THE CONCEPT OF CREATING AN EXPERT SYSTEM FOR EARLY DIAGNOSTIC SIGNALS OF SUSPICIOUS ACTIVITIES OF FINANCIAL INSTITUTION EMPLOYEES
Abstract
The article is devoted to creating an expert system for early diagnosis of employees' suspicious activity in financial institutions. The work argues the relevance of this direction in the modern world, where financial organizations face various risks and challenges. The literature review revealed insufficient scientific research on this problem due to restrictions on public access and disclosure of commercial secrets regarding the cyber security of financial institutions. Developing an expert system requires a comprehensive approach and consideration of various factors that affect the financial sector, as well as including the specifics of insider behaviour. The article provides a detailed overview of the concept based on ten key stages of developing an expert system. The first stage is related to defining the purpose and scope and includes the main goals and objectives of the system, functions, users, requirements and limitations. The second implements input data collection based on their format, structure, sources, validation, confidentiality, etc. Data preparation and cleaning refers to procedures for working with data necessary to operate an expert system. The technology selection stage involves using various tools and programming environments to ensure the expert system's efficiency and reliability. The model development stage is the most difficult, as it is critical to detecting suspicious insider activity and requires constant improvement based on new data and expanding their functionality. The machine learning and model training set describes the relevant procedures and requires regular system training and adaptation to new threats. Integration with advanced machine learning technologies and natural language processing is necessary for developing an expert system, as it allows obtaining information from various subsystems of the corporate system in a financial institution. The testing and validation stage will guarantee the correctness of the expert system. Implementation and monitoring are stages of the expert system's implementation in a financial institution's life. Learning and adaptation allow the system to be dynamic and adapt to internal and external conditions.
References
Jarrah O. M. A., Ayoub M. A., Jararweh Y. Hierarchical detection of insider attacks in cloud computing systems. International Journal of Information and Computer Security. 2017. Vol. 9, no. 1/2. P. 85. DOI: https://doi.org/10.1504/ijics.2017.082840
Dhanya D., Kathir I., Kuchipudi R., Thamarai I., Kumar E. R. Intrusion detection system using soft computing techniques in 5G communication systems. In Artificial Intelligence, Blockchain, Computing and Security Volume 1. CRC Press, 2023. P. 574–579.
Pradeepthi K. V., Kannan A. Cloud Attack Detection with Intelligent Rules. KSII Transactions on Internet & Information Systems. 2015. Vol. 9(10). P. 4204–4222. DOI: https://doi.org/10.3837/tiis.2015.10.025
Rauf U., Mohsen F., Wei Z. A Taxonomic Classification of Insider Threats: Existing Techniques, Future Directions & Recommendations. Journal of Cyber Security and Mobility. 2023. Vol. 12(2). Р. 221–252. DOI: https://doi.org/10.13052/jcsm2245-1439.1225
Chen R. C., Cheng K. F., Hsieh C. C. Using Fuzzy Neural Networks and rule heuristics for anomaly intrusion detection on database connection. In 2008 International Conference on Machine Learning and Cybernetics. IEEE. 2008. Vol. 6. P. 3607–3612. DOI: https://doi.org/10.1109/ICMLC.2008.4621030
D'Ambrosio N., Perrone G., Romano S. P. Including Insider Threats into Risk Management through Bayesian Threat Graph Networks. Computers & Security. 2023. P. 103410. DOI: https://doi.org/10.1016/j.cose.2023.103410
Dass M., Cannady J., Potter W. D. A blackboard-based learning intrusion detection system: a new approach. In Chung, P.W.H., Hinde, C., Ali, M. (eds) Developments in Applied Artificial Intelligence. IEA/AIE 2003. Lecture Notes in Computer Science(), vol 2718. Springer, Berlin, Heidelberg. 2003. P. 385–390. DOI: https://doi.org/10.1007/3-540-45034-3_39
Aleman-Meza B., Burns P., Eavenson M., Palaniswami D., Sheth A. An ontological approach to the document access problem of insider threat. In Kantor, P., et al. Intelligence and Security Informatics. ISI 2005. Lecture Notes in Computer Science, vol 3495. Springer, Berlin, Heidelberg. 2005. P. 486–491. DOI: https://doi.org/10.1007/11427995_47
Schäffer E., Shafiee S., Mayr A., Franke J. A strategic approach to improve the development of use-oriented knowledge-based engineering configurators (KBEC). Procedia CIRP. 2021. Vol. 96. P. 219–224. DOI: https://doi.org/10.1016/j.procir.2021.01.078
Kunz M., Hummer M., Fuchs L., Netter M., Pernul G. Analyzing recent trends in enterprise identity management. In 2014 25th international workshop on database and expert systems applications. IEEE. 2014. P. 273–277. DOI: https://doi.org/10.1109/DEXA.2014.62
Jarrah, O. M. A., Ayoub, M. A., & Jararweh, Y. (2017). Hierarchical detection of insider attacks in cloud computing systems. International Journal of Information and Computer Security, 9(1/2), 85. DOI: https://doi.org/10.1504/ijics.2017.082840
Dhanya, D., Kathir, I., Kuchipudi, R., Thamarai, I., & Kumar, E. R. (2023). Intrusion detection system using soft computing techniques in 5G communication systems. In Artificial Intelligence, Blockchain, Computing and Security Volume 1. (pp. 574–579). CRC Press.
Pradeepthi, K. V., & Kannan, A. (2015). Cloud Attack Detection with Intelligent Rules. KSII Transactions on Internet & Information Systems, 9(10), 4204–4222. DOI: https://doi.org/10.3837/tiis.2015.10.025
Rauf, U., Mohsen, F., & Wei, Z. (2023). A Taxonomic Classification of Insider Threats: Existing Techniques, Future Directions & Recommendations. Journal of Cyber Security and Mobility, 12(2), 221–252. DOI: https://doi.org/10.13052/jcsm2245-1439.1225
Chen, R. C., Cheng, K. F., & Hsieh, C. C. (2008). Using Fuzzy Neural Networks and rule heuristics for anomaly intrusion detection on database connection. In 2008 International Conference on Machine Learning and Cybernetics. (Vol. 6., pp. 3607–3612.). IEEE. DOI: https://doi.org/10.1109/ICMLC.2008.4621030
D'Ambrosio, N., Perrone, G., & Romano, S. P. (2023). Including Insider Threats into Risk Management through Bayesian Threat Graph Networks. Computers & Security, 103410. DOI: https://doi.org/10.1016/j.cose.2023.103410
Dass, M., Cannady, J., & Potter, W. D. (2003). A blackboard-based learning intrusion detection system: a new approach. In Chung, P.W.H., Hinde, C., Ali, M. (eds) Developments in Applied Artificial Intelligence. IEA/AIE 2003. Lecture Notes in Computer Science(), vol 2718. (pp. 385–390). Springer, Berlin, Heidelberg. DOI: https://doi.org/10.1007/3-540-45034-3_39
Aleman-Meza, B., Burns, P., Eavenson, M., Palaniswami, D., & Sheth, A. (2005). An ontological approach to the document access problem of insider threat. In Kantor, P., et al. Intelligence and Security Informatics. ISI 2005. Lecture Notes in Computer Science, vol 3495. (pp. 486–491). Springer, Berlin, Heidelberg. DOI: https://doi.org/10.1007/11427995_47
Schäffer, E., Shafiee, S., Mayr, A., & Franke, J. (2021). A strategic approach to improve the development of use-oriented knowledge-based engineering configurators (KBEC). Procedia CIRP, 96, 219–224. DOI: https://doi.org/10.1016/j.procir.2021.01.078
Kunz, M., Hummer, M., Fuchs, L., Netter, M., & Pernul, G. (2014, September). Analyzing recent trends in enterprise identity management. In 2014 25th international workshop on database and expert systems applications. (pp. 273–277). IEEE. DOI: https://doi.org/10.1109/DEXA.2014.62
This work is licensed under a Creative Commons Attribution 4.0 International License.
