• Save
Detecting Opportunities and Threats with Complex Event Processing: Case Studies in Predictive Customer Interaction Management and Fraud Detection
Upcoming SlideShare
Loading in...5
×

Like this? Share it with your network

Share

Detecting Opportunities and Threats with Complex Event Processing: Case Studies in Predictive Customer Interaction Management and Fraud Detection

  • 8,853 views
Uploaded on

Detecting Opportunities and Threats with Complex Event Processing: Case Studies in Predictive Customer Interaction Management and Fraud Detection, February 27, 2007 FINAL DRAFT 2, 8th Annual......

Detecting Opportunities and Threats with Complex Event Processing: Case Studies in Predictive Customer Interaction Management and Fraud Detection, February 27, 2007 FINAL DRAFT 2, 8th Annual Japan\'s International Banking & Securities System Forum, Tim Bass, CISSP, Principal Global Architect, Director

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
No Downloads

Views

Total Views
8,853
On Slideshare
8,815
From Embeds
38
Number of Embeds
2

Actions

Shares
Downloads
0
Comments
0
Likes
12

Embeds 38

http://www.slideshare.net 34
http://www.slideee.com 4

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Detecting Opportunities and Threats with Complex Event Processing: Case Studies in Predictive Customer Interaction Management and Fraud Detection February 27, 2007 FINAL DRAFT 2 8th Annual Japan's International Banking & Securities System Forum Tim Bass, CISSP Principal Global Architect, Director
  • 2.  
  • 3. Our Agenda
    • Introduction to Complex Event Processing & BusinessEvents™
    • TIBCO Case Study in Fraud Detection
    • TIBCO Case Study in Predictive Customer Interaction Management (PCIM)
  • 4. What is Complex Event Processing?
    • "Complex event processing is a new technology for extracting information from message-based systems."
    • - Dr. David Luckham, Brian Frasca
    Complex Event Processing in Distributed Systems, Stanford University, 1998
  • 5. When Do You Need to Think About CEP?
    • “ CEP applies to a very broad spectrum of challenges in information systems. A short list includes:”
      • Business process automation
      • Computer systems to automate scheduling and control network-based processes and processing
      • Network monitoring and performance prediction
      • Detection intrusion, fraud and other network attacks .
    The Power of Events , Addison Wesley, ISBN: 0-201-72789-7, 2002
  • 6. CEP Brings Two Kinds Of Business Benefits Ref: Roy Schulte, Gartner, First Event Processing Symposium, 2006 2. Complex-Event Processing (CEP) for Earlier and Better Insight Order Entry Manufacturing Shipping 1. Event-Driven Architecture (EDA) for Flexibility and Maintainability
  • 7. Detecting Opportunities and Threats with Complex Event Processing (CEP)
  • 8. TIBCO BusinessEvents™ Overview BusinessEvents™ Solutions Space Data: Events & Databases -Real-Time & Historical Data Models: Statistical Financial Optimization Comms: Pub/Sub Messaging Queues Topics UIs Knowledge: Facts & Rules
  • 9. Reference Architecture An Enterprise View of Complex Event Processing 24 EVENT PRE-PROCESSING EVENT SOURCES EXTERNAL . . . LEVEL ONE EVENT TRACKING Visualization, BAM, User Interaction CEP Reference Architecture DB MANAGEMENT Historical Data Profiles & Patterns DISTRIBUTED LOCAL EVENT SERVICES . . EVENT PROFILES . . DATA BASES . . OTHER DATA LEVEL TWO SITUATION DETECTION LEVEL THREE PREDICTIVE ANALYSIS LEVEL FOUR ADAPTIVE BPM
  • 10. Summary of Complex Event Processing Flexible SOA and Event-Driven Architecture
  • 11. Bloor Report on Event Processing Event Processing and Decision Making Automated Operational Decisions Automated Predictive Decisions Human Predictive Decisions Human Operational Decisions Decision Latency Event Complexity Process Complexity Pattern Matching and Inferencing Anti-Money Laundering Credit-Card Fraud Exchange Compliance Database Monitoring Algorithmic Trading Trade Desk Monitoring Customer Interaction Order Routing RFID Tariff Look-Up Rail Networks Search & Rescue Baggage Handling Liquidity Management
  • 12. Our Agenda
    • Introduction to Complex Event Processing & BusinessEvents™
    • TIBCO Case Study in Fraud Detection
    • TIBCO Case Study in Predictive Customer Interaction Management (PCIM)
  • 13. Use Case: Real-Time Fraud Detection
    • Customer Profile:
      • Major US brokerage
      • Large Portfolio of financial products and services:
        • Mutual funds
        • Retail brokerage
        • Institutional products and services
        • Retirement products and services
        • Employer products and services
        • Advisory services
      • Business model dependent on Internet commerce
  • 14.
    • Firewalls, Stand-Alone or Purpose-Built Fraud and Intrusion Detection Systems, Cryptography, Access Control, are Simply Not Sufficient.
    • Malicious Users are Using Legitimate Internet Application Protocols, such as HTTP, HTTPS and SOAP to Defraud Businesses.
    • A 2006 CyberSource reports that $2,800,000.000 (2.8B USD) was lost to on-line fraud in the US and Canada in 2005.
    • eCommerce online fraud continues to grow (US and Canada) at a 20% annual rate.
    • Risk for international transactions is 3 times the average risk.
    Industry and Business Drivers A Sample of the Problems with Network Security and Fraud Detection
  • 15. Real-Time On-Line Fraud Detection Requirements
    • Identify characteristics of fraud, such as continuous behavior changes, and identify new patterns of fraud
    • Stop new account setups from fraudulent IP addresses
    • Stop online registrations from fraudulent IP addresses
    • Verify user identity in every transaction based on click-behavior
    • Identify multiple users trying to login from same IP address
    • Identify single user logins from multiple IP addresses within a time span
    • Prevent phishing by tracking IP addresses that mass download institutional web pages
    • Prevent phishing, pharming and man-in-the-middle attacks by checking against a list for fraudulent IP’s in real-time
  • 16. On-Line Fraud Detection Use Case Architecture and Capacity Planning Approx. 12,000 Hits Per Second During Peak Period Across the Three Sites – One Instance Of TIBCO BusinessEvents™ Capable of Handling Maximum Hits Overall 100 Million Hits Handled Between 3PM – 4 PM Peak Approx. 250 Million Hits Per Day Across the Three Sites Session Info Three Server Farms ~600-700 Application Servers
  • 17. “ No Code” Custom User Interface Studio TIBCO’s Enterprise RTView™ or General Interface™
  • 18. Fraud Detection Use Case Summary Overview of Fraud Detection Solutions Architecture
    • Fusion of Fraud information across Customer’s Enterprise, including:
      • Log files
      • Existing Customer’s FDS (host and network based) devices
      • Network traffic monitors and IDS systems (as required)
      • Host statistics (as required)
    • Secure, standards-based JAVA Messaging Service (JMS) for messaging:
      • Events parsed into JMS Application Properties
      • SSL transport for JMS messages
    • TIBCO technology for next-generation detection, prediction, rule-based intrusion response, and adaptive control
      • TIBCO Business Works™ as required, to transform, map or cleanse data
      • TIBCO BusinessEvents™ for rule-based analytics
      • TIBCO iProcess™ for fraud management, compliance work flow and reporting
      • Solace Systems for ASIC-based, high speed application layer routing
  • 19. Our Agenda
    • Introduction to Complex Event Processing & BusinessEvents™
    • TIBCO Case Study in Fraud Detection
    • TIBCO Case Study in Predictive Customer Interaction Management (PCIM)
  • 20. Use Case: Predictive Customer Interaction Management PCIM
    • Customer Profile:
      • Global financial services company, hundreds of millions of customers
      • Large portfolio of financial products and services:
        • Retail banking
        • Wholesale banking
        • Private banking
        • Credit cards
        • Insurance
      • Business model dependent on Internet commerce
  • 21. Case Study: Value Proposition
    • TIBCO customer needed more cross-sell opportunities and greater promotion sales results for increased profits
    • TIBCO provided software that opportunistically identifies cross-sell situations and provides real-time recommendations to the pertinent bank employees based on real time customer interactions and events
    • TIBCO’s solution was more scalable, more flexible and works well with existing banking systems, products or services.
  • 22. Customer Requirements
    • Intelligent Customer Dialog
    • Dynamic Offer Management
    • Conversion Tracking and Analysis
    • Dynamic Channel Synchronization
    • Dynamic Channel Management
    • Sales Process Tracking
  • 23. Solution Overview Customer Interact Solutions with TIBCO BusinessEvents ™
    • Retail Banking Predictive Offer Management and Recommendation Engine
    • Finance and Insurance Real Time Marketing & Customer Dialogue with Servicing/Personalization
    • Transportation Affinity Program, Rewards, Servicing and Real Time Dialogue Management
    • Gaming, Hospitality and Entertainment Customer Interaction Management
    • Cross Line of Business (LOB) Customer View Integration for Finance, Retail, Insurance, Transportation, Hospitality – “Customer 360”
    • Cross LOB Operational (Customer) Risk Management
    • Common Customer Process Performance Measurement and Management (e.g. multi-LOB account processing visibility)
    • Predictive Customer Service & SLA Management
    • Cross Industry Real Time Affinity, Location, Scenario-Matched Marketing
  • 24. Case Study: Bank Employee Interface TIBCO’s General Interface™ (AJAX Web Development)
  • 25. PCIM High Level Conceptual Architecture
  • 26. Case Study: Real-Time Recommendation Engine
    • Back-office systems talk to the front-office systems.
    • The front-offices systems talk to each other in real-time.
    • Customer Interaction (CI) engine links all systems for a common delivery/dialogue infrastructure.
    • CI engine provides the customer session intelligence.
    • CI engine also provides the mechanics (and tools) to manage metrics visibility and intelligently.
  • 27. Where TIBCO BusinessEvents™ Helped. Collection, Normalization Metric of Managed Objects, Normalized Non-Contextual Events Metadata Repository Event Management, Correlation, Aggregation, Inference and Analysis Correlated, Analyzed, Contextual Dialogue Events Rules, Knowledge, Patterns, Models Visualization, Reporting, Alert Management Application Interface Feeds Visualization: Dialogue Metrics Agents Synthetic Warehouse Visualization: Sales Process View vCI Dialogue Manager Inference Engine DWH Product Marketing Semantic Model Events Rules Design Environment State Model Middleware
  • 28. TIBCO BusinessEvents™
    • High performance, low latency business rules engine.
    • Top down business process modeling.
    • Real-time event processing.
    • Cross-application and cross-process integratioin.
    • Analytical and predictive models.
    Modeling Tools, Statefulness, Business Rules and Process Integration UML Conceptual UML State Business Rules Business Users Event Analyzer
  • 29. TIBCO BusinessEvents™ Awards 2006 Best Complex Event Processing Software Winner: TIBCO 2006 Event Processing General Purpose Gold Award Winner
  • 30. Additional Reading
  • 31. Visit TIBCO Demo Booth
    • Predictive Customer Interaction Management Demo Available!
    • Press Release available for the relationship between TIBCO and Solace Systems
  • 32. Thank You! Tim Bass, CISSP Principal Global Architect, Director Emerging Technologies Group [email_address] Event Processing at TIBCO