TU Darmstadt / ULB / TUbiblio

Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques

Engels, Heinrich-Alexander (2012)
Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques.
Technische Universität Darmstadt
Master Thesis, Bibliographie

Abstract

E-mail driven communication opens up new opportunities for social engineering attacks like the ‘doppelganger mail attack’. Our goal is to lessen the impact of such attacks by employing machine learning techniques. In order to do so we determine if incoming mail by unknown addresses can be matched to other known contacts and thereby verify if an impersonation attack is being carried out. At the same time doppelganger mail will not work on our setup, since they will be regarded as unknown e-mails. For that purpose, we develop an extension for the e-mail client Thunderbird and test several scenarios, showing that our approach can successfully counter most doppelganger mail based social engineering attacks. Although our approach is successful, there are still some attacks which cannot be detected. We highlight these attacks in our work and propose ways of detecting them in future implementations.

Item Type: Master Thesis
Erschienen: 2012
Creators: Engels, Heinrich-Alexander
Type of entry: Bibliographie
Title: Detection, Visualization and Prevention of Social Engineering Attacks on E-Mails by Using Machine Learning Techniques
Language: German
Referees: Ghiglieri, Marco
Date: July 2012
Corresponding Links:
Abstract:

E-mail driven communication opens up new opportunities for social engineering attacks like the ‘doppelganger mail attack’. Our goal is to lessen the impact of such attacks by employing machine learning techniques. In order to do so we determine if incoming mail by unknown addresses can be matched to other known contacts and thereby verify if an impersonation attack is being carried out. At the same time doppelganger mail will not work on our setup, since they will be regarded as unknown e-mails. For that purpose, we develop an extension for the e-mail client Thunderbird and test several scenarios, showing that our approach can successfully counter most doppelganger mail based social engineering attacks. Although our approach is successful, there are still some attacks which cannot be detected. We highlight these attacks in our work and propose ways of detecting them in future implementations.

Identification Number: TUD-CS-2012-0245
Divisions: 20 Department of Computer Science > Security in Information Technology
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Profile Areas > Cybersecurity (CYSEC)
LOEWE > LOEWE-Zentren
20 Department of Computer Science
Profile Areas
LOEWE
Date Deposited: 31 Dec 2016 11:42
Last Modified: 30 May 2018 12:53
PPN:
Referees: Ghiglieri, Marco
Export:
Suche nach Titel in: TUfind oder in Google
Send an inquiry Send an inquiry

Options (only for editors)
Show editorial Details Show editorial Details