Show simple record

dc.contributor.authorYesuf, AS.
dc.contributor.authorProbst, Christian
dc.description.abstractIndustry is continuously developing, deploying, and maintaining e-services to transform traditional offerings. While protection of traditional services is well understood, their digital transformation often is vulnerable to known and new attacks. These vulnerabilities open the door for fraudsters to exploit the weaknesses of the new systems and associated services, causing losses of billions of dollars for global economy. This development is caused by the ease of developing new offerings, and the difficulty of performing thorough risk assessment during their design and development. Traditional risk assessment methodologies need to be enhanced to include threat scenarios faced by e-services, and to enable them to match the short development timeframes and to inform the decision-making process. In this paper we present a fraud risk estimation approach addresses these requirements. Based on a list of threat scenarios, our approach calculates the potential risk using pre-computed risk factors, and visualises the analysis result for an informed decision making. In doing so, our approach increases visibility and awareness of fraud risks, and reduces the time spent to calculate potential risks at the design level and throughout development. Together, these properties make our fraud risk estimation approach ideally suited for constantly applied, iterative risk analysis.en_NZ
dc.publisherSpringer International Publishingen_NZ
dc.rightsAll rights reserveden_NZ
dc.subjectrisk estimationen_NZ
dc.subjectrisk analysis ·en_NZ
dc.titleEstimating the risk of fraud against e-servicesen_NZ
dc.typeConference Contribution - Paper in Published Proceedingsen_NZ
dc.subject.marsden080303 Computer System Securityen_NZ
dc.subject.marsden080505 Web Technologies (excl. Web Search)en_NZ
dc.identifier.bibliographicCitationYesuf, AS., & Probst, CW. (2018). Estimating the Risk of Fraud Against E-Services. 23rd Nordic Conference on Secure IT Systems (pp. 306-322).en_NZ
unitec.publication.titleSecure IT Systems 23rd Nordic Conference, NordSec 2018, Oslo, Norway, November 28-30, 2018, Proceedingsen_NZ
unitec.conference.title23rd Nordic Conference on Secure IT Systemsen_NZ
unitec.conference.orgDepartment of Informatics, University of Oslo, Norwayen_NZ
unitec.conference.locationOslo, Norwayen_NZ
dc.contributor.affiliationUnitec Institute of Technologyen_NZ
dc.contributor.affiliationGoethe-Universität (Frankfurt, Germany)en_NZ

Files in this item


This item appears in

Show simple record

 Unitec Institute of Technology, Private Bag 92025, Victoria Street West, Auckland 1142