Engels, Heinrich-Alexander (2012)
Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques.
Technische Universität Darmstadt
Master Thesis, Bibliographie
Abstract
E-mail driven communication opens up new opportunities for social engineering attacks like the ‘doppelganger mail attack’. Our goal is to lessen the impact of such attacks by employing machine learning techniques. In order to do so we determine if incoming mail by unknown addresses can be matched to other known contacts and thereby verify if an impersonation attack is being carried out. At the same time doppelganger mail will not work on our setup, since they will be regarded as unknown e-mails. For that purpose, we develop an extension for the e-mail client Thunderbird and test several scenarios, showing that our approach can successfully counter most doppelganger mail based social engineering attacks. Although our approach is successful, there are still some attacks which cannot be detected. We highlight these attacks in our work and propose ways of detecting them in future implementations.
Item Type: | Master Thesis |
---|---|
Erschienen: | 2012 |
Creators: | Engels, Heinrich-Alexander |
Type of entry: | Bibliographie |
Title: | Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques |
Language: | German |
Referees: | Ghiglieri, Marco |
Date: | July 2012 |
Corresponding Links: | |
Abstract: | E-mail driven communication opens up new opportunities for social engineering attacks like the ‘doppelganger mail attack’. Our goal is to lessen the impact of such attacks by employing machine learning techniques. In order to do so we determine if incoming mail by unknown addresses can be matched to other known contacts and thereby verify if an impersonation attack is being carried out. At the same time doppelganger mail will not work on our setup, since they will be regarded as unknown e-mails. For that purpose, we develop an extension for the e-mail client Thunderbird and test several scenarios, showing that our approach can successfully counter most doppelganger mail based social engineering attacks. Although our approach is successful, there are still some attacks which cannot be detected. We highlight these attacks in our work and propose ways of detecting them in future implementations. |
Identification Number: | TUD-CS-2012-0245 |
Divisions: | 20 Department of Computer Science > Security in Information Technology LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt Profile Areas > Cybersecurity (CYSEC) LOEWE > LOEWE-Zentren 20 Department of Computer Science Profile Areas LOEWE |
Date Deposited: | 31 Dec 2016 11:42 |
Last Modified: | 30 May 2018 12:53 |
PPN: | |
Referees: | Ghiglieri, Marco |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Send an inquiry |
Options (only for editors)
Show editorial Details |