Graph Machine Learning for Security Risk Control: Architecture, Models, and Future Directions

The presentation introduces the use of graph machine learning in security risk control, outlining four main parts: background introduction, architecture overview, security risk graph model, and future outlook.

Background Introduction describes four typical fraud scenarios—anti‑money‑laundering, gambling, marketing cheating, and black‑merchant closed‑loop transactions—highlighting their distinct fund‑flow patterns in transaction graphs.

Architecture Overview explains the need to aggregate k‑hop subgraph node/edge features and capture topological structures, emphasizing the importance of directionality and temporal information in dynamic heterogeneous graphs.

Security Risk Graph Model details the construction of a directed dynamic heterogeneous graph, the selection of HGT as a baseline model, and the enhancement of HGT with edge direction as a separate modality (DADEdge) to better handle asymmetric dynamic graphs.

The DDGCL model is introduced to improve robustness and generalization by integrating contrastive learning and self‑supervised objectives, addressing challenges such as limited labels and dynamic graph evolution.

Experimental results on public datasets (MOOC, Reddit, Wikipedia) show that HGT+DADEdge improves AUC and recall metrics, while DDGCL further boosts performance and robustness over time, achieving notable gains in fraud and anti‑money‑laundering coverage.

Future Outlook outlines three research directions: (1) deeper learning of fund‑flow topology using MaskGAE and AdaPath, (2) enhancing graph model robustness through subgraph denoising, pre‑computation, adversarial defense, and DRO, and (3) further exploration of graph structures.

The Q&A section addresses practical details such as incorporating edge features, the prevalence of GNNs in real‑time risk engines, handling temporal information on edges (e.g., TGAT time encoding), and scalability of large‑scale graph inference.