2019
DOI: 10.1049/iet-ifs.2018.5090
|View full text |Cite
|
Sign up to set email alerts
|

Detecting lateral spear phishing attacks in organisations

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
14
0
1

Year Published

2019
2019
2024
2024

Publication Types

Select...
4
3
1

Relationship

0
8

Authors

Journals

citations
Cited by 14 publications
(15 citation statements)
references
References 11 publications
0
14
0
1
Order By: Relevance
“…They found that composition features such as the encoding of an email and transportation features such as the timezone path an email takes to reach its destination provide a means of validating an email when other fields have been spoofed. Bhadane and Mane [35] made use of email metadata within an organisational setting, looking at scenarios where a spear phishing attack is being launched from a compromised legitimate account within a network. They made use of information such as IP addresses and an email's travel route to detect spear phishing attacks within a real-world scenario.…”
Section: Related Workmentioning
confidence: 99%
See 1 more Smart Citation
“…They found that composition features such as the encoding of an email and transportation features such as the timezone path an email takes to reach its destination provide a means of validating an email when other fields have been spoofed. Bhadane and Mane [35] made use of email metadata within an organisational setting, looking at scenarios where a spear phishing attack is being launched from a compromised legitimate account within a network. They made use of information such as IP addresses and an email's travel route to detect spear phishing attacks within a real-world scenario.…”
Section: Related Workmentioning
confidence: 99%
“…Although they found that using these social features did not provide any benefit to prediction accuracy. Other studies [36,35,37] queried WHOIS and FQDN information based on data retrieved from the email headers-usually combining these with stylometric and metadata features.…”
Section: Related Workmentioning
confidence: 99%
“…The authors adopted a technique to detect false positives and true positives in the arrival of emails, they are given a score to take actions on the mail; in the tests they obtained a false positive rate of 0.88% and a true positive rate of 86.69%; the accuracy of the model was 98.79%; they stated that their research serves as an improvement in identifying a higher rate of true positives and a lower rate of false positives [42].…”
Section: Related Jobsmentioning
confidence: 99%
“…[32], Detection of DoS/DDoS attack against HTTP servers using naive Bayesian [33], Detection of DoS attack and Zero Day Threat with SIEM [34], A Framework for Making Effective Responses to Cyberattacks [35], Attack detection/prevention system against cyberattack in industrial control systems [36], Is the responsibilization of the cyber security risk reasonable and judicious? [37], A visualization cybersecurity method based on features' dissimilarity [38], Automatic security policy enforcement in computer systems [39], Defending Against Web Application Attacks: Approaches, Challenges and Implications [40], Statistical Application Fingerprinting for DDoS Attack Mitigation [41], Detecting lateral spear phishing attacks in organisations [42], A Survey on Distributed Denial of Service (DDoS) Attacks in SDN and Cloud [43], BWManager: Mitigating Denial of Service Attacks in Software-Defined Networks Through Bandwidth Prediction [44].…”
Section: Introductionmentioning
confidence: 99%
“…Se han propuesto diferentes técnicas de clasificación ML que pueden ayudar a detectar correo spam; para ello, es necesaria la clasificación de correos auténticos y fraudulentos, de acuerdo a criterios como el asunto del mensaje, el remitente y enlaces maliciosos en el cuerpo del mensaje; esto permite que el algoritmo aprenda a clasificar los correos electrónicos utilizando el conjunto de datos de entrenamiento. Los autores en [11] propusieron una técnica de puntuación para detectar correos electrónicos dirigidos auténticos usando una combinación de varias características; además, se ha creado un sistema de detección práctico, desplegable y en tiempo real para estos ataques.…”
Section: Aprendizaje Automático Aplicado a La Ciberseguridad Para La ...unclassified