Financial technology, or Fintech, represents an emerging industry on the global market. With online transactions on the rise, the use of IT for automation of financial services is of increasing importance. Fintech enables institutions to deliver services to customers worldwide on a 24/7 basis. Its services are often easy to access and enable customers to perform transactions in real-time. In fact, advantages such as these make Fintech increasingly popular among clients. However, since Fintech transactions are made up of information, ensuring security becomes a critical issue. Vulnerabilities in such systems leave them exposed to fraudulent acts, which cause severe damage to clients and providers alike. For this reason, techniques from the area of Machine Learning (ML) are applied to identify anomalies in Fintech applications. They target suspicious activity in financial datasets and generate models in order to anticipate future frauds. We contribute to this important issue and provide an evaluation on anomaly detection methods for this matter. Experiments were conducted on several fraudulent datasets from real-world and synthetic databases, respectively. The obtained results confirm that ML methods contribute to fraud detection with varying success. Therefore, we discuss the effectiveness of the individual methods with regard to the detection rate. In addition, we provide an analysis on the influence of selected features on their performance. Finally, we discuss the impact of the observed results for the security of Fintech applications in the future.
Smart Grids (SGs) represent electrical power systems that incorporate increased information processing and efficient technological solutions. The integration of local prosumers, demand response systems and storage allows novel possibilities with regard to energy balancing and optimization of grid operations. Unfortunately, the dependence on IT leaves the SG exposed to security violations. In this paper, we contribute to this challenge and provide a methodology for systematic risk assessment of cyber attacks in SG systems. We propose a threat model and identify possible vulnerabilities in low-voltage distribution grids. Then, we calculate exploitation probabilities from realistic attack scenarios. Lastly, we apply formal verification to check the stochastic model against attack properties. The obtained results provide insight into potential threats and the likeliness of successful attacks. We elaborate on the effects of a security violation with regard to security and privacy of energy clients. In the aftermath, we discuss future considerations for improving security in the critical energy sector.
In the face of emerging technological achievements, cyber security remains a significant issue. Despite the new possibilities that arise with such development, these do not come without a drawback. Attackers make use of the new possibilities to take advantage of possible security defects in new systems. Advanced-persistent-threat (APT) attacks represent sophisticated attacks that are executed in multiple steps. In particular, network systems represent a common target for APT attacks where known or yet undiscovered vulnerabilities are exploited. For this reason, intrusion detection systems (IDS) are applied to identify malicious behavioural patterns in existing network datasets. In recent times, machine-learning (ML) algorithms are used to distinguish between benign and anomalous activity in such datasets. The application of such methods, especially autoencoders, has received attention for achieving good detection results for APT attacks. This paper builds on this fact and applies several autoencoder-based methods for the detection of such attack patterns in two datasets created by combining two publicly available benchmark datasets. In addition to that, statistical analysis is used to determine features to supplement the anomaly detection process. An anomaly detector is implemented and evaluated on a combination of both datasets, including two experiment instances–APT-attack detection in an independent test dataset and in a zero-day-attack test dataset. The conducted experiments provide promising results on the plausibility of features and the performance of applied algorithms. Finally, a discussion is provided with suggestions of improvements in the anomaly detector.
The digitalisation of finance influenced the emergence of new technological concepts for existing user needs. Financial technology, or fintech, provides improved services for customers and new economic value for businesses. As such, fintech services require on-demand availability on a 24/7 basis. For this reason, they are often deployed in cloud environments that allow connectivity with ubiquitous devices. This allows customers to perform online transactions, which are overseen by the respective financial institutions. However, such cloud-based systems introduce new challenges for information security. On one hand, they represent attractive targets for cyberattacks. On the other, financial frauds can still go unnoticed by the financial institutions in charge. This paper contributes to both challenges by introducing the concept for a cloud-based system architecture for fraud detection and client profiling in the banking domain. Therefore, a systematic risk assessment was conducted in this context, and exploitation probabilities were inferred for multiple attack scenarios. In addition, formal verification was accomplished in order to determine the effects of successful vulnerability exploits. The consequences of such security violations are discussed, and considerations are given for improving the resilience of fintech systems.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.