E-fraud E-fraud, state of the art and counter measures

Abstract: This thesis investigates fraud and the situation on Internet with e-commerce today, to point on some potential threats and needed countermeasures. The work reviews several state of the art e-fraud schemes, techniques used in the schemes and statistics on the extent of e-fraud. This part shows that e-frauds are today both sophisticated and widespread. Since real world frauds are deemed impossible to fully cover in order to predict potential new e-frauds, the thesis adopts a different approach. It suggests two abstraction models for fraud cases, a protocol model and a functional model. These are used to perform analysis on case studies on both telecom frauds and e-frauds. The analysis presents characteristics for both types of frauds. Using one of the abstraction models, the functional model, conceptually similar cases among telecom frauds as well as e-fraud cases are identified. The similar cases in each category are then compared, using the other abstraction model, the protocol model. The study shows that concepts from telecom frauds already exist in e-frauds. Several challenges and some possibilities in e-fraud prevention and detection are also extracted in the comparative study of the different categories. The major consequence of the challenges is e-frauds’ higher scalability compared to telecom frauds. Finally, this thesis covers several existing countermeasures in e-commerce along with specific countermeasures against auction fraud, phishing and spam. However, it is shown that these countermeasures do not address the challenges in e-fraud prevention and detection to a satisfactory extent. Therefore, this thesis proposes several high-level countermeasures in order to address the challenges.