Deep Learning for Cyber Risk Management in Financial Services: A Case Study of Data Breach Prediction
DOI:
https://doi.org/10.63282/3050-922X.IJERET-V1I2P105Keywords:
Cyber Risk Management, Data Breach, Deep Learning, Financial Services, LSTM, CNN, Threat Intelligence, Information Security, Risk AssessmentAbstract
Amidst a rapidly growing and highly computerized environment, the financial services sector remains one of the most vulnerable to cyber threats and data breaches that have high operational and image risk implications. This paper aims to examine how deep learning can be used to identify factors that can be used in predicting data breaches, especially within the financial sector. With data from past security breaches and their metadata, the suggested deep learning model shall use LSTM and CNN networks in a multidimensional data set containing IT infrastructure data and records of user behaviour and threat intelligence feeds from third parties. We then determine the current cyber risk environment and explain why conventional risk management approaches are insufficient. We also explain how we managed the data and feature collection, derived the features from raw data, designed the architectures of the models, and evaluated the results. The performance of the proposed hybrid deep learning model has been tested on a benchmark dataset Contemplating real-world cyber incidents and compared to the results of classic machine learning methods like the Random Forests and Support Vector Machines (SVMs) where we have the numbers of 12% average of F1-score. This research is valuable because it proposes a model for measuring future cyber threats for SOC in the financial industry. Therefore, a proactive, artificial intelligence cybersecurity solution can have a prospective impact in lessening the blur incidence rate and enhancing compliance with the legislation
References
[1] Ross, R. S. (2018). Risk management framework for information systems and organizations: A system life cycle approach for security and privacy.
[2] Sommer, R., & Paxson, V. (2010, May). Outside the closed world: On using machine learning for network intrusion detection. In 2010 IEEE symposium on security and privacy (pp. 305-316). IEEE.
[3] Buczak, A. L., & Guven, E. (2015). A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Communications surveys & tutorials, 18(2), 1153-1176.
[4] Anderson, R., & Moore, T. (2006). The economics of information security. science, 314(5799), 610-613.
[5] Bouyon, S., & Krause, S. (2018). Cybersecurity in Finance: Getting the policy mix right. Rowman & Littlefield.
[6] Khraisat, A., Gondal, I., Vamplew, P., & Kamruzzaman, J. (2019). Survey of intrusion detection systems: techniques, datasets, and challenges. Cybersecurity, 2(1), 1-22.
[7] Sangkatsanee, P., Wattanapongsakorn, N., & Charnsripinyo, C. (2011). Practical real-time intrusion detection using machine learning approaches. Computer Communications, 34(18), 2227-2235.
[8] Zhang, J., & Zulkernine, M. (2006, June). Anomaly-based network intrusion detection with unsupervised outlier detection. In 2006 IEEE International Conference on Communications (Vol. 5, pp. 2388-2393). IEEE.
[9] Kim, G., Lee, S., & Kim, S. (2014). A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Systems with Applications, 41(4), 1690-1700.
[10] Roy, S., Ellis, C., Shiva, S., Dasgupta, D., Shandilya, V., & Wu, Q. (2010, January). A survey of game theory as applied to network security. In 2010 43rd Hawaii International Conference on System Sciences (pp. 1-10). IEEE.
[11] Yin, C., Zhu, Y., Fei, J., & He, X. (2017). A deep learning approach for intrusion detection using recurrent neural networks. Ieee Access, 5, 21954-21961.
[12] Saxe, J., & Berlin, K. (2015, October). Deep neural network-based malware detection using two-dimensional binary program features. In 2015, the 10th International Conference on Malicious and Unwanted Software (MALWARE) (pp. 11-20). IEEE.
[13] De Gusmão, A. P. H., Silva, M. M., Poleto, T., e Silva, L. C., & Costa, A. P. C. S. (2018). Cybersecurity risk analysis model using fault tree analysis and fuzzy decision theory. International Journal of Information Management, 43, 248-260.
[14] Subroto, A., & Apriyana, A. (2019). Cyber risk prediction through social media big data analytics and statistical machine learning. Journal of Big Data, 6(1), 50.
[15] Mashrur, A., Luo, W., Zaidi, N. A., & Robles-Kelly, A. (2020). Machine learning for financial risk management: a survey. Ieee Access, 8, 203203-203223.
[16] Leo, M., Sharma, S., & Maddulety, K. (2019). Machine learning in banking risk management: A literature review. Risks, 7(1), 29.
[17] Ma, X., & Lv, S. (2019). Financial credit risk prediction in internet finance driven by machine learning. Neural Computing and Applications, 31(12), 8359-8367.
[18] Taplin, R. (Ed.). (2016). Managing Cyber Risk in the Financial Sector. Routledge, Taylor & Francis Group.
[19] Handa, A., Sharma, A., & Shukla, S. K. (2019). Machine learning in cybersecurity: A review. Wiley Interdisciplinary Reviews: Data Mining and Knowledge Discovery, 9(4), e1306.
