中文标题#
針對欺詐的對抗攻擊:信用卡欺詐檢測中的可轉移對抗攻擊
英文标题#
Foe for Fraud: Transferable Adversarial Attacks in Credit Card Fraud Detection
中文摘要#
信用卡欺詐檢測(CCFD)是機器學習(ML)在金融領域的關鍵應用,其中準確識別欺詐性交易對於減少財務損失至關重要。 ML 模型在欺詐檢測任務中已表現出其有效性,尤其是在表格數據集上。 儘管對抗攻擊在計算機視覺和深度學習中已被廣泛研究,但它們對 ML 模型的影響,特別是那些在 CCFD 表格數據集上訓練的模型,仍大多未被探索。 這些潛在的漏洞對金融行業的安全性和穩定性構成了重大威脅,尤其是在高價值交易中,損失可能非常大。 為解決這一差距,本文提出一個全面的框架,研究 CCFD ML 模型在不同情況下對對抗擾動的魯棒性。 具體而言,基於梯度的攻擊方法被引入到表格信用卡交易數據中,在黑盒和白盒對抗攻擊設置下進行測試。 我們的研究結果證實,表格數據也容易受到細微擾動的影響,強調了金融技術從業者需要提高對 ML 模型安全性和可信度的認識。 此外,通過將基於梯度的攻擊方法生成的對抗樣本轉移到非基於梯度的模型進行實驗,也驗證了我們的發現。 我們的結果表明,此類攻擊仍然有效,強調了開發針對 CCFD 算法的穩健防禦措施的必要性。
英文摘要#
Credit card fraud detection (CCFD) is a critical application of Machine Learning (ML) in the financial sector, where accurately identifying fraudulent transactions is essential for mitigating financial losses. ML models have demonstrated their effectiveness in fraud detection task, in particular with the tabular dataset. While adversarial attacks have been extensively studied in computer vision and deep learning, their impacts on the ML models, particularly those trained on CCFD tabular datasets, remains largely unexplored. These latent vulnerabilities pose significant threats to the security and stability of the financial industry, especially in high-value transactions where losses could be substantial. To address this gap, in this paper, we present a holistic framework that investigate the robustness of CCFD ML model against adversarial perturbations under different circumstances. Specifically, the gradient-based attack methods are incorporated into the tabular credit card transaction data in both black- and white-box adversarial attacks settings. Our findings confirm that tabular data is also susceptible to subtle perturbations, highlighting the need for heightened awareness among financial technology practitioners regarding ML model security and trustworthiness. Furthermore, the experiments by transferring adversarial samples from gradient-based attack method to non-gradient-based models also verify our findings. Our results demonstrate that such attacks remain effective, emphasizing the necessity of developing robust defenses for CCFD algorithms.
文章页面#
PDF 获取#
抖音掃碼查看更多精彩內容