CMU Details New E-Commerce Auction Scheme

With E-Commerce leaders getting more sophisticated in the ways of online fraud schemes, criminals are increasingly turning to auction forums. In those forums, the cyber crooks can use the site's prestige to add to their credibility while they sidestep that very same site's anti-fraud safeguards by selling directly to consumers.

Major auction sites?most notably EBay?often use community policing as a defense, where members who do not deliver honorably are given low ratings by fellow members, which theoretically warn members to avoid them. The fraudsters have tried countering by using a series of fake names, which are quickly abandoned once bad ratings are filed.

But fraudsters now have a new defense and researchers at Carnegie Mellon University have concocted a new counter. The new fraudster tactic involves getting their accomplices (and sometimes themselves, under an alias) to give the fraudster high satisfaction scores, allowing the criminal to defraud other members for a much longer time before the system catches up.

The CMU counter uses data mining software to spot groups of people trading among themselves in a pattern that is similar to that used by fraudsters. The CMU software?dubbed NetProbe (Network Detection via Propagation of Beliefs)?"could prevent future frauds by identifying their accomplices, who can lurk on a site indefinitely and enable new generations of fraudsters," said CMU computer science professor Christos Faloutsos.

"In a test analysis of about one million actual transactions between almost 66,000 eBay users, NetProbe correctly detected 10 previously identified perpetrators, as well as more than a dozen probable fraudsters and several dozen apparent accomplices," said a CMU statement on the project.

Typically, Faloutsos said, the accomplices need to keep their hands clean by engaging in many legitimate and honest transactions with many buyers.

"They also have many transactions with the user IDs of fraudsters, using their good reputations to boost the fraudsters' feedback scores. Because accomplices don't perpetrate frauds, they usually escape notice and can keep working to establish new fraudster accounts," Faloutsos said. "But an unnatural pattern becomes evident when the transactions are plotted as a graph, with each user represented as a node, or dot, and transactions between individual users represented by lines connecting the nodes."