SMURF: Privacy-Preserving Multi-Party Graph Mining for AML

Bachelor Thesis (2026)
Author(s)

D. Gnanadhandayuthapani (TU Delft - Electrical Engineering, Mathematics and Computer Science)

Contributor(s)

Z. Erkin – Mentor (TU Delft - Electrical Engineering, Mathematics and Computer Science)

N.M. Gürel – Graduation committee member (TU Delft - Electrical Engineering, Mathematics and Computer Science)

Faculty
Electrical Engineering, Mathematics and Computer Science
More Info
expand_more
Publication Year
2026
Language
English
Graduation Date
23-06-2026
Awarding Institution
Delft University of Technology
Project
CSE3000 Research Project
Programme
Computer Science and Engineering
Faculty
Electrical Engineering, Mathematics and Computer Science
Downloads counter
9
Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Abstract

Money launderers frequently obscure illicit funds by routing transactions across multiple financial institutions, creating complex “scatter-gather” (smurfing) patterns. Although these structural patterns are detectable within a centralised transaction graph, privacy regulations like GDPR prevent banks from directly merging their data. Existing privacy-preserving graph frameworks are limited to pairwise protocols that fail to capture laundering chains involving three or more institutions. To address this, we present SMURF (Scatter-gather Mining Using Randomised Functions), a privacy-preserving framework with a five-phase protocol enabling banks to jointly detect cross-institutional scatter-gather patterns without exposing raw account data. By combining Oblivious Pseudorandom Functions (OPRFs) and Homomorphic Encryption (HE), SMURF allows banks to locally extract transaction pairs, generate anonymous identifiers, and securely aggregate counts via a Central Coordinator entirely in the encrypted domain before collaboratively decrypting final totals to flag suspicious accounts. Empirical evaluations on the synthetic AMLWorld small (HI) dataset with approx. 5 million transactions and 369 scatter-gather accounts show that our system achieves an F1-score of 82.44% in less than 20 minutes when executed on a 64 core AMD EPYC processor.

Files

Research_paper.pdf
(pdf | 0.765 Mb)
License info not available