Fraud detection using data mining

Pienaar, Abel Jacobus

10 February 2014

M.Com. (Computer Auditing) / Fraud is a major problem in South Africa and the world and organisations lose millions each year to fraud not being detected. Organisations can deal with the fraud that is known to them, but undetected fraud is a problem. There is a need for management, external- and internal auditors to detect fraud within an organisation. There is a further need for an integrated fraud detection model to assist managers and auditors to detect fraud. A literature study was done of authoritative textbooks and other literature on fraud detection and data mining, including the Knowledge Discovery Process in databases and a model was developed that will assist the manager and auditor to detect fraud in an organisation by using a technology called data mining which makes the process of fraud detection more efficient and effective.

Computer crimes

Forensic accounting

Data mining

Cyber crime affecting some businesses in South Africa

Herselman, Martha Elizabeth

January 2003

This study shows that cyber crime is a recent addition to the list of crimes that can adversely affect businesses directly of indirectly. This phenomenon was not directly prosecutable in South Africa until the enactment of the ECT Act in July 2002. However this Act also prevents businesses to fully prosecute a hacker due to incompleteness. Any kind of commercially related crime can be duplicated as cyber crime. Therefore very little research appears or has been documented about cyber crime in South African companies before 2003.11.21 The motivation to do this study was that businesses often loose millions in cyber attacks, not necessarily through direct theft but by the loss of service and damage to the image of the company. Most of the companies that were approached for interviews on cyber crime were reluctant to share the fact that they were hacked or that cyber crime occurred at their company as it violates their security policies and may expose their fragile security platforms. The purpose of this study was to attempt to get an overall view on how South African businesses are affected by cyber crime in the banking and short term insurance sector of the South African industry and also to determine what legislation exist in this country to protect them. The case study approach was used to determine the affect of cyber crime on businesses like banks and insurance companies. Each case was interviewed, monitored and was observed over a period of a year. This study discloses the evaluation of the results of how cyber crime affected the cases, which were part of this study. The banks felt that they were at an increased risk both externally and internally, which is likely to increase as the migration towards electronic commerce occurs. The insurance industry felt that they are not yet affected by external cyber crime attacks in this country.

Computer crimes

Business enterprises -- South Africa

DFMF : a digital forensic management framework

Grobler, Cornelia Petronella

22 August 2012

D.Phil.(Computer Science) / We are living in an increasingly complex world in which much of society is dependent on technology and its various offshoots and incarnations (Rogers & Siegfried, 2004). There is ample evidence of the influence of technology on our daily lives. We communicate via e-mail, use chat groups to interact and conduct business by using e-commerce. People relate each other’s existence to a presence on Facebook. The convergence of the products, systems and services of information technology is changing the way of living. The latest smart and cell phones have cameras, applications, and access to social networking sites. These phones contain sensitive information, for example photographs, e-mail, spread sheets, documents, and presentations. The loss of a cell phone therefore may pose a serious problem to an individual or an organisation, when considering privacy and intellectual property issues from an information security (Info Sec) perspective (Pieterse, 2006). Organisations have accepted the protection of information and information assets as a fundamental business requirement and managers are therefore implementing an increasing number of security counter measures, such as security policies, intrusion detection systems, access control mechanisms, and anti-virus products to protect the information and information assets from potential threats. However, incidents still occur, as no system is 100% secure. The incidents must be investigated to determine their root cause and potentially to prosecute the perpetrators (Louwrens, von Solms, Reeckie & Grobler, 2006b). Humankind has long been interested in the connection between cause and event, wishing to know what happened, what went wrong and why it happened. The need for computer forensics emerged when an increasing number of crimes were committed with the use of computers and the evidence required was stored on the computer. In 1984, a Federal Bureau of Investigation (FBI) laboratory began to examine computer evidence (Barayumureeba & Tushabe, 2004), and in 1991 the international association of computer investigation specialists (IACIS) in Portland, Oregon coined the term ‘computer forensics’ during a training session.

Computer crimes - Investigation

Forensic sciences

Computer forensics

Fundamental Demographics of Digital Piracy Offenders

Guerra, Chris

05 1900

Digital piracy is an emerging cybercrime subtype with overarching implications for administrators and researchers alike. Within this body of knowledge, it is unclear what individual-level factors are linked to digital piracy. Using a college-based sample, while focusing on gender, race, and age, this study identifies fundamental individual-level variables associated with digital piracy commission. After conducting multiple independent samples t-tests and a multivariate logistic regression, results found age and computer proficiency were significantly associated with the likelihood of engaging in digital piracy. These findings can help establish the foundational characteristics of digital pirates. By shifting the focus back to basic individual factors, universities can identify preventive efforts and researchers can better understand who engages in digital piracy.

Digital Piracy

Cybercrime

Computer crimes.

Criminals.

Perceptions of computer crime and cyber preparedness in the state of Florida & future policy

Henych, Mark

01 October 2003

No description available.

A formalised ontology for network attack classification

Van Heerden, Renier Pelser

January 2014

One of the most popular attack vectors against computers are their network connections. Attacks on computers through their networks are commonplace and have various levels of complexity. This research formally describes network-based computer attacks in the form of a story, formally and within an ontology. The ontology categorises network attacks where attack scenarios are the focal class. This class consists of: Denial-of- Service, Industrial Espionage, Web Defacement, Unauthorised Data Access, Financial Theft, Industrial Sabotage, Cyber-Warfare, Resource Theft, System Compromise, and Runaway Malware. This ontology was developed by building a taxonomy and a temporal network attack model. Network attack instances (also know as individuals) are classified according to their respective attack scenarios, with the use of an automated reasoner within the ontology. The automated reasoner deductions are verified formally; and via the automated reasoner, a relaxed set of scenarios is determined, which is relevant in a near real-time environment. A prototype system (called Aeneas) was developed to classify network-based attacks. Aeneas integrates the sensors into a detection system that can classify network attacks in a near real-time environment. To verify the ontology and the prototype Aeneas, a virtual test bed was developed in which network-based attacks were generated to verify the detection system. Aeneas was able to detect incoming attacks and classify them according to their scenario. The novel part of this research is the attack scenarios that are described in the form of a story, as well as formally and in an ontology. The ontology is used in a novel way to determine to which class attack instances belong and how the network attack ontology is affected in a near real-time environment.

Computer networks -- Security measures

Computer security

Computer crimes -- Investigation

Computer crimes -- Prevention

Cyberbullying: Responses of Adolescents and Parents toward Digital Aggression

Wong-Lo, Mickie

12 1900

Cyberbullying is a category of bullying that occurs in the digital realm which affects our students at astonishing rates. Unlike traditional bullying, where displays of aggression may be evident to bystanders, the ramification of cyberbullying occurs through unconventional ways (e.g., text messaging; online weblogs; video sharing), which results in many cases being camouflaged by the advancement in technology. Nonetheless, the effects of this digital form of peer aggression can be as detrimental as face-to-face bullying. The characteristics of cyberbullying and its influences on adolescents and parents of adolescents were examined. The data accrued is based on an anonymous survey through one of the following methods: (a) paper-pencil survey for adolescent group with 37-question items on the adolescent questionnaire and (b) web-based survey for the parent group with 22-question items on the parent questionnaire. Each survey was systematically coded according to the participating group and assigned code numbers (i.e., 1 represents adolescent group and 2 represents parent group) was provided to ensure confidentiality of the study. Survey examined individual variables among the two target groups: (a) adolescents between 13 and 17 years of age and (b) parents of adolescents between 13 and 17 years of age. Specifically, individual variables examined include (a) demographics, (b) personal experiences, (c) vicarious experiences, and (d) preventative resources. A total of 137 participants (62 adolescents; 75 parents) responded to the survey. Results indicated that 90% of the participants from the adolescent group have reported to experience either as victims or as bystanders of cyberbullying. In addition, 70% of the victims have been cyberbullied 1 to 2 times within a month period and 50% of the victims did not know the perpetrator. Secondly, 89% of parent participants indicated to be knowledgeable about the issues relating to cyberbullying and 89% reported to have no knowledge if their child has or has not been a victim of cyberbullying. Furthermore, qualitative findings of personal perspectives toward cyberbullying from each participating group are discussed. A review of literature is provided and results and analysis of the survey are discussed as well as recommendations for future research.

Cyberbullying.

responses

digital aggression

Bullying.

Computer crimes.

Internet and teenagers.

Information technology (IT) ethics : training and awareness materials for the Department of the Navy /

Senter, Jasper W. Thornton, Cayetano S.

January 2002

Thesis (M.S.)--Naval Postgraduate School, 2002. / Thesis advisor(s): Cynthia E. Irvine, Floyd Brock. Jasper W. Senter graduated in September, 2002; Cayetano S. Thornton graduated in June, 2002. Includes bibliographical references (p. 59-61). Also available online.

Cyberespionage 2010 : is the current status of espionage under international law applicable in cyberspace? /

Romero, Jorge H.

January 2001

Thesis (L.L.M.)--Georgetown University, Law Center, 2001. / "30 April 2001." Includes bibliographical references. Also available via the Internet.

Das System des Opferschutzes im Bereich des Cyber- und Internetstalking : rechtliche Reaktionsmöglichkeiten der Betroffenen /

Gerhold, Sönke.

January 2010

Thesis (doctoral)--Kiel, Universität, 2009. / Includes bibliographical references (p. 199-211).