Issue No. 03 - March (2012 vol. 24)
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TKDE.2010.262
Clifton Phua , Institute of Infocomm Research, Singapore
Kate Smith-Miles , Monash University, Melbourne
Vincent Cheng-Siong Lee , Monash University, Melbourne
Ross Gayler , Veda Advantage, Melbourne
Identity crime is well known, prevalent, and costly; and credit application fraud is a specific case of identity crime. The existing nondata mining detection system of business rules and scorecards, and known fraud matching have limitations. To address these limitations and combat identity crime in real time, this paper proposes a new multilayered detection system complemented with two additional layers: communal detection (CD) and spike detection (SD). CD finds real social relationships to reduce the suspicion score, and is tamper resistant to synthetic social relationships. It is the whitelist-oriented approach on a fixed set of attributes. SD finds spikes in duplicates to increase the suspicion score, and is probe-resistant for attributes. It is the attribute-oriented approach on a variable-size set of attributes. Together, CD and SD can detect more types of attacks, better account for changing legal behavior, and remove the redundant attributes. Experiments were carried out on CD and SD with several million real credit applications. Results on the data support the hypothesis that successful credit application fraud patterns are sudden and exhibit sharp spikes in duplicates. Although this research is specific to credit application fraud detection, the concept of resilience, together with adaptivity and quality data discussed in the paper, are general to the design, implementation, and evaluation of all detection systems.
Data mining-based fraud detection, security, data stream mining, anomaly detection.
Clifton Phua, Kate Smith-Miles, Vincent Cheng-Siong Lee, Ross Gayler, "Resilient Identity Crime Detection", IEEE Transactions on Knowledge & Data Engineering, vol. 24, no. , pp. 533-546, March 2012, doi:10.1109/TKDE.2010.262