Leveraging Machine Learning Techniques to Identify Deceptive Decoy Documents Associated with Targeted Email Attacks

Bo Sun, Tao Ban, Chansu Han, Takeshi Takahashi, Katsunari Yoshioka, Jun'ichi Takeuchi, Abdolhossein Sarrafzadeh, Meikang Qiu, Daisuke Inoue

研究成果: Contribution to journalArticle査読

抄録

Detecting and preventing targeted email attacks is a long-standing challenge in cybersecurity research and practice. A typical targeted email attack capitalizes on a sophisticated email message to persuade a victim to run a specific, seemingly innocuous, action such as opening a link or an attachment and downloading and installing a software program. To successfully perform such an attack without being noticed afterwards, the attached exploit documents (hereafter referred to as decoy documents), must contain content that is highly relevant to the target. An analysis of such decoy documents can provide crucial information for inferring and identifying the targeted or potentially harmed victims. In this paper, we propose an automatic approach that leverages natural language processing and machine learning to identify decoy documents that have a high chance of deceiving the targeted users. The experimental results show that the proposed method provides good prediction accuracy: the best result obtained on a collection of 200 Chinese decoy documents yielded an accuracy of 97.5%, an F-measure of 97.9% and a low FPR of 3.1%. The proposed scheme can be deployed at various access points to fortify the defense against targeted email attacks that threaten various targets.

本文言語英語
論文番号9435284
ページ(範囲)87962-87971
ページ数10
ジャーナルIEEE Access
9
DOI
出版ステータス出版済み - 2021

All Science Journal Classification (ASJC) codes

  • コンピュータ サイエンス(全般)
  • 材料科学(全般)
  • 工学(全般)

フィンガープリント

「Leveraging Machine Learning Techniques to Identify Deceptive Decoy Documents Associated with Targeted Email Attacks」の研究トピックを掘り下げます。これらがまとまってユニークなフィンガープリントを構成します。

引用スタイル