IncidentResponseSim: An Agent-Based Simulation Tool for Risk Management of Online Fraud

IncidentResponseSim is a multi-agent-based simulation tool supporting risk management of online financial services, by performing a risk assessment of the quality of current countermeasures, in the light of the current and emerging threat environment. In this article, we present a set of simulations using incident response trees in combination with a quantitative model for estimating the direct economic consequences. The simulations generate expected fraud, and conditional fraud value at risk, given a specific fraud scenario. Additionally, we present how different trojan strategies result in different conditional fraud value at risk, given the underlying distribution of wealth in the online channel, and different levels of daily transaction limits. Furthermore, we show how these measures can be used together with return on security investment calculations to support decisions about future security investments.

[1]  Sean Luke,et al.  MASON: A Multiagent Simulation Environment , 2005, Simul..

[2]  Bruce Schneier,et al.  DIGITAL SECURITY IN A NETWORKED WORLD , 2013 .

[3]  Barbara Kordy,et al.  Foundations of Attack-Defense Trees , 2010, Formal Aspects in Security and Trust.

[4]  Dan Gorton,et al.  Modeling Fraud Prevention of Online Services Using Incident Response Trees and Value at Risk , 2015, 2015 10th International Conference on Availability, Reliability and Security.

[5]  Bruce Schneier,et al.  Secrets and Lies: Digital Security in a Networked World , 2000 .

[6]  G. Nigel Gilbert,et al.  Agent-Based Models , 2007 .

[7]  Sean Luke,et al.  MASON : A Multi-Agent Simulation Environment , 2008 .

[8]  Michael R. Grimaila,et al.  The Use of Attack and Protection Trees to Analyze Security for an Online Banking System , 2007, 2007 40th Annual Hawaii International Conference on System Sciences (HICSS'07).

[9]  John A. Sokolowski,et al.  Probabilistic Risk Analysis and Terrorism Risk , 2010, Risk analysis : an official publication of the Society for Risk Analysis.

[10]  Thierry Roncalli,et al.  Loss Distribution Approach in Practice , 2007 .

[11]  R.F. Mills,et al.  Using Attack and Protection Trees to Analyze Threats and Defenses to Homeland Security , 2006, MILCOM 2006 - 2006 IEEE Military Communications conference.

[12]  Stefan Axelsson,et al.  Using the RetSim simulator for fraud detection research , 2015, Int. J. Simul. Process. Model..

[13]  Dan Gorton Using incident response trees as a tool for risk management of online financial services. , 2014, Risk analysis : an official publication of the Society for Risk Analysis.

[14]  Sjouke Mauw,et al.  Foundations of Attack Trees , 2005, ICISC.

[15]  M. Elisabeth Paté-Cornell,et al.  Fault Trees vs. Event Trees in Reliability Analysis , 1984 .

[16]  Stefan Axelsson,et al.  BankSim: a bank payments simulator for fraud detection research , 2014 .

[17]  Cormac Herley,et al.  Phishing and money mules , 2010, 2010 IEEE International Workshop on Information Forensics and Security.