论文信息 - Specification and Implementation of a Data Generator to Simulate Fraudulent User Behavior

Specification and Implementation of a Data Generator to Simulate Fraudulent User Behavior

Fraud is a widespread international problem for enterprises. Organizations increasingly use self-learning classifiers to detect fraud. Such classifiers need training data to successfully distinguish normal from fraudulent behavior. However, data containing authentic fraud scenarios is often not available for researchers. Therefore, we have implemented a data generation tool, which simulates fraudulent and non-fraudulent user behavior within the purchase-to-pay business process of an ERP system. We identified fraud scenarios from literature and implemented them as automated routines using SAP’s programming language ABAP. The data generated can be used to train fraud detection classifiers as well as to benchmark existing ones.

[1] Erland Jonsson,et al. Synthesizing test data for fraud detection systems , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..

[2] Erland Jonsson,et al. A Synthetic Fraud Data Generation Methodology , 2002, ICICS.

[3] Markus Schneider,et al. 3LSPG: Forensic Tool Evaluation by Three Layer Stochastic Process-Based Generation of Data , 2010, ICWF.

[4] J Luell. Employee fraud detection under real world conditions , 2010 .

[5] Rebecca T. Mercuri. On auditing audit trails , 2003, CACM.

[6] Alan R. Hevner,et al. Design Science in Information Systems Research , 2004, MIS Q..

[7] Saul Greenberg,et al. USING UNIX: COLLECTED TRACES OF 168 USERS , 1988 .

[8] George M. Mohay,et al. Fraud Detection in ERP Systems Using Scenario Matching , 2010, SEC.

[9] M. Porter. Competitive Advantage: Creating and Sustaining Superior Performance , 1985 .

[10] Richard T. Watson,et al. Analyzing the Past to Prepare for the Future: Writing a Literature Review , 2002, MIS Q..

[11] Shambhu J. Upadhyaya,et al. RACOON: rapidly generating user command data for anomaly detection from customizable template , 2004, 20th Annual Computer Security Applications Conference.

[12] Kymie M. C. Tan,et al. Benchmarking anomaly-based detection systems , 2000, Proceeding International Conference on Dependable Systems and Networks. DSN 2000.