skip to main content
US FlagAn official website of the United States government
dot gov icon
Official websites use .gov
A .gov website belongs to an official government organization in the United States.
https lock icon
Secure .gov websites use HTTPS
A lock ( lock ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Explore Research Products in the PAR
It may take a few hours for recently added research products to appear in PAR search results.


  • Home
  • Search Results
  • Page 1 of 1

Search for: All records

Creators/Authors contains: "Jusak, Jusak"

Note: When clicking on a Digital Object Identifier (DOI) number, you will be taken to an external site maintained by the publisher. Some full text articles may not yet be available without a charge during the embargo (administrative interval).
What is a DOI Number?

Some links on this page may take you to non-federal websites. Their policies may differ from this site.

  1. ; ; ; (, ICC 2019 - 2019 IEEE International Conference on Communications (ICC))
    Online card transaction fraud is one of the major threats to the bottom line of E-commerce merchants. In this paper, we propose a novel method for online merchants to utilize disposable (“one-time use”) domain names to detect client IP spoofing by collecting client's DNS information during an E-commerce transaction, which in turn can help with transaction fraud detection. By inserting a dynamically generated unique hostname on the E-commerce transaction webpage, a client will issue an identifiable DNS query to the customized authoritative DNS server maintained by the online Merchant. In this way, the online Merchant is able to collect DNS configuration of the client and match it with the client's corresponding transaction in order to verify the consistency of the client's IP address. Any discrepancy can reveal proxy usage, which fraudsters commonly use to spoof their true origins. We have deployed our preliminary prototype system on a real online merchant and successfully collected clients DNS queries correlated with their web transactions; then we show some real instances of successful fraud detection using this method. We also address some concerns regarding the use of disposable domains. 
    more » « less
    Full Text Available 
  2. ; ; (, GLOBECOM 2017 - 2017 IEEE Global Communications Conference)
    Online merchants face difficulties in using existing card fraud detection algorithms, so in this paper we propose a novel proactive fraud detection model using what we call invariant diversity to reveal patterns among attributes of the devices (computers or smartphones) that are used in conducting the transactions. The model generates a regression function from a diversity index of various attribute combinations, and use it to detect anomalies inherent in certain fraudulent transactions. This approach allows for proactive fraud detection using a relatively small number of unsupervised transactions and is resistant to fraudsters' device obfuscation attempt. We tested our system successfully on real online merchant transactions and it managed to find several instances of previously undetected fraudulent transactions. 
    more » « less
    Full Text Available