Search the site

The University of Manchester Library

In April 2016 Manchester eScholar was replaced by the University of Manchester’s new Research Information Management System, Pure. In the autumn the University’s research outputs will be available to search and browse via a new Research Portal. Until then the University’s full publication record can be accessed via a temporary portal and the old eScholar content is available to search and browse via this archive.

Risk-Linked Security Solutions for Mobile Financial Systems

Alnajem, Abdullah

[Thesis]. Manchester, UK: The University of Manchester; 2015.

Access to files

Abstract

Abdullah Abdulaziz Ibrahim Alnajem,Risk-Linked Security Solutions for Mobile Financial Systems,Doctor of Philosophy, The University of Manchester, May 5, 2015.Owing to technological developments in areas such as the Internet and wireless communications, more and more services are being made available on-line (i.e. via the Internet) and to mobile users. Mobile banking (m-banking) is one of such services. However, the Internet, integrated with wireless channels, is extremely vulnerable to a wide range of cyber threats and attacks, and, owing to potential monetary gains, m-banking services are particularly attractive to cyber attackers. Risk-linked security solutions have been proposed in the literature recently to balance security protection levels and costs incurred in providing the security. This thesis addresses one of the open issues in realizing this risk-linked security concept, i.e. how to evaluate risk in a given context and do so as effectively and efficiently as possible. It proposes a novel approach to risk aggregation based on multiple risk factors, a copula-based risk evaluation method, which can be used to estimate an aggregated risk value from a set of risk factors that are either dependent or independent of each other. To reduce the execution time of the method, a number of optimization techniques have been applied and experimented. These include the application of a survival function, the geometrical representation of the Genz method and the use of massively parallel architecture on a GPU.In addition, a novel optimized method has also been designed, which could be used to authenticate a m-banking user with a multi-factor authentication method based on the underlying risk level derived. In other words, depending on the risk level, the method can decide which or how many factors should be used to authenticate the user. Moreover, it can decide what level of assurance should be applied for each authentication method to balance the aggregated assurance level with the aggregated risk level. To reduce execution time, the method is based on Lagrange multiplier rather than a global constrained Genetic Algorithm optimization method.Comprehensive experiments have been carried out to evaluate the effectiveness and efficiency of the novel methods. Experimental results show that the copula-based risk evaluation method produces more accurate risk estimation results than related work and can be used to identify evasive fraud. The optimization techniques employed in the risk evaluation and risk-linked authentication methods can reduce the methods' execution times markedly.

Keyword(s)

Copula, Risk Estimation, Risk Aggregation, Information Technology Security, IT Security, Risk, Fraud, Fraud Patterns, Fraud Detection, Fraud Pattern Detection, Fraud Risk, Corporate Banking, Corporate Mobile Banking, Corp M-Banking, Mobile Banking, M-Banking, Electronic Banking, E-Banking, Internet Banking, Risk Factors, Survival Copula, Union Operator, Sklar Theorem, Genz Method, GPU, CPU, Parallel Computation, CUDA, Massively Parallel Architecture, Risk Factor Analysis, Optimization, Risk-linked Security, Risk-Linked Authentication, Cryptography, Non-linear Constrained Optimization, Stochastic, Random Number Generation, Evasive Fraud Detection, Lying Detection, Cheating Detection, Anti-money Laundering, Anti-terrorist Financing, Corporate Fraud, Corporate Financial Crimes, Mobile Phone, Smart Phone, Graphical Processing Unit, Lagrange, Genetic Algorithm, Multi-factor Authentication, Geometrical Visualization, Non-linear Transformation, Numerical Integration, Risk, Fraud Patterns, Stock Market Manipulation, Copula Theory, Optimal Decision-Making, Real-time Computation, Real-time risk computation, real-time fraud detection, real-time Numerical Integration real-time Numerical Integration for Copulas, Non-linear Transformation, Adaptive Intergration Method, Exhaustive Integration Method, Access Control, Probability Theory, Value-At-Risk, Cumulative Density Function, Probability Distribution Function, Risk Estimation, Risk Regulation, Financial Risk, Basel Committee on Banking Supervision, Multi-level Security, Electronic Commerce, Copulae, Multi-dimensional Distribution, Multi-dimensional Integration, Multi-dimensional Numerical Integration, Multi-dimensional Visualization, Machine Learning, Artificial Intelligence, Hessian Function, GPU Kernel, Thread, GPU Cores, Memory, Neuroscience, Human Brain, System Integration, Analytical, Numerical, Statistics, Interior-point Algorithm, Calculus, Gradient, K40 GPU

Bibliographic metadata

Type of resource:
Content type:
Administered thesis
Form of thesis:
Traditional
Type of submission:
Doctoral level ETD - final
Thesis title:
Risk-Linked Security Solutions for Mobile Financial Systems
Degree type:
Doctor of Philosophy
Degree programme:
PhD Computer Science
Publication date:
2015-05-06T14:19:21
Institution:
The University of Manchester
Location:
Manchester, UK
Total pages:
266
Abstract:
Abdullah Abdulaziz Ibrahim Alnajem,Risk-Linked Security Solutions for Mobile Financial Systems,Doctor of Philosophy, The University of Manchester, May 5, 2015.Owing to technological developments in areas such as the Internet and wireless communications, more and more services are being made available on-line (i.e. via the Internet) and to mobile users. Mobile banking (m-banking) is one of such services. However, the Internet, integrated with wireless channels, is extremely vulnerable to a wide range of cyber threats and attacks, and, owing to potential monetary gains, m-banking services are particularly attractive to cyber attackers. Risk-linked security solutions have been proposed in the literature recently to balance security protection levels and costs incurred in providing the security. This thesis addresses one of the open issues in realizing this risk-linked security concept, i.e. how to evaluate risk in a given context and do so as effectively and efficiently as possible. It proposes a novel approach to risk aggregation based on multiple risk factors, a copula-based risk evaluation method, which can be used to estimate an aggregated risk value from a set of risk factors that are either dependent or independent of each other. To reduce the execution time of the method, a number of optimization techniques have been applied and experimented. These include the application of a survival function, the geometrical representation of the Genz method and the use of massively parallel architecture on a GPU.In addition, a novel optimized method has also been designed, which could be used to authenticate a m-banking user with a multi-factor authentication method based on the underlying risk level derived. In other words, depending on the risk level, the method can decide which or how many factors should be used to authenticate the user. Moreover, it can decide what level of assurance should be applied for each authentication method to balance the aggregated assurance level with the aggregated risk level. To reduce execution time, the method is based on Lagrange multiplier rather than a global constrained Genetic Algorithm optimization method.Comprehensive experiments have been carried out to evaluate the effectiveness and efficiency of the novel methods. Experimental results show that the copula-based risk evaluation method produces more accurate risk estimation results than related work and can be used to identify evasive fraud. The optimization techniques employed in the risk evaluation and risk-linked authentication methods can reduce the methods' execution times markedly.
Keyword(s):
Thesis main supervisor(s):
Funder(s):
Degree grantor:
Language:
en

Institutional metadata

University researcher(s):
Academic department(s):

Record metadata

Manchester eScholar ID:
uk-ac-man-scw:263943
Created by:
Alnajem, Abdullah
Created:
6th May, 2015, 13:19:21
Last modified by:
Alnajem, Abdullah
Last modified:
2nd July, 2020, 11:30:23

Can we help?

The library chat service will be available from 11am-3pm Monday to Friday (excluding Bank Holidays). You can also email your enquiry to us.