Proactive Internal Fraud Detection Strategies Utilizing UX Data Based on Multiple Sensors

Shigeaki Tanimoto; Yuta Takagi; Takashi Hatashima; Atsushi Kanai

doi:10.52731/ijskm.v9.i1.929

Shigeaki Tanimoto Japan International University
Yuta Takagi Chiba Institute of Technology
Takashi Hatashima NTT Social Informatics Laboratories
Atsushi Kanai Hosei University

DOI: https://doi.org/10.52731/ijskm.v9.i1.929

Keywords: Internal fraud detection, Sensor, User experience, Fraud pentagon theory

Abstract

The COVID-19 pandemic forced companies to change how they work, promoting a work style unbound by time or location, such as teleworking. While convenient, this remote approach has been linked to increased internal fraud risks due to alienation, perceived unfairness, and reduced compliance awareness. In 2023, Japan's Information-technology Promotion Agency (IPA) ranked "information leaks due to internal misconduct" as the fourth most critical information security threat. Internal fraud is categorized into carelessness/negligence (60%) and intentional misconduct (40%), with the latter costing 1.34 times more to address, leading to significant financial losses. This paper explores user experience (UX) environments utilizing sensors to collect non-cyber information, such as facial expressions, to counter intentional fraud. A theoretical analysis indicates that combining two sensor types—environmental and biometric—offers the most cost-effective solution, significantly improving fraud detection rates. While adding more sensor types enhances accuracy, cost-effectiveness declines beyond three types. Additionally, the detection of rationalization remains consistently low, highlighting the need for complementary methods like text and speech analysis or long-term behavioral monitoring. These findings underscore the effectiveness of UX-based non-cyber information and its potential as an innovative approach to mitigating intentional internal fraud.

Author Biography

Shigeaki Tanimoto, Japan International University

Professor Faculty of Social Systems Science

References

Ministry of Internal Affairs and Communications, Information and Communications White Paper, 2021 Edition, (in Japanese), https://onl.sc/p6rAUnF

IPA, Top 10 Information Security Threats, 2023, (In Japanese), https://onl.sc/9H12WSd

IPA, Guidelines for Preventing Insider Fraud in Organizations, (in Japanese), https://www.ipa.go.jp/files/000097099.pdf

IPA, Report on the Actual State of Information Security Incidents Caused by Insider Fraud, (in Japanese)，https://www.ipa.go.jp/files/000051135.pdf

Ponemon Institute, Cost of Insider Threats: Global Report, 2022, (in Japanese), https://onl.sc/ckixdKW

T. Sekiguchi et al., Risk Assessment of Secure UX Environments Contributing to Error Prevention, Spring Research Presentation of the Society of Project Manage-ment, pp.467-474, 2023, (in Japanese)

Cabinet Office, Third Survey on Changes in Awareness and Behavior under the Impact of COVID-19, (in Japanese), htps://www5.cao.go.jp/keizai2/wellbeing/covid/pdf/result3_covid.pdf,

IPA, Report on the Actual State of Internal Fraud Prevention Systems in Companies, (in Japanese), https://www.ipa.go.jp/security/reports/economics/ts-kanri/20230406.html

Cressey, D. R. (1953) Other people’s money: A study in the social psychology of embesslement, NY: The Free Press.

H. Kitano, A Study on the Prevention of Insider Fraud in Japanese Management, (in Japanese), http://lab.iisec.ac.jp/degrees/d/theses/iisec_d29_thesis.pdf

A. P. Singh, et al., A systematic literature review on insider threats, Cornell Uni-versity arXiv, Cryptography and Security, 2022, DOI: https://doi.org/10.48550/arXiv.2212.05347

D. Maimon, et al., Insider Threat Detection: A Solution in Search of a Problem, 2020 International Conference on Cyber Security and Protection of Digital Services, 2020, DOI: https://doi.org/10.1109/CyberSecurity49315.2020.9138862

N. Mehrnezhad, et al., A Multi-Tiered Framework for Insider Threat Prevention, Electronics 2021, 10(9), 1005, DOI: https://doi.org/10.3390/electronics10091005, 2021

J. R. C. Nurse, et al., Understanding Insider Threat: A Framework for Character-ising and Identifying Insider Threats in Organisations, 2014 IEEE Security and Privacy Workshops , 2014, DOI: https://doi.org/10.1109/SPW.2014.38

S. Shima, et al., Analysis and Consideration of Work Environments for Incident Prevention Countermeasure Related to Insider Threat, DICOMO2013, pp.1217-1222, (Japanese Edition), 2013

K. Niihara, A study on incentives to a leakage of information asset caused by malicious insider, Meiji University Ph.D. Thesis 2017, (Japanese Edition), 2018, https://meiji.repo.nii.ac.jp/record/14807/files/niihara_2018_suri.pdf

M. Graham, et al., Developing Visualisations to Enhance an Insider Threat Product: A Case Study, Cornell University arXiv, Human-Computer Interaction, 2021, DOI: https://doi.org/10.48550/arXiv.2109.08445

S. Bertrand, et al., Unsupervised User-Based Insider Threat Detection Using Bayesian Gaussian Mixture Models, Cornell University arXiv, Cryptography and Security, 2022, DOI: https://doi.org/10.48550/arXiv.2211.14437

V. Roto, et al.， USER EXPERIENCE WHITE PAPER，2011, https://experienceresearchsociety.org/wp-content/uploads/2023/01/UX-WhitePaper.pdf

Japan Science and Technology Agency (JST), Sensor Fusion Platform Technology Enabling Acquisition and Integrated Processing of Diverse Data, Science and Technology Future Strategy Workshop Report, 2019, (in Japanese), https://www.jst.go.jp/crds/pdf/2019/WR/CRDS-FY2019-WR-09.pdf

Ministry of Health, Labour and Welfare, Office Sanitation Standards Regulation, (in Japanese), https://www.mhlw.go.jp/web/t_doc?dataId=74089000&dataType=0&pageNo=1

Zhong, C. B., Bohns, V. K., & Gino, F. (2010). Good lamps are the best police: Darkness increases dishonesty and self-interested behavior. Psychological Science, 21(3), 311-314