Advertisement

Secure Multiparty PageRank Algorithm for Collaborative Fraud Detection

  • Alex SangersEmail author
  • Maran van Heesch
  • Thomas Attema
  • Thijs Veugen
  • Mark Wiggerman
  • Jan Veldsink
  • Oscar Bloemen
  • Daniël Worm
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11598)

Abstract

Collaboration between financial institutions helps to improve detection of fraud. However, exchange of relevant data between these institutions is often not possible due to privacy constraints and data confidentiality. An important example of relevant data for fraud detection is given by a transaction graph, where the nodes represent bank accounts and the links consist of the transactions between these accounts. Previous works show that features derived from such graphs, like PageRank, can be used to improve fraud detection. However, each institution can only see a part of the whole transaction graph, corresponding to the accounts of its own customers. In this research a new method is described, making use of secure multiparty computation (MPC) techniques, allowing multiple parties to jointly compute the PageRank values of their combined transaction graphs securely, while guaranteeing that each party only learns the PageRank values of its own accounts and nothing about the other transaction graphs. In our experiments this method is applied to graphs containing up to tens of thousands of nodes. The execution time scales linearly with the number of nodes, and the method is highly parallelizable. Secure multiparty PageRank is feasible in a realistic setting with millions of nodes per party by extrapolating the results from our experiments.

Keywords

Multiparty computation PageRank Fraud detection Collaborative computation 

Notes

Acknowledgments

The research activities that have led to this paper were funded by the Shared Research Program Cyber Security; a research collaboration between TNO, ABN AMRO, Rabobank, ING, Achmea and Volksbank. The authors would also like to thank Gabriele Spini for his valuable feedback and his help in improving the paper.

References

  1. 1.
    Aly, A., Cuvelier, E., Mawet, S., Pereira, O., Van Vyve, M.: Securely solving simple combinatorial graph problems. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 239–257. Springer, Heidelberg (2013).  https://doi.org/10.1007/978-3-642-39884-1_21CrossRefGoogle Scholar
  2. 2.
    Barker, E., Barker, W., Burr, W., Polk, W., Smid, M., Zieglar, L.: Recommendation for key management - part 1: General (revision 4). National Institute of Standards and Technology - Special Publication 800(57), 1–156 (2015)Google Scholar
  3. 3.
    Ben-Or, M., Goldwasser, S., Wigderson, A.: Completeness theorems for non-cryptographic fault-tolerant distributed computation (extended abstract). In: Simon, J. (ed.) Proceedings of the 20th Annual ACM Symposium on Theory of Computing, 2–4 May 1988, Chicago, Illinois, USA, pp. 1–10. ACM (1988).  https://doi.org/10.1145/62212.62213
  4. 4.
    Bogdanov, D., Laur, S., Willemson, J.: Sharemind: a framework for fast privacy-preserving computations. In: Jajodia, S., Lopez, J. (eds.) ESORICS 2008. LNCS, vol. 5283, pp. 192–206. Springer, Heidelberg (2008).  https://doi.org/10.1007/978-3-540-88313-5_13CrossRefGoogle Scholar
  5. 5.
    Bogetoft, P., et al.: Secure multiparty computation goes live. In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 325–343. Springer, Heidelberg (2009).  https://doi.org/10.1007/978-3-642-03549-4_20CrossRefGoogle Scholar
  6. 6.
    Bollobás, B., Borgs, C., Chayes, J., Riordan, O.: Directed scale-free graphs. In: Proceedings of the Fourteenth Annual ACM-SIAM Symposium on Discrete Algorithms, SODA 2003, Society for Industrial and Applied Mathematics, Philadelphia, PA, USA, pp. 132–139 (2003). http://dl.acm.org/citation.cfm?id=644108.644133
  7. 7.
    Bos, J.W., Montgomery, P.L., Shumow, D., Zaverucha, G.M.: Montgomery multiplication using vector instructions. IACR Cryptology ePrint Archive, vol. 2013, p. 519 (2013). http://eprint.iacr.org/2013/519
  8. 8.
    Brickell, J., Shmatikov, V.: Privacy-preserving graph algorithms in the semi-honest model. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 236–252. Springer, Heidelberg (2005).  https://doi.org/10.1007/11593447_13CrossRefzbMATHGoogle Scholar
  9. 9.
    Chaum, D., Crépeau, C., Damgård, I.: Multiparty unconditionally secure protocols (extended abstract). In: Simon, J. (ed.) Proceedings of the 20th Annual ACM Symposium on Theory of Computing, 2–4 May 1988, Chicago, Illinois, USA, pp. 11–19. ACM (1988).  https://doi.org/10.1145/62212.62214
  10. 10.
    Damgård, I., Damgård, K., Nielsen, K., Nordholt, P.S., Toft, T.: Confidential benchmarking based on multiparty computation. In: Grossklags, J., Preneel, B. (eds.) FC 2016. LNCS, vol. 9603, pp. 169–187. Springer, Heidelberg (2017).  https://doi.org/10.1007/978-3-662-54970-4_10CrossRefGoogle Scholar
  11. 11.
    Damgård, I., Jurik, M.: A generalisation, a simplification and some applications of Paillier’s probabilistic public-key system. In: Kim, K. (ed.) PKC 2001. LNCS, vol. 1992, pp. 119–136. Springer, Heidelberg (2001).  https://doi.org/10.1007/3-540-44586-2_9CrossRefzbMATHGoogle Scholar
  12. 12.
    Damgård, I., Pastro, V., Smart, N.P., Zakarias, S.: Multiparty computation from somewhat homomorphic encryption. In: Proceedings of Advances in Cryptology - CRYPTO 2012 - 32nd Annual Cryptology Conference, Santa Barbara, CA, USA, 19–23 August 2012, pp. 643–662 (2012).  https://doi.org/10.1007/978-3-642-32009-5_38Google Scholar
  13. 13.
    Gentry, C.: Fully homomorphic encryption using ideal lattices. In: Mitzenmacher, M. (ed.) Proceedings of the 41st Annual ACM Symposium on Theory of Computing, STOC 2009, Bethesda, MD, USA, 31 May – 2 June 2009, pp. 169–178. ACM (2009).  https://doi.org/10.1145/1536414.1536440
  14. 14.
    Goldreich, O., Micali, S., Wigderson, A.: How to play any mental game or a completeness theorem for protocols with honest majority. In: Proceedings of the 19th Annual ACM Symposium on Theory of Computing 1987, New York, USA, pp. 218–229 (1987).  https://doi.org/10.1145/28395.28420
  15. 15.
    Haveliwala, T., Kamvar, S.: The second eigenvalue of the google matrix. Tech. rep. 2003–20, Stanford InfoLab (2003). http://ilpubs.stanford.edu:8090/582/
  16. 16.
    Hazay, C., Mikkelsen, G.L., Rabin, T., Toft, T.: Efficient RSA key generation and threshold Paillier in the two-party setting. In: Dunkelman, O. (ed.) CT-RSA 2012. LNCS, vol. 7178, pp. 313–331. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-27954-6_20CrossRefzbMATHGoogle Scholar
  17. 17.
    Henecka, W., Kögl, S., Sadeghi, A., Schneider, T., Wehrenberg, I.: TASTY: tool for automating secure two-party computations. In: Al-Shaer, E., Keromytis, A.D., Shmatikov, V. (eds.) Proceedings of the 17th ACM Conference on Computer and Communications Security, CCS 2010, Chicago, Illinois, USA, 4–8 October 2010, pp. 451–462. ACM (2010).  https://doi.org/10.1145/1866307.1866358
  18. 18.
    Ipsen, I.C.F., Selee, T.M.: Pagerank computation, with special attention to dangling nodes. SIAM J. Matrix Anal. Appl. 29(4), 1281–1296 (2007).  https://doi.org/10.1137/060664331MathSciNetCrossRefzbMATHGoogle Scholar
  19. 19.
    Malkhi, D., Nisan, N., Pinkas, B., Sella, Y.: Fairplay - secure two-party computation system. In: Blaze, M. (ed.) Proceedings of the 13th USENIX Security Symposium, 9–13 August 2004, San Diego, CA, USA, pp. 287–302. USENIX (2004). http://www.usenix.org/publications/library/proceedings/sec04/tech/malkhi.html
  20. 20.
    Molloy, I., et al.: Graph analytics for real-time scoring of cross-channel transactional fraud. In: Grossklags, J., Preneel, B. (eds.) FC 2016. LNCS, vol. 9603, pp. 22–40. Springer, Heidelberg (2017).  https://doi.org/10.1007/978-3-662-54970-4_2CrossRefGoogle Scholar
  21. 21.
    Nayak, K., Wang, X.S., Ioannidis, S., Weinsberg, U., Taft, N., Shi, E.: GraphSC: parallel secure computation made easy. In: 2015 IEEE Symposium on Security and Privacy (SP), pp. 377–394. IEEE (2015)Google Scholar
  22. 22.
    Nielsen, J.B., Nordholt, P.S., Orlandi, C., Burra, S.S.: A new approach to practical active-secure two-party computation. In: Safavi-Naini, R., Canetti, R. (eds.) CRYPTO 2012. LNCS, vol. 7417, pp. 681–700. Springer, Heidelberg (2012).  https://doi.org/10.1007/978-3-642-32009-5_40CrossRefGoogle Scholar
  23. 23.
    Paillier, P.: Public-key cryptosystems based on composite degree residuosity classes. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 223–238. Springer, Heidelberg (1999).  https://doi.org/10.1007/3-540-48910-X_16CrossRefGoogle Scholar
  24. 24.
    Partisia: Secure order matching (2018). https://partisia.com/order-matching/. Accessed 31 July 2018
  25. 25.
    Unbound: Hybrid cloud key management for any key, any cloud (2018). https://www.unboundtech.com/usecase/hybrid-it-key-management-any-key-any-cloud/. Accessed 31 Jul 2018
  26. 26.
    Veugen, T.: Encrypted integer division and secure comparison. IJACT 3(2), 166–180 (2014).  https://doi.org/10.1504/IJACT.2014.062738MathSciNetCrossRefzbMATHGoogle Scholar
  27. 27.
    Yao, A.C.: Protocols for secure computations (extended abstract). In: 23rd Annual Symposium on Foundations of Computer Science, Chicago, Illinois, USA, 3–5 November 1982, pp. 160–164. IEEE Computer Society (1982).  https://doi.org/10.1109/SFCS.1982.38
  28. 28.
    Yao, A.C.: How to generate and exchange secrets (extended abstract). In: 27th Annual Symposium on Foundations of Computer Science, Toronto, Canada, 27–29 October 1986, pp. 162–167. IEEE Computer Society (1986).  https://doi.org/10.1109/SFCS.1986.25

Copyright information

© International Financial Cryptography Association 2019

Authors and Affiliations

  • Alex Sangers
    • 1
    Email author
  • Maran van Heesch
    • 1
  • Thomas Attema
    • 1
    • 5
  • Thijs Veugen
    • 1
    • 5
  • Mark Wiggerman
    • 2
  • Jan Veldsink
    • 3
  • Oscar Bloemen
    • 4
  • Daniël Worm
    • 1
  1. 1.Netherlands Organisation for Applied Scientific Research (TNO)The HagueThe Netherlands
  2. 2.ABN AMROAmsterdamThe Netherlands
  3. 3.RabobankUtrechtThe Netherlands
  4. 4.INGAmsterdamThe Netherlands
  5. 5.CWIAmsterdamThe Netherlands

Personalised recommendations