What is it about?
By tracking user activity after they have logged into a web application, long-term users who "stumble around" or act with less certainty when navigating around are more likely to be fraudulent sessions. Finding fraud is a hard problem, and as victims are duped into handing over control of their computers more often, service providers are having a harder time identifying it without behavioral indicators.
Featured Image
Photo by Jefferson Santos on Unsplash
Why is it important?
If a user's computer is compromised by a remote attacker, typical indications of fraud, like new device detection or IP address changes may not work, since the attacker could be masquerading from the victim's own device. By using behavioral analysis like this, fraud could be identified even where other traditional detection methods do not raise an alarm.
Perspectives
Often, behavioral analytics use time-of-day or location indicators, but not true user behavioral tracking to discern when the user authenticating is the actual user or an attacker who has stolen a victim's username and password credentials. Behavioral analysis, as suggested by this research, is not a replacement for existing detection techniques, but rather it can supplement them to improve "true positive" fraud detection rates.
Mr. Sean Andrew McElroy
Dakota State University
Read the Original
This page is a summary of: Learning from learning: detecting account takeovers by identifying forgetful users, Computer Fraud & Security, January 2021, Mark Allen Group,
DOI: 10.1016/s1361-3723(21)00064-6.
You can read the full text:
Resources
Contributors
The following have contributed to this page
