Detection of suspicious transactions with database forensics and theory of evidence

Abstract

The aim of enabling the use of illegally obtained money for legal purposes, while hiding the true source of the funds from government authorities has given rise to suspicious transactions. Illegal transactions are detected using data mining and statistical techniques with the input data like various suspicious reports or the data set of all transactions within a financial institution. The output obtained is the set of highly suspicious transactions or highly suspicious entities (e.g., persons, organizations, or accounts). In this paper, we propose a database forensics methodology to monitor database transactions through audit logs. The Rule-based Bayesian Classification algorithm is applied to determine undetected illegal transactions and predicting initial belief of the transactions to be suspicious. Dempster-Shafer’s theory of evidence is applied to combine different parameters of the transactions obtained through audit logs to verify the uncertainty and risk level of the suspected transactions. Thus a framework is designed and developed which can be used as a tool for the digital investigators.