Assessing adversarial attacks in real-world fraud detection

In the digital economy, the growing demand for data sharing and trading makes data a critical asset. To facilitate data acquisition between data owners and data buyers, tools such as data markets have emerged. Such modern data ecosystems typically comprise several interconnected components, often based on machine learning. Unfortunately, as practice has shown, such components are vulnerable to adversarial attacks. Lacking proper security assessment measures is a severe limitation for the success of data markets. In this paper, we delve into the challenges posed by adversarial attacks using credit card fraud detection as an example use case. We show that popular techniques such as penetration testing through existing adversarial attacks is not a viable approach, and corroborate our analysis by showing how a naive random sample attack outperforms all tested methods when considering the specifics of the fraud detection problem. Motivated by this result, we propose alternative assessment approaches and discuss promising research directions for increasing our understanding of models' robustness.