City Research Online - Open Banking API Security: Anomalous Access Behaviour

Open Banking API Security: Anomalous Access Behaviour

Behbehani, D., Komninos, N. ORCID: 0000-0003-2776-1283, Al-Begain, K. & Rajarajan, M. ORCID: 0000-0001-5814-9922 (2023). Open Banking API Security: Anomalous Access Behaviour. In: 2023 International Conference on Innovations in Intelligent Systems and Applications (INISTA). 2023 International Conference on Innovations in Intelligent Systems and Applications (INISTA), 20-23 Sep 2023, Hammamet, Tunisia. doi: 10.1109/inista59065.2023.10310517

Abstract

Third-party providers pose a significant risk for financial institutions owing to the manner in which banks expose their API to the public. Such threats include inadequate authentication, malicious injections, unsecure key handling. Therefore, financial institutions must adopt a series of countermeasures to mitigate threats exposed by third-party providers, and anomaly detection is considered one such method. In this paper, we develop random forests and a linear kernel SVM to compare the accuracy of our models in predicting anomalous user access behaviour. A dataset that presents users' access behaviour as a numerical feature, including raw API call graphs, is utilised as a case study in this paper. Our novel approach of identifying a risk score and predicting it with a deep neural network showed a high degree of accuracy when the risk scores were developed as a multi-class classification problem

Publication Type:	Conference or Workshop Item (Paper)
Publisher Keywords:	Open banking API security, Open Banking API Anomaly, Open banking API risks
Subjects:	H Social Sciences > HF Commerce Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Departments:	School of Science & Technology School of Science & Technology > Computer Science School of Science & Technology > Engineering
SWORD Depositor:	Symplectic Administrator

[thumbnail of Open_Banking_API_Security__Anomalous_Access_Behaviour___IEEE_Conference___Short (11).pdf]

Preview

Text - Accepted Version
Available under License Creative Commons: Attribution International Public License 4.0.
Download (426kB) | Preview

Official URL: https://doi.org/10.1109/inista59065.2023.10310517

Export

Downloads

Downloads per month over past year

View more statistics

Metadata

Altmetric

CORE (COnnecting REpositories)

Actions (login required)

Admin Login

Creators:	Behbehani, D. Komninos, N. ORCID: 0000-0003-2776-1283 Al-Begain, K. Rajarajan, M. ORCID: 0000-0001-5814-9922
Event Title:	2023 International Conference on Innovations in Intelligent Systems and Applications (INISTA)
Event Type:	Conference
Event Location:	Hammamet, Tunisia
Event Dates:	20-23 Sep 2023
Status:	Published
Refereed:	Yes
Journal or Publication Title:	2023 International Conference on Innovations in Intelligent Systems and Applications (INISTA)
Publisher:	IEEE
ISSN:	2380-9337
e-ISSN:	2768-7295
URI:	https://openaccess.city.ac.uk/id/eprint/35201
Date available in CRO:	19 May 2025 09:54
Date deposited:	16 May 2025
Dates:	Date Event 22 November 2023 Published 22 November 2023 Published Online