Learning-based Attack and Defense on Recommender Systems

Agnideven Palanisamy Sundar (11190282)

06 August 2021

The internet is the home for massive volumes of valuable data constantly being created, making it difficult for users to find information relevant to them. In recent times, online users have been relying on the recommendations made by websites to narrow down the options. Online reviews have also become an increasingly important factor in the final choice of a customer. Unfortunately, attackers have found ways to manipulate both reviews and recommendations to mislead users. A Recommendation System is a special type of information filtering system adapted by online vendors to provide suggestions to their customers based on their requirements. Collaborative filtering is one of the most widely used recommendation systems; unfortunately, it is prone to shilling/profile injection attacks. Such attacks alter the recommendation process to promote or demote a particular product. On the other hand, many spammers write deceptive reviews to change the credibility of a product/service. This work aims to address these issues by treating the review manipulation and shilling attack scenarios independently. For the shilling attacks, we build an efficient Reinforcement Learning-based shilling attack method. This method reduces the uncertainty associated with the item selection process and finds the most optimal items to enhance attack reach while treating the recommender system as a black box. Such practical online attacks open new avenues for research in building more robust recommender systems. When it comes to review manipulations, we introduce a method to use a deep structure embedding approach that preserves highly nonlinear structural information and the dynamic aspects of user reviews to identify and cluster the spam users. It is worth mentioning that, in the experiment with real datasets, our method captures about 92\% of all spam reviewers using an unsupervised learning approach.<br>

Computer System Security

Computer Communications Networks

Recommender Systems

Machine Learning

Deep Learning

Reinforcement Learning

Fraud Detection

Fake Reviews

Shilling Attacks

Graph Embedding

Multi-Armed Bandits

Insurance Fraud Detection using Unsupervised Sequential Anomaly Detection / Detektion av försäkringsbedrägeri med oövervakad sekvensiell anomalitetsdetektion

Hansson, Anton, Cedervall, Hugo

January 2022

Fraud is a common crime within the insurance industry, and insurance companies want to quickly identify fraudulent claimants as they often result in higher premiums for honest customers. Due to the digital transformation where the sheer volume and complexity of available data has grown, manual fraud detection is no longer suitable. This work aims to automate the detection of fraudulent claimants and gain practical insights into fraudulent behavior using unsupervised anomaly detection, which, compared to supervised methods, allows for a more cost-efficient and practical application in the insurance industry. To obtain interpretable results and benefit from the temporal dependencies in human behavior, we propose two variations of LSTM based autoencoders to classify sequences of insurance claims. Autoencoders can provide feature importances that give insight into the models' predictions, which is essential when models are put to practice. This approach relies on the assumption that outliers in the data are fraudulent. The models were trained and evaluated on a dataset we engineered using data from a Swedish insurance company, where the few labeled frauds that existed were solely used for validation and testing. Experimental results show state-of-the-art performance, and further evaluation shows that the combination of autoencoders and LSTMs are efficient but have similar performance to the employed baselines. This thesis provides an entry point for interested practitioners to learn key aspects of anomaly detection within fraud detection by thoroughly discussing the subject at hand and the details of our work. / <p>Gjordes digitalt via Zoom. </p>

Insurance Fraud Detection

Anomaly Detection

Long Short-Term Memory Networks (LSTM)

Unsupervised Learning

Autoencoder (AE)

Variational Autoencoder (VAE)

Interpretable Machine Learning

Feature Engineering

Feature Selection

Feature Importance

Computer Sciences

Datavetenskap (datalogi)

適用於財務舞弊偵測之決策支援系統的對偶方法 / A dual approach for decision support in financial fraud detection

黃馨瑩, Huang, Shin Ying

Unknown Date

增長層級式自我組織映射網路(GHSOM)屬於一種非監督式類神經網路，為自我組織映射網路(SOM)的延伸，擅長於對樣本分群，以輔助分析樣本族群裡的共同特徵，並且可以透過族群間存在的空間關係假設來建立分類器，進而辨別出異常的資料。 因此本研究提出一個創新的對偶方法(即為一個建立決策支援系統架構的方法)分別對舞弊與非舞弊樣本分群，首先兩類別之群組會被配對，即辨識某一特定無弊群體的非舞弊群體對照組，針對這些配對族群，套用基於不同空間假設所設立的分類規則以檢測舞弊與非舞弊群體中是否有存在某種程度的空間關係，此外並對於舞弊樣本的分群結果加入特徵萃取機制。分類績效最好的分類規則會被用來偵測受測樣本是否有舞弊的嫌疑，萃取機制的結果則會用來標示有舞弊嫌疑之受測樣本的舞弊行為特徵以及相關的輸入變數，以做為後續的決策輔助。 更明確地說，本研究分別透過非舞弊樣本與舞弊樣本建立一個非舞弊GHSOM樹以及舞弊GHSOM樹，且針對每一對GHSOM群組建立分類規則，其相應的非舞弊/舞弊為中心規則會適應性地依循決策者的風險偏好最佳化調整規則界線，整體而言較優的規則會被決定為分類規則。非舞弊為中心的規則象徵絕大多數的舞弊樣本傾向分布於非舞弊樣本的周圍，而舞弊為中心的規則象徵絕大多數的非舞弊樣本傾向分布於舞弊樣本的周圍。 此外本研究加入了一個特徵萃取機制來發掘舞弊樣本分群結果中各群組之樣本資料的共同特質，其包含輸入變數的特徵以及舞弊行為模式，這些資訊將能輔助決策者(如資本提供者)評估受測樣本的誠實性，輔助決策者從分析結果裡做出更進一步的分析來達到審慎的信用決策。 本研究將所提出的方法套用至財報舞弊領域(屬於財務舞弊偵測的子領域)進行實證，實驗結果證實樣本之間存在特定的空間關係，且相較於其他方法如SVM、SOM+LDA和GHSOM+LDA皆具有更佳的分類績效。因此顯示本研究所提出的機制可輔助驗證財務相關數據的可靠性。此外，根據SOM的特質，即任何受測樣本歸類到某特定族群時，該族群訓練樣本的舞弊行為特徵將可以代表此受測樣本的特徵推論。這樣的原則可以用來協助判斷受測樣本的可靠性，並可供持續累積成一個舞弊知識庫，做為進一步分析以及制定相關信用決策的參考。本研究所提出之基於對偶方法的決策支援系統架構可以被套用到其他使用財務數據為資料來源的財務舞弊偵測情境中，作為輔助決策的基礎。 / The Growing Hierarchical Self-Organizing Map (GHSOM) is extended from the Self-Organizing Map (SOM). The GHSOM’s unsupervised learning nature such as the adaptive group size as well as the hierarchy structure renders its availability to discover the statistical salient features from the clustered groups, and could be used to set up a classifier for distinguishing abnormal data from regular ones based on spatial relationships between them. Therefore, this study utilizes the advantage of the GHSOM and pioneers a novel dual approach (i.e., a proposal of a DSS architecture) with two GHSOMs, which starts from identifying the counterparts within the clustered groups. Then, the classification rules are formed based on a certain spatial hypothesis, and a feature extraction mechanism is applied to extract features from the fraud clustered groups. The dominant classification rule is adapted to identify suspected samples, and the results of feature extraction mechanism are used to pinpoint their relevant input variables and potential fraud activities for further decision aid. Specifically, for the financial fraud detection (FFD) domain, a non-fraud (fraud) GHSOM tree is constructed via clustering the non-fraud (fraud) samples, and a non-fraud-central (fraud-central) rule is then tuned via inputting all the training samples to determine the optimal discrimination boundary within each leaf node of the non-fraud (fraud) GHSOM tree. The optimization renders an adjustable and effective rule for classifying fraud and non-fraud samples. Following the implementation of the DSS architecture based on the proposed dual approach, the decision makers can objectively set their weightings of type I and type II errors. The classification rule that dominates another is adopted for analyzing samples. The dominance of the non-fraud-central rule leads to an implication that most of fraud samples cluster around the non-fraud counterpart, meanwhile the dominance of fraud-central rule leads to an implication that most of non-fraud samples cluster around the fraud counterpart. Besides, a feature extraction mechanism is developed to uncover the regularity of input variables and fraud categories based on the training samples of each leaf node of a fraud GHSOM tree. The feature extraction mechanism involves extracting the variable features and fraud patterns to explore the characteristics of fraud samples within the same leaf node. Thus can help decision makers such as the capital providers evaluate the integrity of the investigated samples, and facilitate further analysis to reach prudent credit decisions. The experimental results of detecting fraudulent financial reporting (FFR), a sub-field of FFD, confirm the spatial relationship among fraud and non-fraud samples. The outcomes given by the implemented DSS architecture based on the proposed dual approach have better classification performance than the SVM, SOM+LDA, GHSOM+LDA, SOM, BPNN and DT methods, and therefore show its applicability to evaluate the reliability of the financial numbers based decisions. Besides, following the SOM theories, the extracted relevant input variables and the fraud categories from the GHSOM are applicable to all samples classified into the same leaf nodes. This principle makes that the extracted pre-warning signal can be applied to assess the reliability of the investigated samples and to form a knowledge base for further analysis to reach a prudent decision. The DSS architecture based on the proposed dual approach could be applied to other FFD scenarios that rely on financial numbers as a basis for decision making.

增長層級式自我組織映射網路

非監督式類神經網路

分類

財務舞弊偵測

財務報表舞弊

Growing Hierarchical Self-Organizing Map

Unsupervised Neural Networks

Classification

Financial Fraud Detection

Fraudulent Financial Reporting

Aplicação de inteligência computacional na resolução de problemas de sistemas elétricos de potência /

Lopez Sepulveda, Gloria Patricia.

January 2017

Orientador: Marcos Julio Rider Flores / Resumo: Nesta tese são utilizados algoritmos de Inteligência Computacional para resolver quatro problemas da área de sistemas elétricos de potência, com o intuito de automatizar a tomada de decisões em processos que normalmente são realizados por especialistas humanos ajudados de métodos computacionais clássicos. Nesta tese são utilizados os algoritmos de aprendizado de máquina: árvores de decisão, redes neurais artificiais e máquinas de vetor de suporte, para realizar o processo de aprendizado dos sistemas inteligentes e para realizar a mineração de dados. Estes algoritmos podem ser treinados a partir das medições disponíveis e ações registradas nos centros de controle dos sistemas de potência. Sistemas Inteligentes foram utilizados para realizar: a) o controle centralizado Volt-VAr em modernos sistemas de distribuição de energia elétrica em tempo real usando medições elétricas; b) a detecção de fraudes nas redes de distribuição de energia elétrica realizando um processo de mineração de dados para estabelecer padrões de consumo que levem a possíveis clientes fraudadores; c) a localização de faltas nos sistemas de transmissão de energia elétrica automatizando o processo de localização e ajudando para que uma ação de controle da falta seja realizada de forma rápida e eficiente; e d) a coordenação de carga inteligente de veículos elétricos e dispositivos de armazenamento em tempo real utilizando a tecnologia V2G, nos sistemas de distribuição de energia elétrica a partir de medições elé... (Resumo completo, clicar acesso eletrônico abaixo) / Abstract: In this thesis Computational Intelligence algorithms are used to solve four problems of the area of power electrical systems, in order to automate decision making in processes that are usually performed by human experts aided by classical computational methods. In this thesis the machine learning algorithms are used: decision trees, artificial neural networks and support vector machines to carry out the learning process of Intelligent Systems and to perform Data Mining. These algorithms are trained from the available measurements and actions recorded in the control centers of the systems. Intelligent Systems were used to perform: a) the centralized control Volt-VAr in modern systems of distribution of electrical energy in real time using electrical measurements; b) detection of fraud in electricity distribution networks by performing a data mining process to establish patterns of consumption that lead to possible fraudulent customers; c) fault location in electric power transmission systems by automating the localization process and helping to ensure that a fault control action is performed quickly and efficiently; and d) coordination of intelligent charging of electric vehicles and storage devices using V2G technology in real-time, in electric power distribution systems using electrical measurements. For the centralized control problem Volt-VAr was tested in 42-node distribution system, for the problem of loading electric vehicles and storage devices the tests were performed... (Complete abstract click electronic access below) / Doutor

Aprendizado de máquina

Arvores de decisão.

Carregamento de veículos elétricos

Controle centralizado Volt-VAr

Detecção de fraudes

Inteligência computacional

Localização de faltas

Máquinas de vetor de suporte

Mineração de dados

Redes neurais artificiais

Sistemas inteligentes

Redes neurais (Computação)

Intelligent systems

Centralized control Volt-VAr

Computational intelligence

Data mining

Decision trees

Fault location

Fraud detection

Loading of electric vehicles

Machine learning

Support vector machines