热门搜索：

大海捞针：一种用于支付系统异常检测的机器学习框架（英）

文化传媒2024-05-01国际清算银行王***

AI智能总结

摘要

本文提出了一种灵活的机器学习（ML）框架，旨在实现实时交易监控，特别是在高价值支付系统（HVPS）中。该框架适用于系统运营商和监管者用于检测异常交易，这些交易可能由于网络攻击或运营中断而未被发现，如果未能及时发现，可能会对HVPS及其参与者乃至整个金融体系产生严重后果。鉴于每日处理支付交易的巨大数量以及HVPS中真实异常交易的稀缺性，检测异常类似于在一堆干草中寻找一根针。因此，框架采用分层方法。第一层使用监督式ML算法来识别并分离“典型”交易与“异常”交易。第二层仅对“异常”交易通过无监督的ML算法进行异常检测。

关键点总结：

框架概述：提出了一种用于实时监控高价值支付系统的机器学习框架，以检测可能由网络攻击或运营中断引起的异常交易。
挑战与解决方案：面对实际异常交易数量稀少和难以预知其形式的挑战，该框架采用分层方法，通过第一层的监督式ML算法和第二层的无监督ML算法相结合，提高异常检测的准确性和效率。
测试与验证：通过人工操纵的交易数据和加拿大HVPS的实际支付数据进行测试，以验证该框架的有效性。第一层ML算法的检测率达到了93%，显著优于常用的经济计量模型。第二层ML算法将人工操纵的交易标记为比原始交易更为可疑，证明了其有效性。
关键词与分类：关键词包括支付系统、交易监控、异常检测、机器学习；JEL分类包括C45、C55、D83、E42，分别涉及统计方法、经济计量学、组织经济学和金融稳定性等领域。
贡献与应用：此框架不仅提高了异常交易的检测能力，还提供了更全面的视角来理解和管理HVPS中的风险，有助于增强金融系统的安全性和稳定性。

结论：

本文提出的机器学习框架为高价值支付系统的异常交易监测提供了创新的方法，通过分层ML技术，实现了对异常交易的高效检测，对于提升金融系统的安全性、稳定性和抵御网络攻击的能力具有重要意义。

BISWorkingPapers No1188 Findinganeedleinahaystack:amachinelearningframeworkforanomalydetectioninpaymentsystems byAjitDesai,AnnekeKosseandJacobSharples MonetaryandEconomicDepartment May2024 JELclassification:C45,C55,D83,E42. Keywords:paymentsystems,transactionmonitoring,anomalydetection,machinelearning. BISWorkingPapersarewrittenbymembersoftheMonetaryandEconomicDepartmentoftheBankforInternationalSettlements,andfromtimetotimebyothereconomists,andarepublishedbytheBank.Thepapersareonsubjectsoftopicalinterestandaretechnicalincharacter.TheviewsexpressedinthemarethoseoftheirauthorsandnotnecessarilytheviewsoftheBIS. ThispublicationisavailableontheBISwebsite(www.bis.org). ©BankforInternationalSettlements2024.Allrightsreserved.Briefexcerptsmaybereproducedortranslatedprovidedthesourceisstated. ISSN1020-0959(print) ISSN1682-7678(online) FindingaNeedleinaHaystack:AMachineLearningFrameworkforAnomalyDetectioninPaymentSystems* AjitDesai1,‡,AnnekeKosse2andJacobSharples11BankofCanada 2BankforInternationalSettlements May13,2024 Abstract Weproposeaflexiblemachinelearning(ML)frameworkforreal-timetransactionmonitoringinhigh-valuepaymentsystems(HVPS),whichareacentralpieceofacountry’sfinancialinfras-tructure.Thisframeworkcanbeusedbysystemoperatorsandoverseerstodetectanomaloustransactions,which—ifcausedbyacyberattackoranoperationaloutageandleftundetected—couldhaveseriousimplicationsfortheHVPS,itsparticipantsandthefinancialsystemmorebroadly.GiventhesubstantialvolumeofpaymentssettledeachdayandthescarcityofactualanomaloustransactionsinHVPS,detectinganomaliesresemblesanattempttofindaneedleinahaystack.Therefore,ourframeworkusesalayeredapproach.Inthefirstlayer,asupervisedMLalgorithmisusedtoidentifyandseparate‘typical’paymentsfrom‘unusual’payments.Inthesecondlayer,onlythe‘unusual’paymentsarerunthroughanunsupervisedMLalgorithmforanomalydetection.WetestthisframeworkusingartificiallymanipulatedtransactionsandpaymentsdatafromtheCanadianHVPS.TheMLalgorithmemployedinthefirstlayerachievesadetectionrateof93%,markingasignificantimprovementovercommonly-usedeconometricmodels.Moreover,theMLalgorithmusedinthesecondlayermarkstheartificiallymanipulatedtransactionsasnearlytwiceassuspiciousastheoriginaltransactions,provingitseffectiveness. Keywords:PaymentSystems,TransactionMonitoring,AnomalyDetection,MachineLearning JELCodes:C45,C55,D83,E42 *TheviewsexpressedinthispaperaresolelythoseoftheauthorsanddonotnecessarilyreflectthoseoftheBankofCanada,theBankforInternationalSettlements(BIS),theBISCommitteeonPaymentsandMarketInfrastructures(CPMI),oritsmembers.WewouldliketothankLeonardSabettiforhiscontributionduringearlierstagesofthework.WealsothankSegunBewaji,AlessioBrini,NarayanBulusu,RicardoDeAvillez,LauraFelber,MarcGlowka,TarushGupta,ConstanzaMartinez,andEllenvanderWoerdfortheirdetailedcomments.Inaddition,wethankparticipantsofthefollowingconferencesfortheircommentsandsugges-tions:BISResearchWebinarSeries(2022),EconomicsofPaymentsXIConference(2022),DNBCentralBankersGoDataDrivenConference(2022),CanadianEconomicsAssociationAnnualConference(2022),RBIGlobalConferenceonFinancialResilience(2023),InternationalConferenceonEconomicModelingandDataScience(2023),theBankofCanadaandtheBankforInterna-tionalSettlement’sSeminaronGranularData(2023),theSecondCEMLARegionalConferenceofPaymentsandFinancialMarketInfrastructures(2023),andtheAEAAnnualMeetingPosterSession(2024).‡Correspondingauthor:adesai@bankofcanada.ca. 1Introduction High-valuepaymentsystems(HVPSs),suchasLynxinCanada,FedwireintheUS,ChapsintheUK,andTarget2intheEurozone,arevitalcomponentsofjurisdictions’financialsystems.Typically,thesearereal-timegrosssettlement(RTGS)systemsthatprocesslarge-valuetransactionsbetweenfinancialinstitutions,oftenrequiringsettlementbyaparticulartime.Assuch,thesafetyandefficiencyofHVPSsarekeytofinancialstabilityandeconomicgrowth.Ifnotproperlymanaged,anHVPScanbeasourceofashock,suchaspaymentsfraud,acyberattack,marketstress,oroperationalproblems(Chapmanetal.2015;BIS-Report2019;FED-Report2019;KotidisandSchreft2023).Moreover,asHVPSsprovidealinkbetweentheirparticipatingfinancialinstitutions,theycouldbecomeachannelthroughwhichshocksaretransmittedacrossdomesticoreveninternationalfinancialmarkets(KosseandLu2022;KotidisandSchreft2023). Inparticular,cyberattacksposeagrowingrisktofinancialinstitutionsandHVPSs.1Forinstance,in2016,theCentralBankofBangladesh(CBB)fellvictimtoacyberheist,wherehackersattemptedtostealnearlyonebilliondollarsfromtheCBBreservesaccountattheFederalReserveBankofNewYork(BukthandHuda2017).Similarly,cyberattacksonMexico’sinterbankpaymentnetworkandBancodeChilein2018resultedinlossesamountingtomillionsofdollars(NishandNaumaan2019).2Recently,KotidisandSchreft(2023)hasdocumentedtheeffectsofacyberattackonaserviceprovidertothebanksparticipatinginFedwireandhighlightedtheimportanceofoperationalresilience.Moreover,simulation-basedstudieshaveshownthatcyberattacks,evenwhentargetingindividualHVPSparticipants,canhaveasignificantimpactonthesysteminwhichtheyparticipate(Eisenbachetal.2021;KosseandLu202

点击免费查看完整报告