TU Darmstadt / ULB / TUbiblio

Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques

Engels, Heinrich-Alexander (2012)
Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques.
Technische Universität Darmstadt
Masterarbeit, Bibliographie

Kurzbeschreibung (Abstract)

E-mail driven communication opens up new opportunities for social engineering attacks like the ‘doppelganger mail attack’. Our goal is to lessen the impact of such attacks by employing machine learning techniques. In order to do so we determine if incoming mail by unknown addresses can be matched to other known contacts and thereby verify if an impersonation attack is being carried out. At the same time doppelganger mail will not work on our setup, since they will be regarded as unknown e-mails. For that purpose, we develop an extension for the e-mail client Thunderbird and test several scenarios, showing that our approach can successfully counter most doppelganger mail based social engineering attacks. Although our approach is successful, there are still some attacks which cannot be detected. We highlight these attacks in our work and propose ways of detecting them in future implementations.

Typ des Eintrags: Masterarbeit
Erschienen: 2012
Autor(en): Engels, Heinrich-Alexander
Art des Eintrags: Bibliographie
Titel: Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques
Sprache: Deutsch
Referenten: Ghiglieri, Marco
Publikationsjahr: Juli 2012
Zugehörige Links:
Kurzbeschreibung (Abstract):

E-mail driven communication opens up new opportunities for social engineering attacks like the ‘doppelganger mail attack’. Our goal is to lessen the impact of such attacks by employing machine learning techniques. In order to do so we determine if incoming mail by unknown addresses can be matched to other known contacts and thereby verify if an impersonation attack is being carried out. At the same time doppelganger mail will not work on our setup, since they will be regarded as unknown e-mails. For that purpose, we develop an extension for the e-mail client Thunderbird and test several scenarios, showing that our approach can successfully counter most doppelganger mail based social engineering attacks. Although our approach is successful, there are still some attacks which cannot be detected. We highlight these attacks in our work and propose ways of detecting them in future implementations.

ID-Nummer: TUD-CS-2012-0245
Fachbereich(e)/-gebiet(e): 20 Fachbereich Informatik > Sicherheit in der Informationstechnik
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Profilbereiche > Cybersicherheit (CYSEC)
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
Profilbereiche
LOEWE
Hinterlegungsdatum: 31 Dez 2016 11:42
Letzte Änderung: 30 Mai 2018 12:53
PPN:
Referenten: Ghiglieri, Marco
Zugehörige Links:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen