INFOSEC 690F

Fraud Detection (Spring 2018)

Overview

Syllabus

Syllabus

Welcome

In this course, each voice in the classroom has something of value to contribute. Please take care to respect the different experiences, beliefs and values expressed by students and staff involved in this course. My colleagues and I support UMass’s commitment to diversity, and welcome individuals regardless of age, background, citizenship, disability, sex, education, ethnicity, family status, gender, gender identity, geographical origin, language, military experience, political views, race, religion, sexual orientation, socioeconomic status, and work experience.

View this syllabus as a guide to the course. It provides important information regarding the course, its assignments, policies, grading, and available university resources. You should refer to it regularly. However, this document should be considered a working document. It is possible throughout the semester that a topic may take more time than expected, topics or assignments may change, and so on. If that is the case, the syllabus and/or schedule will be updated and a revised version will be posted (here) on the course web site.

Course overview

This course provides an introduction to the principles and practice of fraud detection across a variety of problem domains such as money laundering, credit card fraud, telecommunications fraud, and computer and network intrusion. The key topics of this course include defining fraud in various domains; the interactions between fraud prevention and fraud detection; data collection and management; statistical tests and statistical power; methods for statistical fraud detection, including numerical validation, outlier detection, supervised and unsupervised classification methods, and application of Benford’s Law. Three credits.

What, when, where, who

INFOSEC 690F: Fraud Detection
an online course offered through UMASS CPE

Instructor: Marc Liberatore (please call me “Marc”)
Email: liberato@cs.umass.edu
Phone: 413-545-3061 (on campus: 5-3061)
Office: Lederle Graduate Research Center A351B
Office hours: Tuesday 11:30am – 1:30pm (these are physical, not virtual office hours)

Required material

There is one required textbook for this course, David Corderre’s Computer-Aided Fraud Prevention and Detection (ISBN 978-0-470-39243-0). Students may also find Albrecht et al.’s Fraud Examination (ISBN 978-1-305-07914-4) useful, but it is optional.

We will supplement this text with readings specific to computer-aided and domain-specific fraud detection, including Bolton and Hand’s “Statistical Fraud Detection: A Review” (doi:10.1214/ss/1042727940), Phua et al.’s “A Comprehensive Survey of Data Mining-based Fraud Detection Research” (doi:10.1016/j.chb.2012.01.002), Li et al.’s “A Survey on Statistical Methods for Health Care Fraud Detection” (doi:10.1007/s10729-007-9045-4), along with whitepapers, case studies, and sample data sets that will be provided by the instructor.

Finally, students may find additional resources helpful when working with files and data. I recommend Al Sweigart’s Automate the Boring Stuff with Python (ISBN 978-1-59327-599-0, also available for free at: https://automatetheboringstuff.com/); Grolemund and Wickham’s R for Data Science (ISBN: 978-1-491-91039-9, available online at: http://r4ds.had.co.nz/) and Robert I. Kabacoff’s R in Action (ISBN: 978-1-617-29138-8, available in a condensed form at: http://www.statmethods.net/) for help with Python and R, respectively. There are also innumerable guides to Excel and other spreadsheet programs; I don’t have a particular recommendation to give if you prefer to use Excel or the like.

Code of conduct

  • The course staff are committed to providing a friendly, safe and welcoming environment for all, regardless of level of experience, gender identity and expression, sexual orientation, disability, personal appearance, body size, race, ethnicity, age, religion, nationality, or other similar characteristic.
  • Please be kind and courteous. There’s no need to be mean or rude.
  • Respect that people have differences of opinion and that differing approaches to problems in this course each carry a trade-off and numerous costs. There is seldom a single right answer to complicated questions.
  • Please keep unstructured critique to a minimum. Criticism should be constructive.
  • We will informally warn you, once, if you insult, demean or harass anyone. That is not welcome behavior. After that we will report your behavior to the Dean of Students office. We interpret the term “harassment” as including the definition in the Citizen Code of Conduct under “Unacceptable Behavior”; if you have any lack of clarity about what might be included in that concept, please read their definition. In particular, we don’t tolerate behavior that excludes people in socially marginalized groups.
  • Private harassment is also unacceptable. No matter who you are, if you feel you have been or are being harassed or made uncomfortable by a member of this class, please contact a member of the course staff immediately (or if you do not feel safe doing so, you should contact the Chair of the Faculty of CICS, currently Prof. James Allan, allan@cs.umass.edu). Whether you’ve been at UMass for years or are a newcomer, we care about making this virtual classroom a safe place for you and we’ve got your back.
  • Likewise any spamming, trolling, flaming, baiting or other attention-stealing behavior is not welcome.

(Partially drawn from the Rust Code of Conduct.)

Communication policy

Typically, most course communication will occur via Blackboard.

Per the University Email Policy, you are expected to check your email regularly. I will use your UMass email address as a means to contact you individually when the tools within Blackboard (UMass CPE’s online learning management system) are not appropriate.

If you need to send me email, please include “INFOSEC 690F” in the subject line to make sure I answer them in a timely fashion. For course-content related questions (especially questions that other students might benefit from seeing the answers to), please use Blackboard’s discussion forums. For other questions, email or private messages on Blackboard may be better. In either case, please check the syllabus and course site before emailing the course staff.

I usually respond to emails and messages within Blackboard within about one business day, but I do not typically respond to communications after about 5pm or on weekends. Instructors tend to get a high volume of communication when a deadline is approaching. If you contact me at least one full business day before a quiz or deadline, you are guaranteed a reply before the quiz or deadline (barring emergencies on my end, of course). Otherwise I’ll do my best, but no guarantees.

Time management and what to expect

This in an eight-week intensive graduate-level course with a commensurate workload. The University’s handbook on teaching and learning online suggests that a typical 13-week, three-credit online course can “easily require more than six hours of time, especially for students who type slowly.”[[1]] Plan accordingly.

As a student in this course, you can expect weekly reading assignments and occasional video content. The instructor and other students will participate in an asynchronous online forum where course content will be discussed and student questions will be answered, generally within one business day. You will typically be asked to write a short summary or reflection on each assigned reading.

There will be weekly homework assignments consisting of both short- and long-form questions, exercises and analysis aided by software such as Excel, and some scripting and analysis in programming environments such as R and Python. There will be a midterm exam (around the beginning of the fifth week of the course) and final exam, both administered online.

Attendance

Students are expected to keep up with reading and homework assignments. Especially in online courses, it is important that students progress through the material at roughly the same pace so that questions, discussions, troubleshooting, and so on are relevant and timely. Absent other arrangements, late work will generally not be accepted.

Because this is an online course, I do not generally expect to need to grant excuses or extensions, since you may largely work at your own pace. If you expect an extended absence during the course due to religious reasons, you must provide me with a written list of such dates within one week of your enrollment in the course. In particular, if you are absent for health reasons, I expect you to notify me as soon as possible and provide written documentation. Similarly, if you are absent for other extenuating non-academic reasons, such as a military obligation, family illness, jury duty, automobile collision, etc., I expect you to notify me as soon as possible and provide written documentation.

That said, this is an intensive course, being taken by people who may be working full-time and have other life commitments. If you know you are going to need more time for a particular assignment, please contact the instructor (at least a business day in advance) and we’ll arrive at a reasonable accommodation. Similarly, should disaster arrive, let us know as soon as possible and we’ll work together to find a solution.

Incompletes

Incompletes will be granted only in exceptional cases, and only if you have completed at least half the course with a passing grade. Prior to that, withdrawal is the recommended course of action.

Course outline and schedule

This course will be run as a compressed (eight-week) online course. The topics that we will cover will be approximately as follows:

Week 1: Introduction to Fraud

  • Introduction and Course Overview: What is fraud? Why does it happen? Who is responsible for preventing and detecting it? How might we use computers and data analysis techniques to prevent and detect fraud?
  • Examples of Fraud.

Reading:

Assignments:

Week 2: Fraud Prevention and Auditing

  • Fraud Prevention: Risks that lead to fraud. Controls to prevent fraud.
  • Auditing and Fraud Detection: Overview of auditing. Auditing plans, goals, possible outcomes. Computer-assisted auditing techniques.
  • An example of digital analysis: Benford’s Law.

Reading:

Assignments:

Week 3: Dealing with Data

  • Collecting data
  • Tabular and relational data
  • Import and export
  • CSV, SQL, etc.
  • Cleaning, verifying, and normalizing data

Reading:

Other resources:

Assignments:

Week 4: Understanding and Working with Data

  • Computer analysis and visualization techniques.
  • Sorting, indexing, summarizing, and stratifying.
  • Duplicate detection.
  • Joining data tables.
  • Pivot tables and cross tabulation.

Reading:

  • Coderre: Chapters 5—8 (not as bad as it may seem; 5 introduces things that are expanded in 6–8)

Assignments:

Week 5: Other Numeric Tests for Fraud

  • Numeric tests: Frequently used values. Even amounts and rounding. Ratio/variance analysis. Min/maxes.
  • Midterm Exam (on Blackboard)

Reading:

  • Coderre: Chapters 10, 12

Assignments:

Week 6: Testing for Outliers

  • Finding outliers in multidimensional data
  • Statistical tests
  • Randomization testing
  • Statistical power

Reading:

Assignments:

Other resources:

Week 7: Modeling Fraud

Supervised learning techniques for fraud detection.

Reading:

Assignments:

Week 8: Limits, wrap-up and final exam

Limits of model-aided fraud analysis (continued).

Final exam.

Reading:

Grading

The relative value of the various course components is approximately as follows:

10% Reading summary/response
50% Homework assignments
20% Midterm
20% Final Exam

The numerical cutoff for final course letter grade assignment will be made after all grading is completed. As a rough guide, expect to require at least a 93 to get an A, a 90 to get an A-, an 87 to get a B+, an 83 to get a B, an 80 to get a B-, and so on.

There are no opportunities for extra credit in this course.

Late work will not be accepted. If you need an extension for an assignment, contact me a reasonable amount of time — generally, at least a full business day — before the assignment is due. If you are incapacitated for one or more days up to and including the due date, I will require written documentation explaining your inability to work on course material in order to consider granting a retroactive extension, at my discretion.

I will retain all graded materials for this course until the end of next semester (or as long as Blackboard will do so). If you wish to review them you should be able to do so online, or please come to see me during office hours (or make an appointment).

You are responsible for monitoring your grades. Grades will be available on Blackboard. You should check them regularly and review any provided feedback. If you encounter any issues with your grades, you will have one week past the first posting of a particular assignment’s grade to Blackboard to contact the course staff so that we can investigate. We will not generally accept questions about an individual assignment’s grade beyond this one week, so you must be prompt.

Reading summary/response

Each week, there will be one or more assigned readings, either from the required text or from other sources provided to you. I will ask you to prepare a short summary of, response to, or comment upon each week’s readings. The purpose of this task is twofold: First, to give me a gauge of what youthe class is getting out of the readings (and to let me address things that might otherwise have slipped by). And second, to give you an incentive not just skim the readings but to engage with them (and to get credit for doing so!).

These summaries should be completed on your own: they are not intended to be collaborative.

Homework assignments

There will be weekly homework assignments consisting of both short- and long-form questions, exercises, and analysis aided by software such as Excel, and some scripting and analysis in programming environments such as R and Python.

You may work with your classmates on homeworks, though I expect your final answers to be your own. If you do work with a classmate, I expect you both to disclose that fact. There is no problem with working together, so long as your collaboration is disclosed.

Exams

There will be a midterm exam (around the beginning of the fifth week of the course) and final exam, both administered online.

Quizzes and exams must be completed on your own: they are definitely not collaborative!

Academic honesty

General academic honesty statement

Since the integrity of the academic enterprise of any institution of higher education requires honesty in scholarship and research, academic honesty is required of all students at the University of Massachusetts Amherst. Academic dishonesty is prohibited in all programs of the University. Academic dishonesty includes but is not limited to: cheating, fabrication, plagiarism, and facilitating dishonesty. Appropriate sanctions may be imposed on any student who has committed an act of academic dishonesty. Instructors should take reasonable steps to address academic misconduct. Any person who has reason to believe that a student has committed academic dishonesty should bring such information to the attention of the appropriate course instructor as soon as possible. Instances of academic dishonesty not related to a specific course should be brought to the attention of the appropriate department Head or Chair. Since students are expected to be familiar with this policy and the commonly accepted standards of academic integrity, ignorance of such standards is not normally sufficient evidence of lack of intent.

In addition, you should read the UMass Academic Honesty Policy (ignorance of the policy is no excuse).

Course-specific academic honesty information

Academic dishonesty is usually the result of other problems in school, work, or life. Please contact me if you are unable to keep up with the work for any reason and we will do our best to work something out. I want to see you succeed, but I will not tolerate academic dishonesty.

If you engage in what appears to be academic dishonesty, you will almost certainly receive an F for the course. Further, if there are formal disciplinary proceedings, I will lobby for the maximum possible penalty. Investigating academic dishonesty is an unpleasant experience for both the instructor and the student. Please help me by avoiding any questionable behavior.

What is permitted and what is not? You may discuss material with others, but unless otherwise noted your writing (code and prose) must be your own. Collaboration so close that it appears to be plagiarism will be treated as such. If you use a third-party as a source, that’s generally fine, but you must cite your sources. A URL, the name of a text, or so on suffices: I don’t require full academic citations, but I do require you disclose that work is not your own (and whose it is).

Do not provide your solutions to others, either directly or via some sort of public posting, except when collaboration is explicitly permitted and when both you and the other person are currently enrolled in this course. Publicly or privately redistributing solutions to exercises, homeworks, or assignments for this course is a violation of the University Honesty Policy’s prohibition against facilitating academic dishonesty.

Copying and pasting code or text from another student or a third party (without citation) is a violation of academic honesty, and we will endeavor to detect this by any means available to us, including automated similarity analysis of submitted assignments. Be aware that if something looks like academic dishonesty to us, we will treat it as such, unless you can provide strong evidence to the contrary. When in doubt, it is your responsibility to contact the course staff about whether a potential action would be considered academic dishonesty.

Other academic regulations

The Office of the Registrar publishes Academic Regulations yearly. If you are an undergraduate student, you should be familiar with them. Particularly relevant are the policies on attendance, absences due to religious observance, and examinations.

Similarly, the Graduate School maintains the Graduate Student Handbook, which contains a similar set of rules and policies. If you are a graduate student, you should likewise be familiar with its content.

A word about copyrights

Some of the material (lecture notes, lectures, assignments, and so on) in this course is original work created by the instructor (Marc Liberatore); exceptions are clearly noted or obvious (for example, the textbook). While you are welcome to use the material for your own personal and educational use, you may not redistribute them to others outside the class. In particular, selling or otherwise redistributing your notes (or mine!), making or selling audio, video, or still recordings of course material, is not allowed without express written permission from me.

I make this stuff available on the web for you to use easily and without the hassle of sign-ups, logins, and the like, not for you to abuse for a buck. As Carol Barr (Senior Vice Provost and Dean of Undergraduate Education) and Enku Gelaye (Vice Chancellor for Student Affairs and Campus Life) noted at the start of the Fall 2017 semester, usage of notes or in-class recordings without the faculty member’s permission is a violation of the faculty member’s copyright protection.

Accommodation statement

The University of Massachusetts Amherst is committed to providing an equal educational opportunity for all students. If you have a documented physical, psychological, or learning disability on file with Disability Services (DS), you may be eligible for reasonable academic accommodations to help you succeed in this course. If you have a documented disability that requires an accommodation, please notify me within the first two weeks of the semester so that we may make appropriate arrangements.