Analyzing and Modeling Longitudinal Security Data

Edwards, Benjamin; Hofmeyr, Steven; Forrest, Stephanie; Eeten, Michel van

doi:10.1145/2818000.2818010

Cited by 9 publications

(12 citation statements)

References 37 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Our approach extends previous work [4, 2, 16] in its adoption of an analysis of spam from an age-comparative perspective. This perspective allowed us to determine the extent to which spammers in today’s spam emails target young vs older users differently, based on their particular vulnerabilities [17].…”

Section: Introductionmentioning

confidence: 52%

See 1 more Smart Citation

Empirical analysis of weapons of influence, life domains, and demographic-targeting in modern spam: an age-comparative perspective

et al. 2019

View full text Add to dashboard Cite

Spam has been increasingly used for malware distribution. This paper analyzed modern spam from an age-comparative perspective to (i) discover the extent to which psychological weapons of influence and life domains were represented in today’s spam emails and (ii) clarify variations in the use of these weapons and life domains by user demographics. Thirty five young and 32 older participants forwarded 18,605 emails from their spam folder to our study email account. A random set of 961 emails were submitted to qualitative content coding and quantitative statistical analysis. Reciprocation was the most prevalent weapon; financial, leisure, and independence the most prevalent life domains. Older adults received health and independence-related spam emails more frequently, while young adults received leisure and occupation-related spam emails more often. These age differences show a level of targeting by user demographics in current spam campaigns. This targeting shows the need for age-tailored demographic warnings highlighting the presence of influence and pretexting (life domains) for suspicious emails for improved response to cyber-attacks that could result from spam distribution. The insights from this study and the produced labeled dataset of spam messages can inform the development of the next generation of such solutions, especially those based on machine learning.

show abstract

Section: Introductionmentioning

confidence: 52%

“…Spam is usually sent by botnets, hired by spammers for their spam campaigns. Thus, many studies have focused on analyzing (i) the operation of such botnets [12, 3]; (ii) how the botnets automatically generate content for spam campaigns [2]; and (iii) the statistical features of large corpuses of spam [16].…”

Section: Related Workmentioning

confidence: 99%

Empirical analysis of weapons of influence, life domains, and demographic-targeting in modern spam: an age-comparative perspective

et al. 2019

View full text Add to dashboard Cite

show abstract

“…A variety of methods could be used to construct a mapping of IP space to organizations, but it is crucial to make this mapping as accurate as possible. Given the heavy tailed nature of security incidents [23,24], misc attribution of a security incident could alter the assessment of an organization.…”

Section: Identifying An Organizations Network Footprintmentioning

confidence: 99%

“…For example Stone-Gross et al focused on ISPs with persistent malicious behavior [61]. Edwards et al studied the concentration of spam sending IP addresses within Internet Service providers, and examined some risk vectors(including economic, geographic, and connectivity) for high levels of spam concentrations [24]. Other work has focused identifying high concentrations of infected IP addresses in certain parts of the Internet [47,53,13].…”

Section: Related Workmentioning

confidence: 99%

Risky Business: Assessing Security with External Measurements

Edwards,

Jacobs,

Forrest

2019

Preprint

Self Cite

View full text Add to dashboard Cite

Security practices in large organizations are notoriously difficult to assess. The challenge only increases when organizations turn to third parties to provide technology and business services, which typically require tight network integration and sharing of confidential data, potentially increasing the organization's attack surface. The security maturity of an organization describes how well it mitigates known risks and responds to new threats. Today, maturity is typically assessed with audits and questionnaires, which are difficult to quantify, lack objectivity, and may not reflect current threats.This paper demonstrates how external measurement of an organization can be used to assess the relative quality of security among organizations. Using a large dataset from BitSight 1 , a cybersecurity ratings company, containing 3.2 billion measurements spanning nearly 37,000 organizations collected during calendar year 2015, we show how perorganizational 'risk vectors' can be constructed that may be related to an organization's overall security posture, or maturity. Using statistical analysis, we then study the correlation between the risk vectors and botnet infections. For example, we find that misconfigured TLS services, publicly available unsecured protocols, and the use of peer-to-peer file sharing correlate with organizations that have increased rates of botnet infections. We argue that the methodology used to identify these correlations can easily be applied to other data to provide a growing picture of organizational security using external measurement.

show abstract

“…They found, that many cybersecurity problems occur at a global scale, involving nations, corporations, or individuals whose actions have impact around the world [10]. Another security problem is related to insecure sharing data.…”

Section: Fig 1 Blended Threaths Bypassing Traditional Security Contmentioning

confidence: 99%

Information Security and Development Problems eGoverment System in Ukraine

Khmelevskoy¹,

Khmelevskoy²,

Kozachok³

et al. 2018

MIS

View full text Add to dashboard Cite

In this research paper we discuss current information Cyber Security problems of Governments in Europe. We discuss related issues in Europe and particularly in Ukraine. Additionally we discuss Cyber Security in state administration and on the objects of information activities, as well as offering recommendations for creating a system of their information security using modern technological methods solutions by applying modern technological methods.

show abstract

Analyzing and Modeling Longitudinal Security Data

Cited by 9 publications

References 37 publications

Empirical analysis of weapons of influence, life domains, and demographic-targeting in modern spam: an age-comparative perspective

Empirical analysis of weapons of influence, life domains, and demographic-targeting in modern spam: an age-comparative perspective

Risky Business: Assessing Security with External Measurements

Information Security and Development Problems eGoverment System in Ukraine

Contact Info

Product

Resources

About