中文标题#
针对欺诈的对抗攻击:信用卡欺诈检测中的可转移对抗攻击
英文标题#
Foe for Fraud: Transferable Adversarial Attacks in Credit Card Fraud Detection
中文摘要#
信用卡欺诈检测(CCFD)是机器学习(ML)在金融领域的关键应用,其中准确识别欺诈性交易对于减少财务损失至关重要。 ML 模型在欺诈检测任务中已表现出其有效性,尤其是在表格数据集上。 尽管对抗攻击在计算机视觉和深度学习中已被广泛研究,但它们对 ML 模型的影响,特别是那些在 CCFD 表格数据集上训练的模型,仍大多未被探索。 这些潜在的漏洞对金融行业的安全性和稳定性构成了重大威胁,尤其是在高价值交易中,损失可能非常大。 为解决这一差距,本文提出一个全面的框架,研究 CCFD ML 模型在不同情况下对对抗扰动的鲁棒性。 具体而言,基于梯度的攻击方法被引入到表格信用卡交易数据中,在黑盒和白盒对抗攻击设置下进行测试。 我们的研究结果证实,表格数据也容易受到细微扰动的影响,强调了金融技术从业者需要提高对 ML 模型安全性和可信度的认识。 此外,通过将基于梯度的攻击方法生成的对抗样本转移到非基于梯度的模型进行实验,也验证了我们的发现。 我们的结果表明,此类攻击仍然有效,强调了开发针对 CCFD 算法的稳健防御措施的必要性。
英文摘要#
Credit card fraud detection (CCFD) is a critical application of Machine Learning (ML) in the financial sector, where accurately identifying fraudulent transactions is essential for mitigating financial losses. ML models have demonstrated their effectiveness in fraud detection task, in particular with the tabular dataset. While adversarial attacks have been extensively studied in computer vision and deep learning, their impacts on the ML models, particularly those trained on CCFD tabular datasets, remains largely unexplored. These latent vulnerabilities pose significant threats to the security and stability of the financial industry, especially in high-value transactions where losses could be substantial. To address this gap, in this paper, we present a holistic framework that investigate the robustness of CCFD ML model against adversarial perturbations under different circumstances. Specifically, the gradient-based attack methods are incorporated into the tabular credit card transaction data in both black- and white-box adversarial attacks settings. Our findings confirm that tabular data is also susceptible to subtle perturbations, highlighting the need for heightened awareness among financial technology practitioners regarding ML model security and trustworthiness. Furthermore, the experiments by transferring adversarial samples from gradient-based attack method to non-gradient-based models also verify our findings. Our results demonstrate that such attacks remain effective, emphasizing the necessity of developing robust defenses for CCFD algorithms.
文章页面#
PDF 获取#
抖音扫码查看更多精彩内容