Fraud detection: a graph based anomaly detection approach

<p>Advances in communication and digital technologies have created a highly connected world through a plethora of networks, such as social media, e-commerce, industry trading, telecommunication, banking, social communication and insurance. The relentless growth of such networks has provided opportunities for criminals to infiltrate and manipulate them for their own benefits, creating serious threats to physical, social, economic and cyber domains. Given the magnitude of the financial, social and emotional damages these threats could bring, robust fraud detection methods and algorithms are needed to enable law enforcement agencies to detect these potentially destructive activities before they erupt.</p> <p>Crime is an inherently social behaviour. Understanding the organisation of social networks and their embedded patterns of social relationships is a key step in the analysis of criminal behaviours. In recent years, there has been extensive refinement and development of network analysis methods within criminology. Network analysis, which includes different statistical, mathematical, machine learning techniques, has proven to be capable of providing deep insights into the structural and dynamic characteristics of different types of networks. Such insights could expose information about individuals and their interactions with others within the network, providing valuable data to flag possible embedded anomalies as potential deviant activities.</p> <p>Graph-based anomaly detection (GBAD) approaches are among such robust and reliable machine learning techniques capable of unearthing relational patterns of social network of individuals and their social ties (network connections). These techniques have been extensively used by researchers and law enforcement experts to detect deviant activities.</p> <p>The major challenge in the use of GBAD approaches to detecting a deviant behaviour is analysing users' connectivity patterns over time owing to the multiplex nature of human interactions. To avoid being detected, criminals tend to preserve secrecy by spreading their deceptive activities over different time periods and actively concealing their networking information by engaging in different types of activities. This research addresses this challenge in social networks by developing three GBAD-based algorithms to extract structural features from network connectivity patterns to detect deviant activities. It draws on the tenets of five criminological theories-rational choice theory, routine activity theory, crime pattern theory, differential association theory and social disorganisation theory-to provide the substantive base for developing the algorithms using the design science research (DSR) methodology. The efficacy of the proposed algorithms is evaluated using real-world data, and the results are compared with extant state-of-the-art algorithms in fraud detection. The experimental results of the developed algorithms indicate that they generate practically useful solutions in different application contexts.</p> <p>This thesis makes significant contributions to both theory and practice by providing solutions for detecting suspicious activities in multiplex (or multi-layer) time-evolving networks and covert communities within multi-layer criminal networks. The implementation of the proposed algorithms provides fraud investigators and law enforcement agencies with a promising list of likely suspects to productively start their investigations.</p>