[WEB SECURITY] Fraud detection system
Colin Watson
colin at watsonhall.com
Tue Jun 19 03:15:37 EDT 2012
Frederic
Yes, you have to come up with some rules, but it could be implemented in a manner that collects all anomalies and analyses that data. And as Greg says, it depends on the context.
What you might consider to be fraudulent for one user you might let another user get away with (within limits).
Colin
----- Original Message -----
From: Lebeau Frederic
[mailto:frederic.lebeau at websurf.be]
To: Colin Watson
[mailto:colin at watsonhall.com]
Sent: Mon, 18 Jun 2012 20:56:53 +0100
Subject:
Re: Fraud detection system
> Hello,
> i m avare about this project ans we havé starter its implémentation in our
> applications.
> However, it s not like intelligent system which analisis behaviors. It
> requires some programmation each time we would like to detect new patterns
> and scenarion? Right? Am i wrong?
>
> However, the idea of the project is very good ;)
>
> Le lundi 18 juin 2012, Colin Watson a écrit :
>
> > Frederic
> >
> > If your application can assess a user's behaviour, it could also make
> > decisions on business-rules concerning attempted fraud, or signal
> > information that might be of use to external fraud analysis engines which
> > often do not know the context of a suspicious event.
> >
> > I contribute some effort to OWASP's AppSensor project, which provides some
> > ideas along these lines:
> >
> > https://www.owasp.org/index.php/OWASP_AppSensor_Project
> >
> > http://www.owasp.org/download/jmanico/owasp_podcast_51.mp3
> >
> >
> >
> http://michael-coates.blogspot.com/2010/06/online-presentation-thursday-automated.html
> >
> >
> >
> http://www.crosstalkonline.org/storage/issue-archives/2011/201109/201109-0-Issue.pdf
> >
> >
> >
> http://www.jtmelton.com/2012/05/01/year-of-security-for-java-week-18-perform-application-layer-intrusion-detection/
> >
> > Regards
> >
> > Colin
> >
> >
> > ----- Original Message -----
> > From: Lebeau Frederic
> > [mailto:frederic.lebeau at websurf.be <javascript:;>]
> > To: websecurity at webappsec.org <javascript:;>
> > Sent: Sat,
> > 16 Jun 2012 19:55:14 +0100
> > Subject: [WEB SECURITY] Fraud detection system
> >
> >
> > > Hello,
> > >
> > > I'm wondering if there are some stuffs to do at application level to
> > > increvable efficuency of fraud detection system?
> > >
> > > Thanks
> > >
> >
>
More information about the websecurity
mailing list