What applications are recommended for SQL Server auditing and, more specifically, fraud investigations?
I need a tool that allows an end user to correlate data values to find fraud patterns. This tool must allow tuning as needed to reduce false positives.
It's also important that it be fairly intuitive. Ideally, once in place it would allow an end user unfamiliar with SQL to interface with it directly and customize using a GUI interface.
Suggestions?
Data-mining is used by law enforcement and credit card companies to stop criminals. There are patterns in large data sets that can reveal a greater motive. The more data the law enforcement has, the better they can track down the criminal(s).
You want to gather as much data as you can about a crime that may happen. This means you want to run a Network Intrusion Detection System (NIDS) on the Database's network. Snort is a very good NIDS and its free and open source. You wan to provide as much evidence of a crime to law enforcement and the FBI will LOVE your snort logs. I say when because its only a matter of time.
It varies from simple business rules - user of type X aren't allowed to change discounts, no more than N uses of a coupon.
Through to some very clever Bayesian inference engine stuff that finds customer X's surname is the arabic translation of Mr Y's name who signed for him as a mortgage guarantee and they claim different home addresses but in the same zip code. This stuff gets very '6figure' pricey