Don't Forget the Human: A Crowdsourced Approach to Automate Response and Containment against Spear Phishing Attacks

Onderzoeksoutput: Hoofdstuk in Boek/Rapport/CongresprocedureConferentiebijdrageAcademicpeer review

2 Citaten (Scopus)

Samenvatting

Organizations are increasingly facing sophisticated social engineering attacks that exploit human vulnerabilities and overcome commonly available countermeasures. Spear-phishing campaigns are becoming the most prevalent attack and source of compromise for most organizations. We argue that existing prevention and detection countermeasures are fundamentally ineffective against this class of attacks. In this work, we propose a novel approach to address the limitations of existing countermeasures. Our proposition is a new course of action to exploit human detection capabilities as a basis of automated response strategies. Preliminary results unveil users' mental models for phishing detection and reporting as a way to improve the phishing reporting process altogether. A real word case study is provided to promote the feasibility of our proposal.

Originele taal-2Engels
TitelProceedings - 5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020
UitgeverijInstitute of Electrical and Electronics Engineers
Pagina's471-476
Aantal pagina's6
ISBN van elektronische versie978-1-7281-8597-2
ISBN van geprinte versie978-1-7281-8598-9
DOI's
StatusGepubliceerd - sep 2020
Evenement5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020 - Virtual, Genoa, Italië
Duur: 7 sep 202011 sep 2020

Congres

Congres5th IEEE European Symposium on Security and Privacy Workshops, Euro S and PW 2020
LandItalië
StadVirtual, Genoa
Periode7/09/2011/09/20

Vingerafdruk Duik in de onderzoeksthema's van 'Don't Forget the Human: A Crowdsourced Approach to Automate Response and Containment against Spear Phishing Attacks'. Samen vormen ze een unieke vingerafdruk.

Citeer dit