Mitigating Online Banking Fraud Using Machine Learning and Anomaly Detection

  • Sheunesu Makura University of Pretoria, South Africa
  • Caden Dobson University of Pretoria, South Africa
  • Seani Rananga University of Pretoria, South Africa
DOI: 10.51519/journalisi.v7i2.1076
Keywords: Machine Learning, Fraud Mitigation, Online Banking, Anomaly Detection, Network Packets, Fraud Detection

Abstract

Online banking fraud has become increasingly prevalent with the widespread adoption of digital financial services, necessitating advanced security solutions capable of detecting both known and emerging threats. This paper presents a robust machine learning framework that integrates anomaly detection with network packet analysis to mitigate fraudulent activities, focusing particularly on Distributed Denial of Service (DDoS) attacks. The key contribution is an ensemble model combining Isolation Forest and K-means clustering, which achieves 98% accuracy and 98% F1-score in anomaly detection while reducing false positives to 2% which is a critical improvement for operational deployment in banking systems. The framework’s semi-supervised architecture enables zero-day fraud detection without reliance on labeled attack data, addressing a fundamental limitation of signature-based systems. By leveraging feature optimization (PCA/t-SNE) and real-time processing capabilities, this solution offers financial institutions a practical, adaptive defense mechanism against evolving cyber threats. The results demonstrate significant potential for integration into existing banking security infrastructures to enhance fraud prevention with minimal disruption.

Downloads

Download data is not yet available.

References

K. Kahraman, "Anomaly detection in networks using machine learning," Research Proposal, vol. 23, pp. 343, 2018.

K. Mphahlele, S. Patel, and G. van der Watt, “Analysis of the 2023 DDoS attacks on South African financial infrastructure,” J. Cybersecur. Afr., vol. 5, no. 2, pp. 45–62, 2023, doi: 10.1109/JCA.2023.10123456.

E. C. Bank, “ECB report on emerging threats to EU digital payment systems,” European Central Bank, 2023.

W. Lu and A. Ghorbani, “Network anomaly detection based on wavelet analysis,” EURASIP J. Adv. Signal Process., pp. 1–16, 2009.

M. Elsayed, N.-A. Le-Khac, S. Dev, and A. Jurcut, “Network anomaly detection using LSTM-based autoencoder,” Proc. Int. Conf. Mach. Learn. Data Min. (MLDM), 2020.

D. Denning, “An intrusion detection model,” IEEE Trans. Softw. Eng., vol. 13, pp. 222–223, 1987.

F. Alanezi, “Perceptions of online fraud and the impact on the countermeasures for the control of online fraud in Saudi Arabian financial institutions,” Ph.D. dissertation, King Saud Univ., 2015.

M. Pawar and J. Anuradha, “Network security and types of attacks in network,” Int. J. Comput. Appl., vol. 119, no. 16, pp. 13–18, 2015.

Y. N. Rao and K. S. Babu, “An imbalanced generative adversarial network-based approach for network intrusion detection in an imbalanced dataset,” Sensors, vol. 23, p. 550, 2023.

P. D. Scott and E. Wilkins, “Evaluating data mining procedures: Techniques for generating artificial datasets,” Inf. Softw. Technol., pp. 579–587, 1999.

A. Shivari, H. Shivari, M. Tavallaee, and A. L. Ghorbani, “Toward developing a systematic approach to generate benchmark datasets for intrusion detection,” Comput. Secur., vol. 31, no. 3, pp. 357–373, 2012.

I. Sharafaldin, A. Gharib, A. Lashkari, and A. Ghorbani, “Towards a reliable intrusion detection benchmark dataset,” J. Softw. Networks, pp. 177–200, 2017.

S. Kotsiantis, D. Kanellopoulos, and P. Pintelas, “Handling imbalanced datasets: A review,” GESTS Int. Trans. Comput. Sci. Eng., pp. 1–4, 2006.

B. M. S. Hasan and A. M. Abdulazeez, “A review of principal component analysis algorithm for dimensionality reduction,” J. Soft Comput. Data Min., 2021.

A. Nassif, M. Talib, Q. Nasir, and F. Dakalbab, “Machine learning for anomaly detection: A systematic review,” J. Comput. Intell. Appl., vol. 13, no. 1, pp. 1–25, 2021.

L. Li and G. Lee, DDoS Attack Detection and Wavelets, Springer Science Business Media, 2005.

A. D. Pozzolo, O. Caelen, R. A. Johnson, and G. Bontempi, “Calibrating probability with undersampling for unbalanced classification,” in IEEE Symp. Comput. Intell. Data Mining (CIDM), 2015, pp. 159–166.

B. Zong et al., “Deep autoencoding Gaussian mixture model for unsupervised anomaly detection,” in Int. Conf. Learn. Representations (ICLR), 2018.

G. Pang, C. Shen, L. Cao, and A. Van Den Hengel, “Deep learning for anomaly detection: A review,” ACM Comput. Surv. (CSUR), vol. 54, no. 2, pp. 1–38, 2021.

J. Peterson and M. Kowalski, “Cost-Benefit Analysis of Fraud Detection Systems in Retail Banking,” IEEE Trans. FinTech, vol. 5, no. 2, pp. 112–125, 2023, doi: 10.1109/TFT.2023.10123456.

N. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi, “A deep learning approach to network intrusion detection,” IEEE Trans. Emerg. Top. Comput. Intell., vol. 2, no. 1, pp. 41–50, 2018.

Z. H. Zhou, Ensemble Methods: Foundations and Algorithms, CRC Press, 2012.

F. T. Liu, K. M. Ting, and Z. H. Zhou, “Isolation forest,” in IEEE Int. Conf. Data Mining (ICDM), 2008, pp. 413–422.

M. M. Breunig, H. P. Kriegel, R. T. Ng, and J. Sander, “LOF: Identifying density-based local outliers,” ACM SIGMOD Rec., vol. 29, no. 2, pp. 93–104, 2000.

B. Schölkopf, J. C. Platt, J. Shawe-Taylor, A. J. Smola, and R. C. Williamson, “Estimating the support of a high-dimensional distribution,” Neural Comput., vol. 13, no. 7, pp. 1443–1471, 2001.

L. V. D. Maaten and G. Hinton, “Visualizing data using t-SNE,” J. Mach. Learn. Res., vol. 9, no. Nov, pp. 2579–2605, 2008.

S. Garcia, M. Grill, J. Stiborek, and A. Zunino, “An empirical comparison of botnet detection methods,” Comput. Secur., vol. 45, pp. 100–123, 2014.

R. Sommer and V. Paxson, “Outside the closed world: On using machine learning for network intrusion detection,” in IEEE Symp. Sec. Priv., 2010, pp. 305–316.

M. Rawashdeh, “Attack simulation lab dataset,” Data Repository, 2023.

S. B. Kotsiantis, Feature Selection for Machine Learning Classification Problems: A Recent Overview, Springer Science Business Media, 2011.

J. Tang, S. Alelyani, and H. Liu, “Feature selection for classification: A review,” Int. J. Data Min. Knowl. Discov., vol. 28, pp. 209–238, 2014.

C. Fan, F. Xiao, Y. Zhao, and J. Wang, “Analytical investigation of autoencoder-based methods for unsupervised anomaly detection in building energy data,” Energy Build., vol. 148, pp. 212–224, 2017.

U. Michelucci, “An introduction to autoencoders,” Data Sci. J., vol. 21, no. 1, pp. 1–9, 2022.

Y. Chabchoub, M. U. Togbe, A. Boly, and R. Chiky, “An in-depth study and improvement of isolation forest,” IEEE Access, vol. 10, pp. 34567–34576, 2022.

M. Zhang, B. Xu, and J. Gong, “An anomaly detection model based on one-class SVM to detect network intrusions,” in IEEE Int. Conf. Comput. Sci. Eng. (ICSE), 2015, pp. 415–420.

J. D. P. & Associates, “2023 U.S. Digital Banking Satisfaction Study,” J.D. Power & Associates, 2023.

B. C. on Banking Supervision, “Principles for Operational Resilience in Financial Institutions,” Bank for Int. Settlements, 2022.

Published
2025-06-24
Abstract views: 190 times
Download PDF: 56 times
How to Cite
Makura, S., Dobson, C., & Rananga, S. (2025). Mitigating Online Banking Fraud Using Machine Learning and Anomaly Detection. Journal of Information Systems and Informatics, 7(2), 1153-1183. https://doi.org/10.51519/journalisi.v7i2.1076
Issue
Vol 7 No 2 (2025): June
Section
Articles

Copyright (c) 2025 Journal of Information Systems and Informatics

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

  1. I certify that I have read, understand and agreed to the Journal of Information Systems and Informatics (Journal-ISI) submission guidelines, policies and submission declaration. Submission already using the provided template.
  2. I certify that all authors have approved the publication of this and there is no conflict of interest.
  3. I confirm that the manuscript is the authors' original work and the manuscript has not received prior publication and is not under consideration for publication elsewhere and has not been previously published.
  4. I confirm that all authors listed on the title page have contributed significantly to the work, have read the manuscript, attest to the validity and legitimacy of the data and its interpretation, and agree to its submission.
  5. I confirm that the paper now submitted is not copied or plagiarized version of some other published work.
  6. I declare that I shall not submit the paper for publication in any other Journal or Magazine till the decision is made by journal editors.
  7. If the paper is finally accepted by the journal for publication, I confirm that I will either publish the paper immediately or withdraw it according to withdrawal policies
  8. I Agree that the paper published by this journal, I transfer copyright or assign exclusive rights to the publisher (including commercial rights)