creation of adversarial accounting records to attack
play

Creation of Adversarial Accounting Records to Attack Financial - PowerPoint PPT Presentation

May 13, 2023 •469 likes •1.07k views

University of St. Gallen Creation of Adversarial Accounting Records to Attack Financial Statement Audits A research collaboration between the HSG, DFKI and PwC NVIDIAs GPU Technology Conference March, 20 th 2019 M. Schreyer 1,2 , T. Sattarov

  1. University of St. Gallen Creation of Adversarial Accounting Records to Attack Financial Statement Audits A research collaboration between the HSG, DFKI and PwC NVIDIA’s GPU Technology Conference March, 20 th 2019 M. Schreyer 1,2 , T. Sattarov 3 , B. Reimer 3 , and D. Borth 1,2 1 University of St. Gallen, 2 German Research Center for Artificial Intelligence, and 3 PricewaterhouseCoopers GTC San Jose 2019 - HSG - DFKI - PwC 1

  2. Economic Crime and ERP-Systems “The Footprint” GTC San Jose 2019 - HSG - DFKI - PwC 2

  3. Economic Crime ”49% respondents said that their organization have been victim of fraud or economic crime in the past 24 months” “PwC’s Global Economic Survey 2018” , encompassing data of 7.200 respondents in 123 countries ”The median loss of a single financial statement fraud case is $150,000... The Duration from the fraud perpetration till its detection was 18 months” “ACFE’s 2016 Report to the Nations on Occupational Fraud and Abuse” , encompassing 2.410 cases in 114 countries GTC San Jose 2019 - HSG - DFKI - PwC 3

  4. Economic Crime GTC San Jose 2019 - HSG - DFKI - PwC 4

  5. Economic Crime Economic Crime Committed by Internal Actors Relationship of Actor Fraction of Internal Actors and Victimized Organization * Conducting Economic Crime ** 63% 62% 58% 52% 51% 46% 2007 2009 2011 2013 2016 2018 “Internal actors are the main the main perpetrators of fraud.” * Source: „Wirtschaftskriminalität 2018, Mehrwert von Compliance - forensische Erfahrungen“, Studie der Martin-Luther-Universität Halle Wittenberg und PwC GmbH WPG ** Source: „Wirtschaftskriminalität in der analogen und digitalen Wirtschaft 2016“, Studie der Martin-Luther-Universität Halle Wittenberg und PwC GmbH WPG ** Source: „Wirtschaftskriminalität und Unternehmenskultur 2013“, Studie der Martin-Luther-Universität Halle Wittenberg und PwC GmbH WPG GTC San Jose 2019 - HSG - DFKI - PwC 5

  6. Enterprise Resource Planning Systems Evolution of Recording and Processing Accounting Data ~ 1900’s ~ 1950’s ~ 1992’s Data Volume § Continuous digitization of business activities and processes § Accumulation of exhaustive transactional and business process data § „Every“ activity within an organization leaves a digital trace .... ! GTC San Jose 2019 - HSG - DFKI - PwC 6

  7. Enterprise Resource Planning Systems Evolution of Recording and Processing Accounting Data SAP AG: ”Our ERP applications touch 77% of global transaction revenue […]" ~ 1900’s ~ 1950’s ~ 1992’s Source: “SAP at a Glance - Investor Relations Fact Sheet (October 2018)”, https://www.sap.com/docs/download/investors/2018/sap-factsheet-oct2018-en.pdf Data Volume § Continuous digitization of business activities and processes § Accumulation of exhaustive transactional and business process data § „Every“ activity within an organization leaves a digital trace .... ! GTC San Jose 2019 - HSG - DFKI - PwC 7

  8. Enterprise Resource Planning (ERP) Systems Understanding the Different Layers of Abstraction Process Incoming Invoice Outgoing Payment (€ 1000) (€ 1000) S D Expenses D Liabilities C D Bank C C AccounPng Recording Analysis € 1000 € 1000 € 1000 € 1000 Journal Entry Segments Table Company Entry ID Fiscal Year Type Date AIS-Data Company Entry ID Sub-ID Currency Amount D/C AAA 100011 2017 SA 31.10.2016 AAA 100011 0001 USD 1’000.00 D AAA 100012 2017 MZ 31.10.2016 AAA 0002 USD C BBB 900124 2017 IN 01.02.2017 100011 1’000.00 BBB 0001 USD D ... ... ... ... ... 900124 2’232.00 ... ... ... ... ... ... Journal Entry Headers Table GTC San Jose 2019 - HSG - DFKI - PwC 8

  9. Classification of Accounting Anomalies „Global“ Accounting Anomalies „Local“ Accounting Anomalies # Feature 2 (e.g. Line-Items) # Feature 2 (e.g. Line-Items) # Feature 1 (e.g. Amount) # Feature 1 (e.g. Posting Amount) Usually Rare Attribute Values Usually Rare Attribute Combinations • Seldom used user accounts, • Unusual posting activities • Reverse postings, corrections • Deviating user behavior [1] Kriegel et al., 2000 GTC San Jose 2019 - HSG - DFKI - PwC 9

  10. Classification of Accounting Anomalies „Global“ Accounting Anomalies „Local“ Accounting Anomalies # Feature 2 (e.g. Line-Items) # Feature 2 (e.g. Line-Items) Tendency towards Tendency towards “ERROR” “FRAUD” # Feature 1 (e.g. Amount) # Feature 1 (e.g. Posting Amount) "Perpetrators usually don't act "Perpetrators usually try to obfuscate completely in deviation from the their behavior to make it appear as usual accounting models.” ordinary as possible.” [1] Kriegel et al., 2000 GTC San Jose 2019 - HSG - DFKI - PwC 10

  11. Traditional “Red-Flag” Approaches Matching Fraud Signatures GTC San Jose 2019 - HSG - DFKI - PwC 11

  12. Traditional “Red-Flag” Approaches Exemplary “Red-Flags” to Detect Traces of Fraudulent Activities 1 Purchasing Process „Procure-to-Pay“ Vendor Purchase Purchase Goods Invoice Payment Master Data Requisition Order Received 2 7 4 4 5 6 3 8 2 Vendor Master Data Analysis 7 Vendor Invoice Analysis § Uncomplete vendor master data § Invoices without purchase order § Short-term bank account changes § Multiple re-postings of invoices § Sanctioned or one-time vendors § Short time period of invoice clearance § Multiple bank accounts § Re-recorded invoice after payments § … § … GTC San Jose 2019 - HSG - DFKI - PwC 12

  13. Traditional “Red-Flag” Approaches Exemplary “Red-Flags” to Detect Traces of Fraudulent Activities Purchasing Process „Procure-to-Pay“ Vendor Purchase Purchase Goods Invoice Payment Master Data Requisition Order Received Employee 1 1.000 Employee 2 1.000 Employee 3 1.000 1.000 Employee 4 1.000 Employee 5 1.000 Segregation of Duties (SoD) Matrix per Process Activity GTC San Jose 2019 - HSG - DFKI - PwC 13

  14. Traditional Statistical Approaches Exemplary: Distribution Analysis of Purchase Order Amounts Benford-Newcomb Law Analysis of Vendor Purchase Order Amounts 9 8 • Formalizes the uneven 4% 7 5% 6% 1 distribution of the leading 6 30% 7% digits in many real-life 5 Probability sets of numerical data 8% 4 2 10% 3 18% 12% Trace for the potential circumvention of • financial approval limits (e.g. purchase orders) Two Leading Digits [2] Benford, Frank; 2000 GTC San Jose 2019 - HSG - DFKI - PwC 14

  15. Traditional Statistical Approaches Exemplary: Distribution Analysis of Purchase Order Amounts Benford-Newcomb Law Analysis of Vendor Purchase Order Amounts • Formalizes the uneven 9 8 4% 7 5% distribution of the leading 1 6% 6 Challenges associated with “Red-Flag” based approaches: 30% digits in many real-life 7% 5 Probability sets of numerical data 8% 4 § “Known Unknowns“ - don‘t generalize well beyond the historically known. 2 10% 3 18% 12% § “Static Methodology” - don‘t adapt to emerging and new pattern. Trace for the potential circumvention of • § “Non Tailored” - disregard company specific accounting processes and data. financial approval limits (e.g. purchase orders) Two Leading Digits [2] Benford, Frank; 2000 GTC San Jose 2019 - HSG - DFKI - PwC 15

  16. Traditional ”Data Science” Approaches Principal Component Analysis & Clustering GTC San Jose 2019 - HSG - DFKI - PwC 16

  17. Traditional “Data Science” Approaches Example: Multi-Dimensional Clustering of Vendor Payments Multi-Dimensional Cluster Detection § Exemplary analysis of SAP vendor payments: § Total 125.223 payment postings § Affecting 22 SAP-User, 3.055 Vendors § Detected “regular” clusters: § Man. vendor payments („Cluster 1“) § Employee travel expenses („Cluster 2“) § Periodic payment runs („Cluster 3“) Cluster GJAHR BELNR BUZEI USNAM BLART TCODE HKONT DMBTR LIFNR CPUDT 1 2014 30801256 2 User A MP FB05 460200 2‘970.00 437970 08/18/2014 2 2014 60700394 2 User B TR FB1K 440000 559.68 356710 10/19/2014 3 2014 80300928 1 User C PR F110 440000 4‘974.2 609406 01/19/2014 GTC San Jose 2019 - HSG - DFKI - PwC 17

  18. Traditional “Data Science” Approaches Example: Multi-Dimensional Clustering of Vendor Payments Multi-Dimensional Anomaly Detection § Exemplary analysis of SAP vendor payments: § Total 125.223 payment postings 2 3 § Affecting 22 SAP-User, 3.055 Vendors 1 § Detected posting anomalies: § Deviating man. vendor payments („Cluster 1“) § Late employee travel expenses („Cluster 2“) § Manipulated payment runs („Cluster 3“) Anomaly GJAHR BELNR BUZEI USNAM BLART TCODE HKONT DMBTR LIFNR CPUDT 1 2014 31000007 4 User Z MP FBZ2 486400 14672.85 209495 01/01/2014 2 2014 60801008 2 User Y TR FB1K 440000 17123.98 358822 06/28/2014 3 2014 80600094 17 User C PR F110 440000 45376.69 364110 04/07/2014 GTC San Jose 2019 - HSG - DFKI - PwC 18

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on

ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on

ATTACK: Learning the Distributions of Adversarial Examples for an Improved Black-Box Attack on Deep Neural Networks Yandong Li* 1 Lijun Li* 1 Liqiang Wang 1 Tong Zhang 2 Boqing Gong 3 *Equal Contribution 1 University of Central Florida 2 Hong

440 views • 11 slides
Overview What is Adversarial Attack? Why should we care? How does it work? Real

Overview What is Adversarial Attack? Why should we care? How does it work? Real

Adversarial Attacks on Phishing Detection Ryan Chang Overview What is Adversarial Attack? Why should we care? How does it work? Real World Demo on Phishing Detection Model How to defend? Adversarial Examples on

610 views • 26 slides
Introduction Attack Graphs Model Creation Analysis of Attack Graphs

Introduction Attack Graphs Model Creation Analysis of Attack Graphs

EVA Evolutionary Vulnerability Analyzer A Framework for Network Analysis and Risk Assessment Dr. Melissa Danforth Department of Computer Science California State University, Bakersfield Introduction Attack Graphs Model Creation

684 views • 50 slides
Towards Attack-Agnostic Defense for 2D and 3D Recognition Hao Su Workshop on Adversarial Machine

Towards Attack-Agnostic Defense for 2D and 3D Recognition Hao Su Workshop on Adversarial Machine

Towards Attack-Agnostic Defense for 2D and 3D Recognition Hao Su Workshop on Adversarial Machine Learning in Real-World Computer Vision Systems Long Beach, CA, USA 1 Outline Background and Motivation Project-based Defense Mechanism

760 views • 72 slides
Adversarial camera stickers: A physical camera-based attack on deep learning systems Juncheng B.

Adversarial camera stickers: A physical camera-based attack on deep learning systems Juncheng B.

Adversarial camera stickers: A physical camera-based attack on deep learning systems Adversarial camera stickers: A physical camera-based attack on deep learning systems Juncheng B. Li, Frank R. Schmidt, J. Zico Kolter Bosch Center for

375 views • 15 slides
EVOLUTION OF ACCOUNTING Merchants & Governments have been using accounting for keeping

EVOLUTION OF ACCOUNTING Merchants & Governments have been using accounting for keeping

EVOLUTION OF ACCOUNTING Merchants & Governments have been using accounting for keeping records of transactions since times immemorial. India has a very long tradition of maintaining books of accounts known as Chopadis . These

427 views • 25 slides
Improving Cross-database Face Presentation Attack Detection via Adversarial Domain Adaptation

Improving Cross-database Face Presentation Attack Detection via Adversarial Domain Adaptation

Improving Cross-database Face Presentation Attack Detection via Adversarial Domain Adaptation Guoqing Wang 1,3 , Hu Han , 1,2 , Shiguang Shan 1,2,3,4 , and Xilin Chen 1,3 1 Key Laboratory of Intelligent Information Processing of Chinese Academy

130 views • 8 slides
Shallow Security: on the Creation of Adversarial Variants to Evade Machine Learning-Based

Shallow Security: on the Creation of Adversarial Variants to Evade Machine Learning-Based

REVERSING AND OFFENSIVE-ORIENTED TRENDS SYMPOSIUM 2019 (ROOTS) 28TH TO 29TH NOVEMBER 2019, VIENNA, AUSTRIA Shallow Security: on the Creation of Adversarial Variants to Evade Machine Learning-Based Malware Detectors Fabrcio Ceschin Marcus

1.12k views • 59 slides
Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography for covert channels and device fingerprinting Steven J. Murdoch and Stephen Lewis http://www.cl.cam.ac.uk/users/ { sjm217 , srl32 } Computer

915 views • 36 slides
Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography

Covert channels in TCP/IP: attack and defence The creation and detection of TCP/IP steganography for covert channels and device fingerprinting Steven J. Murdoch and Stephen Lewis http://www.cl.cam.ac.uk/users/ { sjm217 , srl32 } Computer

1.12k views • 37 slides
From Thin Air: Reconstructing Records Eric L. Green, Esq. 1 Brought to you by Bench Accounting

From Thin Air: Reconstructing Records Eric L. Green, Esq. 1 Brought to you by Bench Accounting

From Thin Air: Reconstructing Records Eric L. Green, Esq. 1 Brought to you by Bench Accounting Dealing with Non Filers 2 2 Eric Green, Esq. Managing partner in Green & Sklarz LLC, a boutique tax firm with offices in Connecticut and

497 views • 16 slides
FIDUCIARY ACCOUNTING PRINCIPLES: AN OVERVIEW J. Aaron Bennett Carruthers & Roth, P.A.

FIDUCIARY ACCOUNTING PRINCIPLES: AN OVERVIEW J. Aaron Bennett Carruthers & Roth, P.A.

FIDUCIARY ACCOUNTING PRINCIPLES: AN OVERVIEW J. Aaron Bennett Carruthers & Roth, P.A. Phone: 336-478-1105 E-mail: jab@crlaw.com Fiduciary Accounting 2 Trustee owes a duty to account: (1) Maintain trust records; (2)

289 views • 27 slides
MATERIALS COSTING FNSACC507A Provide Management Accounting Information In this lesson you will

MATERIALS COSTING FNSACC507A Provide Management Accounting Information In this lesson you will

Week 4 Chapter 4 MATERIALS COSTING FNSACC507A Provide Management Accounting Information In this lesson you will learn 1. About the documents used to cost and control factory materials. 2. How to prepare accounting records from these

1.14k views • 24 slides
Medical Organization Needs SOA Patients Service Oriented Architecture Finance Doctors Data

Medical Organization Needs SOA Patients Service Oriented Architecture Finance Doctors Data

Management of Patient Records Management of Medical Records Management of Services Price management Relations with Insurance Company Financial Management and Accounting Medical Supplies Management Auxiliary

952 views • 9 slides
Deep Adversarial Learning for NLP 9:00 10:30 Introduction and Adversarial Training, GANs

Deep Adversarial Learning for NLP 9:00 10:30 Introduction and Adversarial Training, GANs

Deep Adversarial Learning for NLP 9:00 10:30 Introduction and Adversarial Training, GANs William Wang 10:30 11:00 Break - 11:00 12:15 Adversarial Examples Sameer Singh 12:15 12:30 Conclusions and Question Answering William

1.75k views • 105 slides
INTRODUCTION TO ACCOUNTING Session 01 Session Outline Definition of Accounting History

INTRODUCTION TO ACCOUNTING Session 01 Session Outline Definition of Accounting History

INTRODUCTION TO ACCOUNTING Session 01 Session Outline Definition of Accounting History of Accounting Objectives of Accounting Users of Accounting Information Book-keeping vs. Accounting Financial Accounting vs. Management

625 views • 14 slides
& RECORDS RETENTION An Overview for Workforce Providers and Fiscal Agents Office of

& RECORDS RETENTION An Overview for Workforce Providers and Fiscal Agents Office of

PROCUREMENT & RECORDS RETENTION An Overview for Workforce Providers and Fiscal Agents Office of Workforce Development Technical College System of Georgia What is Procurement? The process to purchase a specific property, product,

464 views • 43 slides
Fourth Quarter and Full Year 2018 Earnings Results Conference Call Forward-Looking Statements In

Fourth Quarter and Full Year 2018 Earnings Results Conference Call Forward-Looking Statements In

Fourth Quarter and Full Year 2018 Earnings Results Conference Call Forward-Looking Statements In addition to historical information, this presentation Mexichem has implemented a Code of Ethics that rules its contains

283 views • 17 slides
Capital Equipment Overview 2018 Procedures and Guidelines Presented by: Travis C. Wood ,

Capital Equipment Overview 2018 Procedures and Guidelines Presented by: Travis C. Wood ,

Capital Equipment Overview 2018 Procedures and Guidelines Presented by: Travis C. Wood , Accountant 2, Property, Plant & Equipment Ray Lord , Accounting Specialist Senior Accounting Services Presentation Outline Definition of Capital

485 views • 30 slides
CITY OF TARPON SPRINGS R EQUIRED A UDITOR C OMMUNICATIONS F ISCAL Y EAR E NDED S EPTEMBER 30, 2016

CITY OF TARPON SPRINGS R EQUIRED A UDITOR C OMMUNICATIONS F ISCAL Y EAR E NDED S EPTEMBER 30, 2016

CITY OF TARPON SPRINGS R EQUIRED A UDITOR C OMMUNICATIONS F ISCAL Y EAR E NDED S EPTEMBER 30, 2016 Presented by: Jeff Wolf, CPA Audit Manager Deliverables and Reports Required Communications Letter (See handout). Independent Auditors

219 views • 11 slides
Independent auditors report to the members of Interserve Plc OVERVIEW Our opinion on the

Independent auditors report to the members of Interserve Plc OVERVIEW Our opinion on the

INTERSERVE ANNUAL REPORT 2014 FINANCIAL STATEMENTS INdEPENdENT AUdITORS REPORT 103 Independent auditors report to the members of Interserve Plc OVERVIEW Our opinion on the financial statements is unmodified In our opinion: the

1.11k views • 70 slides
Investor Presentation 17 th October 2013 a better way forward Presented by James Cornell CEO

Investor Presentation 17 th October 2013 a better way forward Presented by James Cornell CEO

Investor Presentation 17 th October 2013 a better way forward Presented by James Cornell CEO Colin Storrar CFO Lowell Group Q4 2013 RESULTS INVESTORS PRESENTATION 1 a better way forward Overview & Highlights A strong final quarter

221 views • 18 slides
Transition to IFRS Getting prepared for the 1st quarter 2011, which will be under IFRS January

Transition to IFRS Getting prepared for the 1st quarter 2011, which will be under IFRS January

Transition to IFRS Getting prepared for the 1st quarter 2011, which will be under IFRS January 25, 2011 Agenda Forward-looking Statements Denis Jasmin, Vice-President, Investor Relations Introduction Gilles Larame, Executive

543 views • 29 slides
Balances What Is Account Balances? AIS Account Balances is a legacy mainframe application

Balances What Is Account Balances? AIS Account Balances is a legacy mainframe application

2/27/2020 WA S H I N G T O N S T AT E U N I V E R S I T Y Balances and Data Warehouse for Administration of Sponsored Awards Research Administration Series: Presented by Kim Akin And Claire Rathbun Sponsored Program Services Balances What

347 views • 10 slides

More recommend