Mitigation of Spear Phishing Attacks: A Content-Based Authorship Identification Framework
Document Type
Conference Proceeding
Publisher
IEEE
Editor(s)
Charles Shoniregun
Faculty
Faculty of Computing, Health and Science
School
School of Computer and Security Science / Security Research Centre (secAU)
RAS ID
12289
Abstract
Phishing is a semantic attack that takes advantage of the naivety of the human behind electronic systems (e.g. e-banking). Educating end-users can minimize the impact of phishing attacks, however it remains relatively expensive and time consuming. Thus, many software-based solutions, such as classifiers, are being proposed by researchers. However, no software solutions have been proposed to minimize the impact of spear phishing attacks, which are the targeted form of phishing, and have a higher success rate than generic bulk phishing attacks. In this paper, we describe a novel framework to mitigate spear phishing attacks via the use of document authorship techniques — Anti-Spear phishing Content-based Authorship Identification (ASCAI). ASCAI informs the user of possible mismatches between the writing styles of a received email body and of trusted authors by studying the email body itself (i.e. the writeprint), as opposed to traditional user ID-based authentication techniques which can be spoofed or abused. As a proof of concept, we implemented the proposed framework using Source Code Author Profiles (SCAP), and the evaluation results are presented.
Access Rights
subscription content
Comments
Khonji, M., Iraqi, Y., & Jones, A. (2011). Mitigation of Spear Phishing Attacks: A Content-Based Authorship Identification Framework. Paper presented at the International Conference for Internet Technology and Secured Transactions (ICITST). Abu Dhabi, UAE. Available here