Invention Title:

GATED MULTI-ENCODER MACHINE LEARNING MODEL FOR DISTINGUISHING ATTACKS FROM NORMAL TRANSACTIONS

Publication number:

US20260012466

Publication date:

2026-01-08

Section:

Electricity

Class:

H04L63/1416

Inventors:

Pei Yang 🇺🇸 Austin, TX, United States

Dan Wang 🇺🇸 Cedar Park, TX, United States

Weijia Xu 🇺🇸 San Francisco, CA, United States

Chao Chen 🇺🇸 San Francisco, CA, United States

Zhuoyi Wang 🇺🇸 San Francisco, CA, United States

Stacy Elizabeth Pelanek 🇺🇸 San Francisco, CA, United States

Younes Michael Jabbara 🇺🇸 San Francisco, CA, United States

Assignee:

VISA INTERNATIONAL SERVICE ASSOCIATION 🇺🇸 San Francisco, CA, United States

Applicant:

Visa International Service Association 🇺🇸 San Francisco, CA, United States

Smart overview of the Invention

The patent application discusses a machine learning model designed to differentiate between attack transactions and normal transactions. This model employs an ensemble approach, utilizing multiple generative units trained respectively on normal and attack transaction data. Each unit reconstructs input data to reveal latent patterns specific to its training. The outputs from these units, along with the original transaction data, are fed into a classifier that assigns probability scores to categorize transactions as normal, attack, or uncertain.

Technical Field

This technology pertains to the detection of suspicious activities within computer systems, particularly focusing on distinguishing fraudulent transactions from legitimate ones using gated multi-encoder machine learning models. It is particularly relevant in scenarios where account credentials might be compromised, leading to unauthorized access and fraudulent activities.

Background

Internet-based activities often require users to authenticate through account credentials. If these credentials are compromised, it can lead to fraudulent transactions, causing harm to both users and service providers. Attackers may use techniques like enumeration and account-testing attacks to guess or verify valid credentials. These attacks can result in significant financial and reputational damage, thus necessitating effective detection methods.

Summary of the Innovation

Traditional detection methods rely on predefined rules and patterns, which can be circumvented by attackers changing their tactics. The proposed machine learning model improves upon these methods by using generative units trained on different transaction types to identify patterns in real-time. This model allows for quicker detection of fraudulent activities by classifying transactions based on calculated probability scores, thus preventing attackers from successfully exploiting stolen credentials.

Implementation Details

The machine learning model comprises generative units for normal and attack transactions, a join gate, and a multi-label classifier. The system processes transaction data, generating probability scores for each label—normal, attack, or uncertain. Based on these scores, transactions are classified, aiding in real-time decision-making regarding the continuation or rejection of transactions. The model is trained using both labeled and unlabeled data, updating labels as necessary to improve accuracy over time.