Abstract
The investigation of fraud in business has been a staple for the digital forensics practitioner since the introduction of computers in business. Much of this fraud takes place in the retail industry. When trying to stop losses from insider retail fraud, triage, i.e. the quick identification of sufficiently suspicious behaviour to warrant further investigation, is crucial, given the amount of normal, or insignificant behaviour.
It has previously been demonstrated that simple statistical threshold classification is a very successful way to detect fraud [15]. However, in order to do triage successfully the thresholds have to be set correctly. Therefore, we present a method based on simulation to aid the user in accomplishing this, by simulating relevant fraud scenarios that are foreseeing as possible and expected, to calculate optimal threshold limits.
Our proposed method gives the advantage over arbitrary thresholds that it reduces the amount of labour needed on false positives and gives additional information, such as the total cost of a specific modelled fraud behaviour, to set up a proper triage process. With our method we argue that we contribute to the allocation of resources for further investigations by optimizing the thresholds for triage and estimating the possible total cost of fraud. Using this method we manage to keep the losses below a desired percentage of sales, which the manager considers acceptable for keeping the business properly running.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abe, N., Zadrozny, B., Langford, J.: Outlier detection by active learning. In: Proceedings of the 12th ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2006, p. 504 (2006)
Arora, R., Khan, A., Deyle, E.: The global retail theft barometer 2014, pp. 1–81. Checkpoint Systems Inc., Thorofare. Acedido em, p. 60 (2014)
Axelsson, S.: The base-rate fallacy and the difficulty of intrusion detection. ACM Transactions on Information and System Security (TISSEC) 3(3), 186–205 (2000)
Bovinet, J.: RETSIM: A Retail Simulation with a Small Business Perspective. West Pub. Co., Minneapolis/St. Paul (1993)
Chaczko, Z., Chiu, C.: A smart-shop system - multi-agent simulation system for monitoring retail activities. In: 20th European Modelling and Simulation Symposium, pp. 20–26 (2008)
Council, F.: Supplement to Authentication in an Internet Banking Environment, pp. 206–222 (2011). http://www.ffiec.gov/pdf/Auth-ITS-Final
E.C.B.: Recommendations for the Security of Internet Payments. Tech. Rep. January, European Central Bank (2013)
FBI: Ticket Switch Fraud Scheme at Home Depot (2013)
Gabbur, P., Pankanti, S., Fan, Q., Trinh, H.: A pattern discovery approach to retail fraud detection. In: Proceedings of the 17th ACM SIGKDD International Conference on Knowledge discovery and data mining, KDD 2011, p. 307 (2011)
Kargupta, H., Datta, S., Wang, Q.: On the privacy preserving properties of random data perturbation techniques. In: Third IEEE International Conference on Data Mining, pp. 99–106 (2003)
Lin, P., Samadi, B., Cipolone, A.: Development of a synthetic data set generator for building and testing information discovery systems. In: ITNG 2006, pp. 707–712. IEEE (2006)
Lopez-Rojas, E.A., Axelsson, S.: Money laundering detection using synthetic data. In: The 27th workshop of Swedish Artificial Intelligence Society (SAIS), pp. 33–40 (2012)
Lopez-Rojas, E.A., Axelsson, S.: Multi agent based simulation (MABS) of financial transactions for anti money laundering (AML). In: The 17th Nordic Conference on Secure IT Systems, pp. 25–32 (2012)
Lopez-Rojas, E.A., Axelsson, S., Gorton, D.: RetSim: A shoe store agent-based simulation for fraud detection. In: The 25th European Modeling and Simulation Symposium (2013). (Best Paper Award)
Lopez-Rojas, E.A., Gorton, D., Axelsson, S.: Using the RetSim Simulator for Fraud Detection Research. International Journal of Simulation and Process Modelling 10(2) (2015)
Lundin, E., Kvarnström, H., Jonsson, E.: A synthetic fraud data generation methodology. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 265–277. Springer, Heidelberg (2002)
Narayanan, A., Shmatikov, V.: De-anonymizing social networks. In: 2009 30th IEEE Symposium on Security and Privacy, pp. 173–187, May 2009
Phua, C., Lee, V., Smith, K., Gayler, R.: A comprehensive survey of data mining-based fraud detection research (2010). Arxiv preprint arXiv: 1009.6119
Schwaiger, A., Stahmer, B.: SimMarket: multiagent-based customer simulation and decision support for category management. In: Schillo, M., Klusch, M., Müller, J., Tianfield, H. (eds.) MATES 2003. LNCS (LNAI), vol. 2831, pp. 74–84. Springer, Heidelberg (2003)
Yannikos, Y., Franke, F., Winter, C., Schneider, M.: 3LSPG: forensic tool evaluation by three layer stochastic process-based generation of data. In: Sako, H., Franke, K.Y., Saitoh, S. (eds.) IWCF 2010. LNCS, vol. 6540, pp. 200–211. Springer, Heidelberg (2011)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Lopez-Rojas, E.A., Axelsson, S. (2015). Using the RetSim Fraud Simulation Tool to Set Thresholds for Triage of Retail Fraud. In: Buchegger, S., Dam, M. (eds) Secure IT Systems. NordSec 2015. Lecture Notes in Computer Science, vol 9417. Springer, Cham. https://doi.org/10.1007/978-3-319-26502-5_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-26502-5_11
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-26501-8
Online ISBN: 978-3-319-26502-5
eBook Packages: Computer ScienceComputer Science (R0)