Engels, Heinrich-Alexander (2012)
Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques.
Technische Universität Darmstadt
Masterarbeit, Bibliographie
Kurzbeschreibung (Abstract)
E-mail driven communication opens up new opportunities for social engineering attacks like the ‘doppelganger mail attack’. Our goal is to lessen the impact of such attacks by employing machine learning techniques. In order to do so we determine if incoming mail by unknown addresses can be matched to other known contacts and thereby verify if an impersonation attack is being carried out. At the same time doppelganger mail will not work on our setup, since they will be regarded as unknown e-mails. For that purpose, we develop an extension for the e-mail client Thunderbird and test several scenarios, showing that our approach can successfully counter most doppelganger mail based social engineering attacks. Although our approach is successful, there are still some attacks which cannot be detected. We highlight these attacks in our work and propose ways of detecting them in future implementations.
| Typ des Eintrags: | Masterarbeit |
|---|---|
| Erschienen: | 2012 |
| Autor(en): | Engels, Heinrich-Alexander |
| Art des Eintrags: | Bibliographie |
| Titel: | Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques |
| Sprache: | Deutsch |
| Referenten: | Ghiglieri, Marco |
| Publikationsjahr: | Juli 2012 |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | E-mail driven communication opens up new opportunities for social engineering attacks like the ‘doppelganger mail attack’. Our goal is to lessen the impact of such attacks by employing machine learning techniques. In order to do so we determine if incoming mail by unknown addresses can be matched to other known contacts and thereby verify if an impersonation attack is being carried out. At the same time doppelganger mail will not work on our setup, since they will be regarded as unknown e-mails. For that purpose, we develop an extension for the e-mail client Thunderbird and test several scenarios, showing that our approach can successfully counter most doppelganger mail based social engineering attacks. Although our approach is successful, there are still some attacks which cannot be detected. We highlight these attacks in our work and propose ways of detecting them in future implementations. |
| ID-Nummer: | TUD-CS-2012-0245 |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik > Sicherheit in der Informationstechnik LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt Profilbereiche > Cybersicherheit (CYSEC) LOEWE > LOEWE-Zentren 20 Fachbereich Informatik Profilbereiche LOEWE |
| Hinterlegungsdatum: | 31 Dez 2016 11:42 |
| Letzte Änderung: | 30 Mai 2018 12:53 |
| PPN: | |
| Referenten: | Ghiglieri, Marco |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum