METHODOLOGY FOR THE OPTIMIZATION OF RESOURCES IN THE DETECTION OF COMPUTER FRAUD.

Abstract

A methodology is proposed for optimizing the allocation of resources in the detection of computer fraud. The methodology consists of four major segments. First, a threat assessment is performed. A general threat assessment is provided which relies upon reported incidents of computer fraud. Then, recognizing the limitations of computer fraud reporting, a specific threat assessment technique is provided which is based entirely on the characteristics of a given computer system. Both the general and specific threat assessment techniques use a matrix approach which evaluates and assigns threat values by type of computer fraud and perpetrator. Second, a Detection Quotient is established which measures the effectiveness of computer fraud detection resource allocation for all of the possible combinations of computer fraud types and perpetrators. However, for many computer systems, the large number of possible resource allocation alternatives results in a Combinatorial Dilemma whereby the phenomenally large number of alternatives precludes comprehensive analysis. This leads to the third major segment of the dissertation, a General Solution to the Combinatorial Dilemma which ensures an alternative very near the optimum while evaluating only an extremely small percentage of possible alternatives. Fourth, a Resource Optimization Model is provided which, beginning with the results of the Threat Assessment, iteratively assigns varying levels of computer fraud detection resources to different fraud type and perpetrator combinations. Using the general solution to the Combinatorial Dilemma and the Detection Quotient as a measure of the effectiveness of each combination, the model produces a statistically defensible near optimum allocation of available resources to computer fraud detection. Also provided are the results of the research into reported cases of fraud in the form of a Typology. This Typology combines frequency of occurrence and dollar impact of reported cases of fraud into a measure of vulnerability for various types of fraud and perpetrator. Finally, an overview of investigative techniques and automated tools for evaluating the propriety of computer systems is provided.