1746                                     Journal of Software  软件学报 Vol.32, No.6,  June 2021

         性,使得本文提出的交互行为重构系统干预模型能够平滑的引导用户行为发生变化并使得引导前后具备一定
         的行为区分性,为身份伪装欺诈检测提供了新的解决思路;二是对于行为稳定性和偏向性系数的刻画时采用
         1.5IQR 的异常值分析方法,能够更好避免异常值对于引导模型平滑性的干扰.因此,采用 TDDA 行为引导机制能
         够在不改变原有欺诈检测方法的情况下使得正常行为和伪装的欺诈行为产生区分,使得模型的准确率、精确率
         等指标相对于原始场景取得显著提升,对于模型在伪装行为的判断方面具有更好的整体性能.

         4    结   论

             本文提出了一种个体交互行为的平滑干预模型,该模型从用户的历史交互行为出发,考虑了用户之间的差
         异,分析用户交互行为的稳定性和偏向性系数,并提出了交互行为时域漂移算法,为每个用户确定各自的行为干
         预时机.同时提出了交互行为重构的系统实现方法,采用 Petri 网对业务系统进行建模,给出了不同系统行为轮廓
         下行为流程的重构方式,在确保不破坏系统基本业务逻辑的前提下,使得合法用户的行为能够平滑变化,且与原
         始行为特征具备一定的区分性.实验证明:在行为伪装欺诈检测场景中,使欺诈者模拟的用户行为失效,使得检
         测模型的准确率、精确率等指标相对于原始场景提升 10%以上.证明了本文提出的行为干预方法的有效性,为
         身份伪装场景的欺诈检测提供了一个全新的解决思路和视角.在下一步的工作中,将持续关注如何衡量行为漂
         移程度与良好交互体验之间的平衡,以及如何从形式化的角度论证该策略的有效性.

         References:
          [1]    China  Information and Communication Research  Institute.  Mobile  Digital  Finance and Electronic Commerce  Anti-fraud White
             Paper (in Chinese).
          [2]    Aiken LR. Attitude and Behavior. Beijing: China Light Industry Press, 2008 (in Chinese).
          [3]    Nenadic  A,  Zhang  N,  Barton S.  A security protocol for  certified  e-goods delivery. In: Proc. of the Int’l  Conf. on Information
             Technology: Coding and Computing (ITCC 2004), 2004. 22−28.
          [4]    Zhong J, Yan C, Yu W. et al. A kind of identity authentication method based on browsing behaviors. In: Proc. of the 2014 7th Int’l
             Symp. on Computational Intelligence and Design. 2014. 279−284.
          [5]    Zhao P, Yan C, Jiang C. Authenticating Web user’s identity through browsing sequences modeling. In: Proc. of the 2016 IEEE 16th
             Int’l Conf. on Data Mining Workshops (ICDMW). 2016. 335−342.
          [6]    Roth J, Liu X, Metaxas D. On continuous user authentication via typing behavior. IEEE Trans. on Image Processing, 2014,23(10):
             4611−4624.
          [7]    Ma L, Yan C, Zhao P, et al. A kind of mouse behavior authentication method on dynamic soft keyboard. In: Proc. of the 2016 IEEE
             Int’l Conf. on Systems, Man, and Cybernetics (SMC). IEEE, 2016.
          [8]    Liu  C,  He J. Access  control to Web pages based on user browsing behavior. In: Proc.  of the 2017 IEEE 9th  Int’l  Conf. on
             Communication Software and Networks (ICCSN). 2017. 1016−1020.
          [9]    Zhao P, Yan C, Jiang C. Authenticating Web user’s identity through browsing sequences modeling. In: Proc. of the 2016 IEEE 16th
             Int’l Conf. on Data Mining Workshops (ICDMW). 2016. 335−342.
         [10]    Zheng L, Liu G, Yan C, Jiang C. Transaction fraud detection based on total order relation and behavior diversity. IEEE Trans. on
             Computational Social Systems, 2018:796−806.
         [11]    Zheng L, et al. A new credit card fraud detecting method based on behavior certificate. In: Proc. of the 2018 IEEE 15th Int’l Conf.
             on Networking, Sensing and Control (ICNSC). 2018. 1−6.
         [12]    Chen D, Ding Z, Yan C,  et  al. A behavioral  authentication  method for  mobile based on  browsing behaviors. In: Proc. of  the
             Institute of Electrical and Electronics Engineers Inc. 2019.
         [13]    Zhong J, Yan C, Yu W, Zhao P, Wang M. A kind of identity authentication method based on browsing behaviors. In: Proc. of the
             2014 7th Int’l Symp. on Computational Intelligence and Design. 2014. 279−284.
         [14]    Zhang Y, Chen G. A forensics method of Web browsing behavior based on association rule mining. In: Proc. of the 2014 2nd Int’l
             Conf. on Systems and Informatics (ICSAI 2014). 2014. 927−932.
         [15]    Liu  GJ, Jiang  CJ. Behavioral  equivalence of security-oriented interactive systems. IEICE  Trans. on  Information  and Systems,
             2016,E99-D: 2061−2068.
         [16]    Liu GJ, Jiang CJ. Secure bisimulation for interactive systems. In: Proc. of the 15th ICA3PP. LNCS 9530. 2015. 625−639.