Abstract
Recent activities in attacks on automated teller machines have shown a sophistication that has grown to a degree, where it is not always technically possible to prevent the attack. This paper describes an approach for anomaly and attack detection for ATMs. The approach works on multiple levels. First, we use sensor fusion on the low-level hardware sensors to get robust information about the device state. Second, we use a new model-based and self-learning anomaly detection method on the diagnosis data of all ATM devices to robustly detect anomalies in the system that might indicate an attack on the machine.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
German project title: “Intelligente vernetzte Systeme für automatisierte Geldkreisläufe”.
- 2.
Intelligent Technical Systems OstWestfalenLippe: http://www.its-owl.de.
- 3.
Due to legacy support, this information is usually unencrypted.
- 4.
- 5.
- 6.
A PDFA corresponds to a PDTTA without transaction time probability function \(\tau \) (cf. Definition 1). For further information about probabilistic (timed) automata, refer to [1].
References
Alur, R., Dill, D.L.: A theory of timed automata. Theoret. Comput. Sci. 126(2), 183–235 (1994)
Ayyub, B.M., Klir, G.J.: Uncertainty Modeling and Analysis in Engineering and the Sciences. Chapman and Hall/CRC, Boca Raton (2006)
Bundeskriminalamt: Polizeiliche Kriminalstatistik 2013. Bundeskriminalamt, Kriminalistisches Institut, Fachbereich KI 12, 65173 Wiesbaden (2014)
Carl, J.W.: Contrasting approaches to combine evidence. In: Handbook of Multisensor Data Fusion, pp. 7-1–7-32. CRC Press (2001)
Carrasco, R.C., Oncina, J.: Learning stochastic regular grammars by means of a state merging method. In: Carrasco, R.C., Oncina, J. (eds.) ICGI 1994. LNCS, vol. 862, pp. 139–152. Springer, Heidelberg (1994)
Cassandras, C.G., Lafortune, S.: Introduction to Discrete Event Systems. Springer, Heidelberg (2008)
Hall, D.L., Llinas, J.: An introduction to multisensor data fusion. Proc. IEEE 85(1), 6–23 (1997)
Jousselme, A.L., Maupin, P., Bossé, E.: Quantitative approaches. In: Concepts, Models, and Tools for Information Fusion, pp. 169–210. Artech House (2007)
Klerx, T., Anderka, M., Kleine Büning, H.: On the usage of behavior models to detect ATM fraud. In: Proceedings of the 21st European Conference on Artificial Intelligence (ECAI 2014). pp. 1045–1046. IOS Press (2014)
Klerx, T., Anderka, M., Kleine Büning, H., Priesterjahn, S.: Model-based anomaly detection for discrete event systems. In: Proceedings of the 26th IEEE International Conference on Tools with Artificial Intelligence (ICTAI 2014). pp. 665–672. IEEE (2014)
Kolmogorov, A.N.: Foundations of the Theory of Probability. Chelsea Publishing, New York (1950)
Larsen, H.L.: Efficient importance weighted aggregation between min and max. In: Proceedings of the 9th International Conference on Information Processing and Management of Uncertainty in Knowledge-Based Systems (IPMU 2002) (2002)
Lohweg, V., Diederichs, C., Müller, D.: Algorithms for hardware-based pattern recognition. EURASIP J. Appl. Sig. Process. 2004(12), 1912–1920 (2004)
Lohweg, V., Voth, K., Glock, S.: A possibilistic framework for sensor fusion with monitoring of sensor reliability. In: Sensor Fusion, pp. 191–226. InTech (2011)
Mönks, U., Lohweg, V.: Machine conditioning by importance controlled information fusion. In: Proceedings of the 18th IEEE International Conference on Emerging Technologies and Factory Automation (ETFA 2013), pp. 1–8 (2013)
Mönks, U., Priesterjahn, S., Lohweg, V.: Automated fusion attribute generation for condition monitoring. In: Proceedings of the 23rd Workshop Computational Intelligence, vol. 46, pp. 339–353. KIT Scientific Publishing (2013)
Mönks, U., Trsek, H., Dürkop, L., Geneiß, V., Lohweg, V.: Assisting the design of sensor and information fusion systems. In: Proceedings of the 2nd International Conference on System-integrated Intelligence (SysInt 2014) (2014)
Mönks, U., Voth, K., Lohweg, V.: An extended perspective on evidential aggregation rules in machine condition monitoring. In: Proceedings of the 3rd International Workshop on Cognitive Information Processing (CIP 2012), pp. 1–6. IEEE (2012)
Niggemann, O., Stein, B., Vodencarevic, A., Maier, A., Kleine Büning, H.: Learning behavior models for hybrid timed systems. In: Proceedings of the 26th International Conference on Artificial Intelligence (AAAI 2012), pp. 1083–1090. AAAI (2012)
Osswald, C., Martin, A.: Understanding the large family of Dempster-Shafer theory’s fusion operators - a decision-based measure. In: Proceedings of the 9th International Conference on Information Fusion, pp. 1–7 (2006)
Shafer, G.: A Mathematical Theory of Evidence. Princeton University Press, New Jersey (1976)
Verwer, S., Eyraud, R., Higuera, C.: Pautomac: A probabilistic automata and hidden markov models learning competition. Mach. Learn. 96(1–2), 129–154 (2014)
Yadron, D.: Symantec develops new attack on cyberhacking: declaring antivirus software dead, firm turns to minimizing damage from breaches. Wall Street J., May 2014. published online at http://www.wsj.com/news/articles/SB10001424052702303417104579542140235850578
Zadeh, L.A.: Fuzzy sets. Inf. Control 8(3), 338–353 (1965)
Acknowledgements
This work was supported by the Wincor Nixdorf International GmbH, and partly funded by the German Federal Ministry of Education and Research (BMBF) within the Leading-Edge Cluster “Intelligent Technical Systems OstWestfalenLippe” (it’s OWL).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Priesterjahn, S., Anderka, M., Klerx, T., Mönks, U. (2015). Generalized ATM Fraud Detection. In: Perner, P. (eds) Advances in Data Mining: Applications and Theoretical Aspects. ICDM 2015. Lecture Notes in Computer Science(), vol 9165. Springer, Cham. https://doi.org/10.1007/978-3-319-20910-4_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-20910-4_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-20909-8
Online ISBN: 978-3-319-20910-4
eBook Packages: Computer ScienceComputer Science (R0)