Collusion is difficult to detect because each participant can appear legitimate in isolation. This chapter develops network-aware approaches for identifying coordinated exploitation between buyers and sellers, including repeated pairings, shared devices and addresses, synchronized timing, and circular transaction flows. It shows how linkage features and graph-based signals reveal structure that single-event scoring misses, and how ring expansion turns one suspicious node into a broader investigative target. The chapter emphasizes resilience: time-aware features, cross-surface evidence, and controls that reduce attacker returns even when perfect attribution is unavailable. Operationally, it connects collusion modeling to enforcement, where the unit of action is often the network-disabling rings, limiting subsidy vectors, and protecting reputation signals-rather than isolated accounts. We also cover how to validate collusion hypotheses with time-respecting evidence, and how to design deterrence so attackers face diminishing returns across accounts and surfaces. Finally, the chapter explains why collusion detection must be measured at the network level, using ring disruption and loss reduction as KPIs. By targeting coordinated behavior at its structural roots, collusion models safeguard incentive programs, review and ranking integrity, and payment risk outcomes, while reducing recurring losses driven by organized adversaries.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Buyer–Seller Collusion Models

  • Simon Liu

摘要

Collusion is difficult to detect because each participant can appear legitimate in isolation. This chapter develops network-aware approaches for identifying coordinated exploitation between buyers and sellers, including repeated pairings, shared devices and addresses, synchronized timing, and circular transaction flows. It shows how linkage features and graph-based signals reveal structure that single-event scoring misses, and how ring expansion turns one suspicious node into a broader investigative target. The chapter emphasizes resilience: time-aware features, cross-surface evidence, and controls that reduce attacker returns even when perfect attribution is unavailable. Operationally, it connects collusion modeling to enforcement, where the unit of action is often the network-disabling rings, limiting subsidy vectors, and protecting reputation signals-rather than isolated accounts. We also cover how to validate collusion hypotheses with time-respecting evidence, and how to design deterrence so attackers face diminishing returns across accounts and surfaces. Finally, the chapter explains why collusion detection must be measured at the network level, using ring disruption and loss reduction as KPIs. By targeting coordinated behavior at its structural roots, collusion models safeguard incentive programs, review and ranking integrity, and payment risk outcomes, while reducing recurring losses driven by organized adversaries.