Security - Fraud Detection Using Machine Learning

Security

When you build systems on AWS infrastructure, security responsibilities are shared between you and AWS. This shared model can reduce your operational burden as AWS operates, manages, and controls the components from the host operating system and virtualization layer down to the physical security of the facilities in which the services operate. For more information about security on AWS, visit the AWS Security Center.

Amazon API Gateway

Amazon API Gateway requires that you authenticate every request you send by signing the request. In the included generate_endpoint_traffic.py file, you can find an example of how to sign requests.

To determine the model(s) used to craft the response, the API invocation can include the query string: ?model= .

The valid values are anomaly_detector and fraud_classifier. The response will only include the prediction from the Random Cut Forest algorithm when you specify ?model=anomaly_detector or the XGBoost algorithm when you specify ?model=fraud_classifier. If the query string is not provided, the response will include the predictions of both models.

Amazon Kinesis Data Firehose

By default, the solution’s Amazon Kinesis Data Firehose delivery stream is not encrypted because its destination bucket is encrypted. If you customize the solution to use your own dataset, we recommend encrypting the delivery stream using server-side encryption. For more information, see Using Server-Side Encryption with Amazon Kinesis Data Firehose in the Amazon Kinesis Data Firehose Developer Guide.