Replay Attack: A Prevalent Pattern of Fraudulent Online Transactions

摘要

The rapid advancement in the electronic commerce technology makes electronic transaction an indispensable part of our daily life. While, this way of transaction has always been facing security problems. Researchers persevere in looking for fraud transaction detection methodologies. A promising paradigm is to devise dedicated detectors for the typical patterns of fraudulent transactions. Unfortunately, this paradigm is really constrained by the lack of real electronic transaction data, especially real fraudulent samples. In this paper, by analyzing real B2C electronic transaction data provided by an Asian bank, from the perspective of transaction sequence, we discover a typical pattern of fraud transactions: Most of the fraud transactions are fast and repeated transactions between the same customer and the same vendor, and all the transaction amounts are nearly the same. We name this pattern Replay Attack. We prove the prominent existence of Replay Attack by comprehensive statistics, and we propose a novel fraud transaction detector, Replay Attack Killer (RAK). By experiment, we show that RAK can catch up to 92% fraud transactions in real time but only disturb less than 0.06% normal transactions.