TU Darmstadt / ULB / TUbiblio

Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques

Engels, Heinrich-Alexander (2012):
Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques.
TU Darmstadt, [Master Thesis]

Abstract

E-mail driven communication opens up new opportunities for social engineering attacks like the ‘doppelganger mail attack’. Our goal is to lessen the impact of such attacks by employing machine learning techniques. In order to do so we determine if incoming mail by unknown addresses can be matched to other known contacts and thereby verify if an impersonation attack is being carried out. At the same time doppelganger mail will not work on our setup, since they will be regarded as unknown e-mails. For that purpose, we develop an extension for the e-mail client Thunderbird and test several scenarios, showing that our approach can successfully counter most doppelganger mail based social engineering attacks. Although our approach is successful, there are still some attacks which cannot be detected. We highlight these attacks in our work and propose ways of detecting them in future implementations.

Item Type: Master Thesis
Erschienen: 2012
Creators: Engels, Heinrich-Alexander
Title: Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques
Language: German
Abstract:

E-mail driven communication opens up new opportunities for social engineering attacks like the ‘doppelganger mail attack’. Our goal is to lessen the impact of such attacks by employing machine learning techniques. In order to do so we determine if incoming mail by unknown addresses can be matched to other known contacts and thereby verify if an impersonation attack is being carried out. At the same time doppelganger mail will not work on our setup, since they will be regarded as unknown e-mails. For that purpose, we develop an extension for the e-mail client Thunderbird and test several scenarios, showing that our approach can successfully counter most doppelganger mail based social engineering attacks. Although our approach is successful, there are still some attacks which cannot be detected. We highlight these attacks in our work and propose ways of detecting them in future implementations.

Divisions: 20 Department of Computer Science > Security, Usability and Society
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Date Deposited: 31 Dec 2016 11:42
Identification Number: TUD-CS-2012-0245
Referees: Ghiglieri, Marco
Related URLs:
Export:

Optionen (nur für Redakteure)

View Item View Item