator software: These aresoftware written to generate valid credit-card numbers andexpiry dates. Some of these software are capable ingenerating valid credit-card numbers like credit-cardcompanies or issuers because it uses the mathematicalV. Physical stolen credit-card information: Fraudsterscan physically steal the credit-card of a user to writeout the credit-card information and then use forfraudulent electronic payment on the internet.ISBN: 978-988-19252-9-9ISSN: 2078-0958 (Print); ISSN: 2078-0966 (Online)WCE 2013
Proceedings of the World Congress on Engineering 2013 Vol III,WCE 2013, July 3 - 5, 2013, London, U.K.V.METHODOLOGYI. Implementing Data mining Techniques for Credit CardFraud Detection System: Data mining is popularly used toeffectively detect fraud because of its efficiency indiscovering or recognizing unusual or unknown patterns ina collected dataset. Data mining is simply a technologythat allows the discovery of knowledge in a dataset. Inother words, with Data mining knowledge can bediscovered in a dataset. Data is collected from differentsources into a dataset and then with Data mining, we candiscover patterns in the way all data in the dataset relateswith another and then make predictions based on thepatterns discovered. Data mining takes a dataset as aninput and produces models or patterns as output. One ofthe popular effective Data mining techniques used in datasecurity is the Neural Networks. The concept of the NeuralNetworks is designed on the functionality of the humanbrain. From kindergarten until college, we are developedfrom an infantry stage of life unto the adult stage throughdifferent experiences or a set of data through how we’reschooled. And we use this past experience or training wehave acquired to make present day decisions. This is theNeural Networks. The Neural Networks makes predictionsand classifications from what it has learned. The Anomalydetection algorithm is an implementation of the NeuralNetworks. Anomaly detection (sometimes called deviationdetection) is an algorithm implemented to detect patternsin a given data set that do not conform to an establishednormal behavior10. The patterns thus detected are calledanomalies and often translate to critical and actionableinformation in several application domains. The Anomalydetection is categorized into three; Unsupervisedanomaly, Semi-supervised and Supervised anomalydetection. Unsupervised anomaly detection techniquesdetect anomalies in an unlabeled test data set under theassumption that the majority of the instances in the data setare normal by looking for instances that seem to fit least tothe remainder of the data set. Supervised anomalydetection techniques require a data set that has beenlabeled as "normal" and "abnormal" and involves traininga classifier (the key difference to many other statisticalclassification problems is the inherent unbalanced natureof outlier detection). Semi-supervised anomaly detectiontechniques construct a model representing normal behaviorfrom a given normal training data set, and then testing thelikelihood of a test instance to be generated by the learntmodel 10. As seen in the diagram on fig. 1, this data miningapplication uses Supervised Anomaly detection to detectcredit card fraud in a transaction and thereby classifies atransaction as Ok, suspicious fraud or illegitimatetransaction.II. Credit Card Fraud detection model: This Datamining application applies the anomaly detectionalgorithm to detect cyber credit card fraud in an onlinecredit-card transaction implementing Pattern recognitionwith Neural Networks. Anomaly detection algorithm is atechnique used in Data mining applications to detectspecific patterns or relations within the data provided forFraud detection process. There is a fixed pattern to howcredit-card owners consume their credit-card on theinternet. This fixed pattern can be drawn from legitimateregular activities of the credit-card owner for the past oneor two years on its credit-card; the regular merchantwebsites the credit-card owner regularly makes electronicISBN: 978-988-19252-9-9ISSN: 2078-0958 (Print); ISSN: 2078-0966 (Online)payment for goods and services, the geographicallocation where past legitimate transactions have beenmade, the geographical location where goods havebeen shipped to by the credit-card owner, theemail-address and phone number regularly used by thecredit card owner for notification. Using the NeuralNetwork technology, the computer-program orsoftware can be trained with this fixed pattern to use itas knowledge in classifying a real-time transaction asfraudulent or legitimate transaction. In this Datamining application for credit-card fraud detection, theanomaly detection algorithm is implemented forcyber credit-card fraud detection process. Once thedata to be analyzed is selected, the anomaly detectionalgorithms will be applied to perform a data miningprocess for matching the behavior of the currenttransaction if it differs in behavior with the owner’spast transactions on its credit-card. If the behavioralpattern in the current transaction differs with thelearned pattern of the original credit-card owner, thesystem will continue to match the pattern of the currenttransaction if it’s similar with past cyber credit-cardfraud transactions. If the system returns false (ofmismatch patterns between the current transaction andpast fraud transactions) then the system classifies thetransaction as suspicious fraud but if true, then thesystem will classify the transaction as illegal fraudtransaction.III. Pattern Recognition To Train Neural Networks:A. Geolocation of real-time transaction: Thegeolocation technology provides the absolutegeographical location of an internet-connectedcomputer by its IP address. An IP address is a uniquenetwork identifier issued by an Internet ServiceProvider to a computer-user every time they are loggedon to the Internet 12. This Data mining application istrained with IP-addresses (City and Country locationbeing formatted from theIP-addresses) of internet-connected-computers thecredit-card owner has used in the past one or two yearslegitimate transaction on its credit-card. This is a goodmechanism to train Neural Networks for cybercredit-card fraud detection because in training NeuralNetworks with the City and Country locationsformatted from IP-addresses where the credit-cardowner has regularly made legitimate transactions fromfor the past one or two years, Neural Networks canknow if the internet-connected-computer of the connected computers the credit-card owner hasregularly made his past one or two years legitimatecredit-card transactions. While this is a very goodanti-fraud mechanism and useful for tracking fraudsters,the IP addresses can also be changed using Proxyservers. Anonymous proxy servers allow Internet usersto hide their actual IP address and run their computersbehind a fake IP address of their desired region 13. Themain purpose using a proxy server is to remainanonymous or to avoid being detected. Fraudsters hidethemselves behind anonymous proxy servers to commitcredit-card fraud on the internet. This Data miningapplication automatically flags for suspicious fraud if aproxy-server is detected in a transaction.WCE 2013
Proceedings of the World Congress on Engineering 2013 Vol III,WCE 2013, July 3 - 5, 2013, London, U.K.B. Email address and Phone number: When a credit-cardis issued to an individual by a credit-card issuer orcompany, an email address or phone number from theindividual is registered with the credit card so that theindividual can receive notification via telephone or emailof any transaction that’s been made on their credit-card.For this reason, fraudsters do use different email-addressesand phone numbers when committing cyber fraud on creditcards. Although, It is important to take note that the cyberfraudsters do not only use email-addresses registered withfree domains (like Yahoo, Google or Hotmail), but alsothey do pay to get registered email-addresses with non-freedomains. Therefore, in this data mining application, NeuralNetworks will be trained with the email addresses andphone number the credit-card owner has used in past oneor two years internet credit-card transactions.C. Shipping address: Although it is not uncommon forpeople sending gifts to others to request different shippingaddress. It is very difficult to retrieve goods or apprehendfraudsters once the goods have left the country ofresidence of the original credit-card owner. Fraudsters willpossibly not send goods to the legitimate cardholder’sbilling-address. But it is possible that credit-card ownerswill send goods to legitimate shipping address different totheir billing address. Therefore, in this data miningapplication, Neural Networks will be trained with Shippingaddresses and oversea orders used by the credit-card ownerin past one or two years transactions.D. Merchants’ websites, regular good and servicespurchased in past credit cardholder’s transactions:Neural Networks will be trained with the merchantwebsites the credit-card owner has regularly visited andthe type of goods and services they have regularlypurchased on its credit-card for the past 1 or two years.Neural Networks will be trained with the cost range ofgoods and services purchased in the past one or twoyears transactions of the credit cardholder’s credit card.VI.CONCLUSIONSIn this paper, a data mining application has beenmodeled as a subsystem which can be used withsoftware systems and applications in financialinstitutions to detect credit-fraud in a transaction on theinternet. This Data mining application accepts inputformatted on a pattern on which a transaction is beingexecuted and matches it with the credit-card holder’spatterns of its credit-card online consumptions it’s beentrained with to classify a real-time transaction as legit,suspicious fraud or illegitimate transaction. The datamining application modeled in this paper uses theanomaly detection algorithm of the Neural Networks todetect fraud in a real-time transactions and it not proneto errors because of its classification of Transactions(legitimate, Suspicious Fraud and illegitimate). In thecase of the suspicious fraud classification, the financialinstitution using the system can investigate further bycalling the credit-card owner regarding the suspiciousfraudulent transaction.Fig. 1. The Learning and Classification of Neural Networks in the systemISBN: 978-988-19252-9-9ISSN: 2078-0958 (Print); ISSN: 2078-0966 (Online)WCE 2013
Proceedings of the World Congress on Engineering 2013 Vol III,WCE 2013, July 3 - 5, 2013, London, U.K.Fig. 2. The system’s model for credit card fraud detection process in a transaction.Fig. 3. A form used to purchase order by a cyber credit-cardfraudsterISBN: 978-988-19252-9-9ISSN: 2078-0958 (Print); ISSN: 2078-0966 (Online)Fig. 4. A form used to purchase order by a credit cardownerWCE 2013
Proceedings of the World Congress on Engineering 2013 Vol III,WCE 2013, July 3 - 5, 2013, London, U.K.References[1]. Adnan M. Al-Khatib, Electronic payment fraud detectiontechniques, World of Computer Science and InformationTechnology Journal (2012), vol. 2, no. 4. pp. 137-141.[2]. Francisca Nouyelum Ogwueleka, Data mining application incredit-card Fraud detection system, Journal of EngineeringScience and Technology (2011), vol, 6, no. 3, pp. 311 - 322.[3]. Dr. Yashpal Singh and Singh Chauhan, Neural networks indata mining. Journal of Theoretical and Applied InformationTechnology (2005-2009), vol, 5, no. 6. pp. 37-42.[4]. Khyati Chaudhary and Bhawna Mallick. Exploration of datamining techniques in fraud detection: credit-card,International Journal of Electronics and Computer ScienceEngineering. vol. I, no. 3. pp. 1765-1771.[5]. V.Dhecpa and Dr. RDhanapal, Analysis of credit-card frauddetection methods', International Journal of Recent Trendsin Engineering (2009), vol, 2. no. 3, pp.126-128.[6]. Khyati Chaudhary, Jyoti Yadav and Bhawna Mallick, Areview of fraud detection techniques: credit-card,International Journal of Computer Applications (2012), vol.45, no. I, pp.39-44[7]. Sam Maes, Karl Tuyls and Bram Vanschoenwinkel,Credit-card Fraud Detection Using Bayesian and 2.pdf.[Accessed12December 2012].[8]. Hacker (computer security) - Wikipedia, the ipedia.org/wiki/Hacker (computer security).[Accessed 12 December 2012].[9]. Cybercrime: protecting against the growing threat GlobalEconomic Crime Survey – PWC Global n GX/gx/economic-crime-survey/assets/GECS GLOBAL REPORT.pdf.[Accessed12December 2012].[10]. maly detection. [Accessed12 December 2012].[11]. Data Analysis Techniques for Fraud rg/wiki/Data Analysis Techniques forFraud Detection. [Accessed 12 December 2012].[12]. Preventing Credit Card Abuse - Anti-Fraud com/content/fed-bus-12301.shtml?&lang en us&output json&session-id 3cd3dad0fc218a1ad59460ff032578fd. [Accessed 12 December 2012].[13]. Precautions for internet traders to prevent fraudulent com/2007/02/precautions-for-internet-traders-to 25.html?&lang en us&output json&session-id 3cd3dad0fc218a12578fd. [Accessed 12 December 2012].ISBN: 978-988-19252-9-9ISSN: 2078-0958 (Print); ISSN: 2078-0966 (Online)WCE 2013
credit card fraud detection is discussed and designed. This system implements the supervised anomaly detection algorithm of Data mining to detect fraud in a real time transaction on the internet, and thereby classifying the transaction as legitimate, suspicious fraud and illegitimate transaction. The anomaly detection algorithm is designed
Bruksanvisning för bilstereo . Bruksanvisning for bilstereo . Instrukcja obsługi samochodowego odtwarzacza stereo . Operating Instructions for Car Stereo . 610-104 . SV . Bruksanvisning i original
DATA MINING What is data mining? [Fayyad 1996]: "Data mining is the application of specific algorithms for extracting patterns from data". [Han&Kamber 2006]: "data mining refers to extracting or mining knowledge from large amounts of data". [Zaki and Meira 2014]: "Data mining comprises the core algorithms that enable one to gain fundamental in
Preface to the First Edition xv 1 DATA-MINING CONCEPTS 1 1.1 Introduction 1 1.2 Data-Mining Roots 4 1.3 Data-Mining Process 6 1.4 Large Data Sets 9 1.5 Data Warehouses for Data Mining 14 1.6 Business Aspects of Data Mining: Why a Data-Mining Project Fails 17 1.7 Organization of This Book 21 1.8 Review Questions and Problems 23
Cyber Vigilance Cyber Security Cyber Strategy Foreword Next Three fundamental drivers that drive growth and create cyber risks: Managing cyber risk to grow and protect business value The Deloitte CSF is a business-driven, threat-based approach to conducting cyber assessments based on an organization's specific business, threats, and capabilities.
10 tips och tricks för att lyckas med ert sap-projekt 20 SAPSANYTT 2/2015 De flesta projektledare känner säkert till Cobb’s paradox. Martin Cobb verkade som CIO för sekretariatet för Treasury Board of Canada 1995 då han ställde frågan
service i Norge och Finland drivs inom ramen för ett enskilt företag (NRK. 1 och Yleisradio), fin ns det i Sverige tre: Ett för tv (Sveriges Television , SVT ), ett för radio (Sveriges Radio , SR ) och ett för utbildnings program (Sveriges Utbildningsradio, UR, vilket till följd av sin begränsade storlek inte återfinns bland de 25 största
Hotell För hotell anges de tre klasserna A/B, C och D. Det betyder att den "normala" standarden C är acceptabel men att motiven för en högre standard är starka. Ljudklass C motsvarar de tidigare normkraven för hotell, ljudklass A/B motsvarar kraven för moderna hotell med hög standard och ljudklass D kan användas vid
LÄS NOGGRANT FÖLJANDE VILLKOR FÖR APPLE DEVELOPER PROGRAM LICENCE . Apple Developer Program License Agreement Syfte Du vill använda Apple-mjukvara (enligt definitionen nedan) för att utveckla en eller flera Applikationer (enligt definitionen nedan) för Apple-märkta produkter. . Applikationer som utvecklas för iOS-produkter, Apple .
