An eye for deception: A case study in utilizing the human-as-a-security-sensor paradigm to detect zero-day semantic social engineering attacks
Title | An eye for deception: A case study in utilizing the human-as-a-security-sensor paradigm to detect zero-day semantic social engineering attacks |
Publication Type | Conference Paper |
Year of Publication | 2017 |
Authors | Heartfield, R., Loukas, G., Gan, D. |
Conference Name | 2017 IEEE 15th International Conference on Software Engineering Research, Management and Applications (SERA) |
Date Published | jun |
Publisher | IEEE |
ISBN Number | 978-1-5090-5756-6 |
Keywords | application spoofing, Browsers, Computer crime, cyber security, defense, Electronic mail, feature extraction, Human Behavior, human factors, human-as-a-security-sensor paradigm, Human-as-a-Sensor, information security scenarios, learning (artificial intelligence), machine learning, multimedia masquerading, phishing, Predictive models, pubcrawl, reliability, security, security measures, semantic attacks, semantic social engineering attacks, Semantics, Social Engineering, Spear-phishing, technical security countermeasures, threat detection, user deception threat, Zero day attacks, zero-day semantic social engineering attack detection |
Abstract | In a number of information security scenarios, human beings can be better than technical security measures at detecting threats. This is particularly the case when a threat is based on deception of the user rather than exploitation of a specific technical flaw, as is the case of spear-phishing, application spoofing, multimedia masquerading and other semantic social engineering attacks. Here, we put the concept of the human-as-a-security-sensor to the test with a first case study on a small number of participants subjected to different attacks in a controlled laboratory environment and provided with a mechanism to report these attacks if they spot them. A key challenge is to estimate the reliability of each report, which we address with a machine learning approach. For comparison, we evaluate the ability of known technical security countermeasures in detecting the same threats. This initial proof of concept study shows that the concept is viable. |
URL | http://ieeexplore.ieee.org/document/7965754/ |
DOI | 10.1109/SERA.2017.7965754 |
Citation Key | heartfield_eye_2017 |
- Phishing
- zero-day semantic social engineering attack detection
- Zero day attacks
- user deception threat
- threat detection
- technical security countermeasures
- Spear-phishing
- social engineering
- Semantics
- semantic social engineering attacks
- semantic attacks
- security measures
- security
- Reliability
- pubcrawl
- Predictive models
- application spoofing
- multimedia masquerading
- machine learning
- learning (artificial intelligence)
- information security scenarios
- Human-as-a-Sensor
- human-as-a-security-sensor paradigm
- Human Factors
- Human behavior
- feature extraction
- Electronic mail
- defense
- cyber security
- Computer crime
- Browsers