How to Fight Fraud with Splunk
-
Upload
khangminh22 -
Category
Documents
-
view
1 -
download
0
Transcript of How to Fight Fraud with Splunk
© 2 0 2 0 S P L U N K I N C .
© 2 0 2 0 S P L U N K I N C .
How to Fight Fraud with SplunkFight, Flight, or Freeze?
Matthew J Joseff, CFEAPAC Director of Specialization | Splunk
Haider Al-SeaidyFinancial Services Industry Specialist | Splunk
During the course of this presentation, we may make forward‐looking statements regarding future events or plans of the company. We caution you that such statements reflect our current expectations and estimates based on factors currently known to us and that actual events or results may differ materially. The forward-looking statements made in the this presentation are being made as of the time and date of its live presentation. If reviewed after its live presentation, it may not contain current or accurate information. We do not assume any obligation to update any forward‐looking statements made herein.
In addition, any information about our roadmap outlines our general product direction and is subject to change at any time without notice. It is for informational purposes only, and shall not be incorporated into any contract or other commitment. Splunk undertakes no obligation either to develop the features or functionalities described or to include any such feature or functionality in a future release.
Splunk, Splunk>, Data-to-Everything, D2E and Turn Data Into Doing are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names or trademarks belong to their respective owners. © 2020 Splunk Inc. All rights reserved
Forward-LookingStatements
© 2 0 2 0 S P L U N K I N C .
AgendaStrap in, folks!
“The greatest trick the devil ever pulled was convincing the world he didn't exist.”– Roger "Verbal" Kint
1) Modern FraudWhat does fraud look like today?
2) Machine & Deep LearningMachines do not rationalize
3) SolutionsBringing it all together
4) DemonstrationData in action
5) Call to ActionGet your QR Code Reader ready
© 2 0 2 0 S P L U N K I N C .
Modern FraudThe numbers
$-
$10.00
$20.00
$30.00
$40.00
$50.00
$60.00
Wire Fraud Credit Card Online Mortgage Identity Auto Check Synthetic ATO
Cos
t
Type
$170 Billion Annually
Sources: Frank McKenna (frankonfraud.com), PointPredictive, Nilson, Juniper, CoreLogic, Javelin, ABA, Auriemma
© 2 0 2 0 S P L U N K I N C .
Modern FraudThe Numbers
Sources: Frank McKenna (frankonfraud.com), PointPredictive, Nilson, Juniper, CoreLogic, Javelin, ABA, Auriemma
$-
$10.00
$20.00
$30.00
$40.00
$50.00
$60.00
Wire Fraud Credit Card Online Mortgage Identity Auto Check Synthetic ATO
Cos
t
Type
$170 Billion Annually ! USD $1 = USD $3.50 of cost
! 60%+ Sophisticated Attacks
! 330% Human Attacks
! 58% Spoofing
© 2 0 2 0 S P L U N K I N C .
Fraud Detection Rules“Learn the rules like a pro, so you can break them like an artist.”― Pablo Picasso
© 2 0 2 0 S P L U N K I N C .
Fraud Detection TypesData mining & analysis
Known Bad Events
Trend Anomalies
Frequency Anomalies
© 2 0 2 0 S P L U N K I N C .
Fraud Detection TypesData mining & analysis
Known Bad Events
Trend Anomalies
Frequency Anomalies
Peer Group Deviations
Sequencing
Impossible Combinations
© 2 0 2 0 S P L U N K I N C .
Fraud Detection TypesData mining & analysis
Known Bad Events
Trend Anomalies
Frequency Anomalies
Peer Group Deviations
Sequencing
Impossible Combinations
Improbable Event
Privileged Record Changes
Duplicate Analysis
© 2 0 2 0 S P L U N K I N C .
Fraud Detection TypesData mining & analysis
Known Bad Events
Trend Anomalies
Frequency Anomalies
Peer Group Deviations
Sequencing
Impossible Combinations
Improbable Event
Privileged Record Changes
Duplicate Analysis
Historic Comparison
Connected Parties
Distraction Analysis
© 2 0 2 0 S P L U N K I N C .
Machines do not rationalize, feel pressure, or experience “opportunity”
This Photo by Unknown Author is licensed under CC BY-NC
© 2 0 2 0 S P L U N K I N C .
Visual intake (Camera/Sight)
Movement
Natural language processing (NLP)– Text to speech– Speech to text
This Photo by Unknown Author is licensed under CC BY-NC
© 2 0 2 0 S P L U N K I N C .
Three Basic Models
No labels (Clustering)
Relationships (Classification)
Neural Network(GPU intense)
Unsupervised Supervised Deep
Resistance is futile
© 2 0 2 0 S P L U N K I N C .
Malware Detection
Fraud Solution Capabilities
• Splunk Enterprise
• Enterprise Security SIEM
• Security Essentials
© 2 0 2 0 S P L U N K I N C .
Bot DetectionMalware Detection
Fraud Solution Capabilities
• Advanced Analytics
• MLTK• DLTK
• Splunk Enterprise
• Enterprise Security SIEM
• Security Essentials
© 2 0 2 0 S P L U N K I N C .
Behavioural AnalyticsBot DetectionMalware
Detection
Fraud Solution Capabilities
• Fraud Rules• Modelling• Baselining• Risk Scoring• Peer Group
Analytics
• Advanced Analytics
• MLTK• DLTK
• Splunk Enterprise
• Enterprise Security SIEM
• Security Essentials
© 2 0 2 0 S P L U N K I N C .
Digital Journey
Behavioural AnalyticsBot DetectionMalware
Detection
Fraud Solution Capabilities
• Time Series Database
• Transaction Command
• Visualisation
• Fraud Rules• Modelling• Baselining• Risk Scoring• Peer Group
Analytics
• Advanced Analytics
• MLTK• DLTK
• Splunk Enterprise
• Enterprise Security SIEM
• Security Essentials
© 2 0 2 0 S P L U N K I N C .
Device Telemetry
Digital Journey
Behavioural AnalyticsBot DetectionMalware
Detection
Fraud Solution Capabilities
• UF• HEC• Signal FX• DSP
• Time Series Database
• Transaction Command
• Visualisation
• Fraud Rules• Modelling• Baselining• Risk Scoring• Peer Group
Analytics
• Advanced Analytics
• MLTK• DLTK
• Splunk Enterprise
• Enterprise Security SIEM
• Security Essentials
© 2 0 2 0 S P L U N K I N C .
Device Telemetry
Digital Journey
Behavioural AnalyticsBot DetectionMalware
Detection
• UF• HEC• Signal FX• DSP
• Time Series Database
• Transaction Command
• Visualisation
• Fraud Rules• Modelling• Baselining• Risk Scoring• Peer Group
Analytics
• Advanced Analytics
• MLTK• DLTK
• Splunk Enterprise
• Enterprise Security SIEM
• Security Essentials
Fraud Solution Capabilities
Logs / Metrics Transactions Reference Data Enrichment
© 2 0 2 0 S P L U N K I N C .
Calls to Action
MLTK / DLTK / Fraud Fraud, Security, and Compliance
This is your map
Apps Workshops Essential Guide
Learn from the experts
Blogs
All of these are complimentary (as in free)