Anomaly and cyber fraud detection in pipelines and supply chains for liquid fuels

Beteto, Alinne; Melo, Vidal; Lin, Jessica; Alsultan, Marwan; Dias, Eduardo Mario; Korte, Elizabeth; Johnson, DeAndre A.; Moghadasi, Negin; Polmateer, Thomas L.; Lambert, James H.

doi:10.1007/s10669-022-09843-5

Published: 23 January 2022

Anomaly and cyber fraud detection in pipelines and supply chains for liquid fuels

Alinne Beteto¹,
Vidal Melo¹,
Jessica Lin²,
Marwan Alsultan³,
Eduardo Mario Dias¹,
Elizabeth Korte²,
DeAndre A. Johnson²,
Negin Moghadasi²,
Thomas L. Polmateer² &
James H. Lambert²

Environment Systems and Decisions volume 42, pages 306–324 (2022)Cite this article

148 Accesses
Metrics details

Abstract

A recent large-scale information disruption of the Colonial Pipeline across the USA has highlighted the cyber vulnerabilities of the supply chains of liquid fuels. Information disruption and associated anomalies have become routine events for critical infrastructure of sociotechnical systems. The logistics systems that support energy commodity supply chains are vulnerable to information threats that evolve throughout the system life cycles. Among the prevalent threats energy supply chains are malicious hacking, fraud, information theft, ransomware, and related irregular activities. Fraud and malicious activity are not new in the supply chains for liquid fuels, though mechanisms and consequences may be changing. This paper addresses information anomalies that are on a spectrum of errors, lost data, fraud, cyber, ransomware and related disruptions to logistics systems that support e-commerce and distribution of liquid fuels, particularly for challenges associated with human and organizational errors whose frequencies may be increasing in the latest pandemic. The lessons learned can help to improve the anomalies monitoring systems thus protecting the interests of consumers, industry, and the government. A case featuring fuels distribution, cyber-physical-systems and the internet of things (IoT) is presented to illustrate several issues that are challenging the design and operation of government-mandated inspection and detection processes for fraud and anomalies. In particular, an Authenticator and Transmitter System (SAT) concept is described for remote monitoring of fuel distribution points via a secure communication channel between the fuel pumps and government regulators. The data collected in this approach are used to analyze the behavior of fuel distribution points and detect anomalous behaviors that could indicate fraud and/or fraud-like precursors to other information disruptions. The method technologies that are described in this paper helps to detect precursors of fraud and other information irregularities in their earliest stages, and to enhance policies that protect the information systems of fuel pipelines and their related logistics systems. Methods such as described herein are integrated among layers of complex information technologies to protect the interests of the energy sector, consumers, and government.

This is a preview of subscription content, access via your institution.

Access options

Buy single article

Instant access to the full article PDF.

USD 39.95

Price includes VAT (USA)
Tax calculation will be finalised during checkout.

References

Adepoju O, Wosowei J, Lawte S, Jaiman H (2019) Comparative evaluation of credit card fraud detection using machine learning techniques. In: Proceedings of the 2019 Global conference for Advancement in Technology (GCAT), Bangalore, India, https://doi.org/10.1109/GCAT47503.2019.8978372
Almutairi A, Wheeler JP, Slutzky DL, Lambert JH (2019) Integrating stakeholder mapping and risk scenarios to improve resilience of cyber-physical-social networks. Risk Anal. https://doi.org/10.1111/risa.13292
Article Google Scholar
Andrews DJ, Polmateer TL, Wheeler JP, Slutzky DL, Lambert JH (2020) Enterprise risk and resilience of electric-vehicle charging infrastructure and the future mobile power grid. Curr Sustain Renew Energy Rep Transport 7:9–15. https://doi.org/10.1007/s40518-020-00144-6
CAS Article Google Scholar
ANFAVEA (2013–2017) Cars and light trucks
Anton-Haro C, Dohler M (2014) Machine-to-machine (M2M) communications, architecture performance and applications. Elsevier, Amsterdam, pp 1–23
Google Scholar
Begian C, Kettani H (2020) Analysis of fuel pump skimming devices. In: Proceedings of the 2020 the 4th International Conference on Information System and Data Mining, pp. 157–162. https://doi.org/10.1145/3404663.3406874
Beteto A (2019) Proposta de automação para controle da vazão de combustíveis líquidos como nova abordagem de giscalização para o gerenciamento de riscos em postos revendedores, University of São Paulo, Master thesis
Bundi D, Maraga MJ (2020) Effects of cybercrime on oil and gas industry. Glob Sci J 8(6) ISSN 2320-9186
Carrasco RS, Silcilia-Urban MA (2020) Evaluation of deep neural networks for reduction of credit card fraud alerts. IEEE Access. https://doi.org/10.1109/ACCESS.2020.3026222
Article Google Scholar
Catota FE, Morgan MG, Sicker DC (2019) Cybersecurity education in a developing nation: the Ecuadorian environment. J Cybersecurity. https://doi.org/10.1093/cybsec/tyz001
Article Google Scholar
Collier ZA, Lambert JH (2019) Principles and methods of model validation for model risk reduction. IEEE Environ Syst Decis 39:146–153. https://doi.org/10.1007/s10669-019-09723-5
Article Google Scholar
Collier ZA, Linkov I, DiMase D, Walters S, Tehranipoor M, Lambert JH (2014) Cybersecurity standards: managing risk and creating resilience. IEEE Comput 47(9):70–76
Article Google Scholar
Coma-Puig B, Carmona J, Gavaldà R, Alcoverro S, Martin V (2016) Fraud detection in energy consumption: a supervised approach. In: Proceedings of the 2016 IEEE International Conference on Data Science and Advanced Analytics (DSAA), Montreal, QC, pp. 120–129. https://doi.org/10.1109/DSAA.2016.19
Dahee C, Kyungho L (2018) An artificial intelligence approach to financial fraud detection under IoT environment: a survey and implementation. Security Commun Netw. https://doi.org/10.1155/2018/5483472
Article Google Scholar
Davis MV (2019) Strategies to prevent and detect occupational fraud in small retail businesses, Doctoral Thesis, College of Management and Technology, Walden University
Dong C, Wang H, Ni D, Liu Y, Chen Q (2020) Impact evaluation of cyber-attacks on traffic flow of connected and automated vehicles. IEEE Access 8:86824–86835. https://doi.org/10.1109/ACCESS.2020.2993254
Article Google Scholar
Fenza G, Gallo M, Loia V (2019) Drift-aware methodology for anomaly detection in smart grid. IEEE Access 7:9645–9657. https://doi.org/10.1109/ACCESS.2019.2891315
Article Google Scholar
Ferdous AHMI et al (2021) A hybrid structured PCF for fuel adulteration detection in terahertz regime. Sens Bio-Sens Res. https://doi.org/10.1016/j.sbsr.2021.100438
Article Google Scholar
Golan MS et al (2020) Trends and applications of resilience analytics in supply chain modeling: systematic literature review in the context of the COVID 19 pandemic. Environmental Systems and Decisions 40:222–243
Article Google Scholar
Golfarelli M, Rizzi S (2019) A model-driven approach to automate data visualization in big data analytics. Sage J 19(1):24–47. https://doi.org/10.1177/1473871619858933
Article Google Scholar
Gottwalt F, Chang EJ, Dillon TS (2021) Contextual anomaly detection methods for addressing intrusion detection: security & forensics book chapter | IGI Global (igi-global.com). https://doi.org/10.4018/978-1-7998-5728-0.ch009
General Accreditation Guidance—Validation and verification of quantitative and qualitative test methods. NATA - National Association of Testing Authorities, Australia (2018). https://www.nata.com.au/phocadownload/gen-accreditation-guidance/Validation-and-Verification-of-Quantitative-and-Qualitative-Test-Methods.pdf
Hosseini SS, Noorosana R (2018) Performance evaluation of EWMA and CUSUM control charts to detect anomalies in social networks using average and standard deviation of degree measures. Qual Reliab Eng Int 34(4):477–500. https://doi.org/10.1002/qre.2267
Article Google Scholar
Hou E, Miller K, Hero A (2018) Anomaly detection in the monitoring of nuclear facilities. University of Michigan. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=1&ved=2ahUKEwjtw_rFptvlAhUXuZ4KHeJ5DkUQFjAAegQIBBAC&url=http%3A%2F%2Fcvt.engin.umich.edu%2Fwpcontent%2Fuploads%2Fsites%2F173%2F2018%2F10%2F11_01_2018-0800-Hou.pdf&usg=AOvVaw3QG-Cd_PPlDae5UrOXmaAl. Accessed 31 Oct 2018
Kara I, Aydos M (2020) Cyber fraud: detection and analysis of the crypto-ransomware. In: Proceedings of the 2020 11th IEEE Annual Ubiquitous Computing, Electronics & Mobile Communication Conference (UEMCON). https://doi.org/10.1109/UEMCON51285.2020.9298128
Kott A et al (2021) Cyber resilience: by design or by intervention? Computer 54(8):112–117
Article Google Scholar
Lewis J, English C, Gesick J, Mukkamala S (2018) Validation Process Methods. National Renewable Energy Laboratory of US Department of Energy
Linkov I, Baiardi F, Florin MV, Greer S, Lambert JH, Pollock M, Rickli JM (2019a) Applying resilience to hybrid threats. IEEE Secur Priv 17(5):78–83
Article Google Scholar
Linkov I, Baiardi F, Florin MV, Greer S, Lambert JH, Pollack M, Rickli JM, Roslycky L, Seager T, Thorisson H, Trump BD (2019b) Apply resilience to hybrid threats. IEEE Security Privacy Mag. https://doi.org/10.1109/MSEC.2019.2922866
Article Google Scholar
Maldonado K et al (2019) Situational strategic awareness monitoring surveillance system—microcomputer and microcomputer clustering used for intelligent, economical, scalable, and deployable approach for safeguarding materials. J Imaging Sci Technol. https://doi.org/10.2352/J.ImagingSci.Technol.2019.63.6.060408
Article Google Scholar
Maniraj SP, Saini A, Sarkar SD, Ahmed S (2019) Credit card fraud detection using machine learning and data science. Int J Eng Res Technol. https://doi.org/10.17577/IJERTV8IS090031
Article Google Scholar
Melo V, Augusto Z, and Castro S (2015) Autenticador e transmissor (SAT): modelo tecnológico de automação e controle de processos em cidades inteligentes com exemplo de aplicação ao setor tributário, University of São Paulo, Doctoral thesis
Muggah R, Thompson NB (2018) Brazil struggles with effective cyber-crime response. Instituto Igarapé. https://www.igarape.org.br/en/brazil-struggles-with-effective-cyber-crime-response/.
Muggah R, Thompson N (2019) Brazil's cybercrime problem. Foreign Affairs. Available at: www.foreignaffairs.com/articles/south-america/2015-09-17/brazils-cybercrime-problem
Osborne C (2021) Colonial pipeline attack: everything you need to know. Zero Day. Available at https://www.zdnet.com/article/colonial-pipeline-ransomware-attack-everything-you-need-to-know/
Papale G, Sgaglione L (2017) SDD sentinel: a support tool for detecting and investigating electronic transaction frauds. In: Proceedings of the 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data (SmartData), pp. 318–323. https://doi.org/10.1109/iThings-GreenCom-CPSCom-SmartData.2017.53
Pereira France dos Santos A et al (2020) Fuel quality monitoring by color detection. Color Detect. https://doi.org/10.5772/intechopen.86531
Article Google Scholar
Roege PE, Collier ZA, Chevardin V, Chouinard P, Florin MV, Lambert JH, Nielsen K, Nogal M, Todorovic B (2017), Bridging the gap from cyber security to resilience. In: Proceedings of the NATO Science for Peace and Security Series C:Environmental Security. https://doi.org/10.1007/978-94-024-1123-2_14
Rosa-Aquino P, Danner C (2021) What we know about the colonial pipeline shutdown. Intelligencer, https://www.Intelligencer.nymag.com/intelligencer/article/what-we-know-about-the-colonial-pipeline-shutdown-updates.html.
Ryman-Tubb N, Krause P (2011) Neural network rule extraction to detect credit card fraud, Engineering Applications of Neural Networks. In: Proceedings of the EANN 2011, AIAI 2011 IFIP Advances in Information and Communication Technology, vol 363. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23957-1_12
Sahu A et al (2021) Multi-source multi-domain data fusion for cyberattack detection in power systems. IEEE Access 9:119118–119138. https://doi.org/10.1109/ACCESS.2021.3106873
Article Google Scholar
Sample Procedure for Method Validation, NIST. https://www.nist.gov/system/files/documents/2016/12/21/sapmethodvalidation2016-12-21.pdf
Santoyo S (2017) A brief overview of outlier detection techniques. Medium, Towards Data Science. https://towardsdatascience.com/a-brief-overview-of-outlier-detection-techniques-1e0b2c19e561.
Smith RG, Urbas G (2001) Controlling fraud on the Internet: a CAPA perspective: report for the confederation of asian and pacific accountants. Research and Public Policy Series, No. 39. Australian Institute of Criminology, Canberra
Thorisson H, Lambert JH, Angeler DG, Baiardi F, Taveter K, Vasheasta A (2019), Resilience of critical infrastructure systems to hybrid threats with information disruption. In: Proceedings of the Resilience and Hybrid Threats: Security and Integrity for the Digital World, vol 55(13). https://doi.org/10.3233/NICSP190017
Wieringa R (2014) Empirical research methods for technology validation: scaling up to practice. J Syst Softw 95:19–31
Article Google Scholar

Download references

Acknowledgments

This effort was supported in part by the US National Science Foundation I/UCRC Center for Hardware and Embedded Systems Security and Trust (NSF Award 1916760); the Commonwealth Center for Advanced Logistics Systems; Systems Planning & Analysis, Inc.; Fermata LLC; and the US Army Corps of Engineers.

Author information

Authors and Affiliations

University of Sao Paulo, São Paulo, 05508-900, Brazil
Alinne Beteto, Vidal Melo & Eduardo Mario Dias
University of Virginia, Charlottesville, VA, 22903, USA
Jessica Lin, Elizabeth Korte, DeAndre A. Johnson, Negin Moghadasi, Thomas L. Polmateer & James H. Lambert
King Saud University, Riyadh, 11692, Saudi Arabia
Marwan Alsultan

Authors

Alinne Beteto
View author publications
You can also search for this author in PubMed Google Scholar
Vidal Melo
View author publications
You can also search for this author in PubMed Google Scholar
Jessica Lin
View author publications
You can also search for this author in PubMed Google Scholar
Marwan Alsultan
View author publications
You can also search for this author in PubMed Google Scholar
Eduardo Mario Dias
View author publications
You can also search for this author in PubMed Google Scholar
Elizabeth Korte
View author publications
You can also search for this author in PubMed Google Scholar
DeAndre A. Johnson
View author publications
You can also search for this author in PubMed Google Scholar
Negin Moghadasi
View author publications
You can also search for this author in PubMed Google Scholar
Thomas L. Polmateer
View author publications
You can also search for this author in PubMed Google Scholar
James H. Lambert
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to DeAndre A. Johnson.

Ethics declarations

Conflict of interest

The authors declare that they have no conflict of interest.

Rights and permissions

Reprints and Permissions

About this article

Cite this article

Beteto, A., Melo, V., Lin, J. et al. Anomaly and cyber fraud detection in pipelines and supply chains for liquid fuels. Environ Syst Decis 42, 306–324 (2022). https://doi.org/10.1007/s10669-022-09843-5

Download citation

Accepted: 04 January 2022
Published: 23 January 2022
Issue Date: June 2022
DOI: https://doi.org/10.1007/s10669-022-09843-5

Keywords

Systems engineering
Data analysis
Trust
Logistics
Energy sector
Ransomware