تحقیق و تفحص در قانون زیپف برای تشخیص کلاهبرداری (DSS # 06-10-1826R (2))

Fraud risk is higher than ever before. Unfortunately, many auditors lack the expertise to deal with the related risks. The objectives of this research are to develop an innovative fraud detection mechanism on the basis of Zipf's Law. The purpose of this technique is to assist auditors in reviewing the overwhelming volumes of datasets and identifying any potential fraud records. The authors conducted Quasi-experiment research on the KDDCUP'99 benchmark intrusion detection dataset to verify the performance of the proposed mechanism. The simulation experimental results demonstrate that Zipf Analysis can assist auditors to locate the source of suspicion and further enhance the resulting audit processes.

Fraud risk is higher than ever before. According to the results of KPMG's Fraud Survey of 2003, organizations are reporting more experiences of fraud than in prior years [16]. In 2003, 75% of surveyed companies reported that they experienced an instance of fraud, an increase of 13% as compared with 1998. Furthermore, Ernst & Young's Global Survey pointed out that the main contributing factors to the prevalence of fraud are the growing complexity of organizations and systems, changes in business processes and activities, enormous and ever-expanding volumes of transaction data, outdated and ineffective internal controls and so on [11]. Complex organizations and transactions lead to increased opportunity for subjective interpretation, borderline disclosure and even misrepresentation. Auditors must take fraud prevention and awareness seriously. The main reason is that the occupational fraud issue against organizations is a costly business problem. The economic impact can be significant: up to 6% of organizations' revenues may be lost annually as a result of fraud and abuse [3].1 Within the United States, this translates into losses of approximately $660 billion. Furthermore, the true cost of fraud goes beyond the financial loss to the impact on reputation, diversion of management focus, and loss of morale and trust within teams [11]. However, recent corporate scandals clearly indicate the potential for fraud abuse and many auditors lack the skills and expertise to deal with the related risks. It is clear that there is a critical need to implement some technology solutions to auditing areas, especially the data analysis technique [17]. Proper data analysis is critical as a means of allowing auditors to streamline audit processes, bring fraudulent activities to light before they result in critical losses, minimize financial losses, and ensure compliance with business rules and external regulatory requirements, such as SAS 410 and SOX. In this research, the authors propose an innovative mechanism of analytical review procedure, named “Zipf Analysis” that utilizes the conception of Zipf's Law to facilitate the systematic construction of a fraud detection model. For the purpose of building such fraud detection systems, we examine the properties of Zipf's Law and evaluate its capability of discriminating abnormal records from a simulation experiment on the KDDCUP'99 intrusion detection dataset, and revising the fraud detection system to provide a higher level of accuracy and efficiency. This paper is organized as follows: Section 2 reviews related literatures about analytical procedures: Benford's Law and Zipf's Law. Section 3 describes the systematic mechanism of the fraud detection model on the basis of Zipf's Law. 4 and 5, present a simulation experiment for the system implementation and evaluation of the proposed mechanism by comparing other fraud detection methods. Finally, the conclusions of this study are provided in Section 6.

The principal objectives of this research are to introduce an innovative fraud detection mechanism on the basis of Zipf's Law. The main purpose of this technique is to assist auditors for reviewing the overwhelming volumes of datasets and transactions and identifying any potential fraud records. We conducted a simulation experiment and a real case study to verify the performance of our mechanism. In order to evaluate our simulations, we used four key performance indicators: the Audit Hit Rate, Bayes Audit Hit Rate, the confusion matrix and misclassification cost matrix. Finally, our simulation experimental results demonstrate that Zipf Analysis can assist auditors in distinguishing normal versus abnormal data occurrences, helping to decrease suspicion. The achieved objectives are described as follows: 1) Zipf Analysis is very suitable for identifying the potential fraud records that have frequent sequential patterns. The first-two evaluations demonstrate that Zipf's Law could filter the most of fraud records, especially for frauds that have frequent sequential patterns. The results show that when the critical value under the level of 2% Zipf Analysis has the best performance, AHR = 87.06% and BAHR = 96.45%. 2) Zipf Analysis is more effective and efficient than 100% sampling. Our experiment shows that Zipf's Law could generate higher AHR and BAHR. Therefore, it implies that our mechanism for fraud detection can facilitate the performance of auditor's reviewing of vastly increased volumes of data and transactions. As to the possibility of future research on this subject matter, there are several directions that the reader can take. 1) This research conducted a simulation experiment only for the purpose of testing the ability of Zipf's Law to detect fraud. In the future, one can further evaluate the fraud detection performance of Zipf's Law by comparing Zipf Analysis with other clustering algorithms, some examples being K-means, Kohonen, Digital Analysis and so on. 2) One can apply our mechanism into real case studies to examine the feasibility and effectiveness of Zipf Analysis, even in different domain's datasets, such as time-varying data, multi-dimensional data and data from multiple sources. 3) Similarly, one could apply our mechanism on these datasets that consider time-serial attributions to verify the capacity of Zipf Analysis for detecting time-serial fraud patterns.