A system architecture for preventing social engineering attacks via e-mail

  • Milan Brkić University of Criminal Investigation and Police Studies
Keywords: phishing, Cortex; analysis, cyber attack




Modern business and the expansion of Internet technology have caused a great growth in communication via electronic mail. Bearing in mind that the weakest link of any system is the person himself, it is precisely in this part of the system that the greatest danger of unauthorized access to ICT resources is recognized[6]. For this reason, the greatest attention regarding the protection of ICT systems should be focused on the users themselves and preventive response to phishing campaigns as the most common form of cyber attack. This paper will present the system architecture for preventive response to phishing campaigns. The architecture itself, which will be explained in more detail later in the text, consists of several different modules integrated into a whole. First, a sender analysis module, which would be based on the blacklist principle. Next, an email attachment analysis module, which would perform the functions of static and dynamic analysis of potentially malicious attachments. A link analysis module, which would include the application of CORTEX, an open source intelligence service, and finally, a text analysis module, based on statistical models.

Keywords: phishing, Cortex; analysis, cyber attack



[1] Weidman G.( 2014). Penetration testing : a hands-on introduction to hacking.


[2] Hadnagy C., Fincher M.(2015). Phishing Dark Waters: The Offensive and Defensive Sides of Malicious E-mails


[3] https://github.com/thehive-project/Cortex/


[4] https://github.com/gophish/gophish


[5] Narendra. M. Shekokar, Chaitali Shah, Mrunal Mahajan, Shruti Rachh.(2015). An Ideal Approach for Detection and Prevention of Phishing Attacks

[6] A study of cyber security challenges and its emergning trends onlatest technologies Nikhita G., Reddy, G.J.Ugander Reddy