A system architecture for preventing social engineering attacks via e-mail
Abstract
Modern business and the expansion of Internet technology have caused a great growth in communication via electronic mail. Bearing in mind that the weakest link of any system is the person himself, it is precisely in this part of the system that the greatest danger of unauthorized access to ICT resources is recognized[6]. For this reason, the greatest attention regarding the protection of ICT systems should be focused on the users themselves and preventive response to phishing campaigns as the most common form of cyber attack. This paper will present the system architecture for preventive response to phishing campaigns. The architecture itself, which will be explained in more detail later in the text, consists of several different modules integrated into a whole. First, a sender analysis module, which would be based on the blacklist principle. Next, an email attachment analysis module, which would perform the functions of static and dynamic analysis of potentially malicious attachments. A link analysis module, which would include the application of CORTEX, an open source intelligence service, and finally, a text analysis module, based on statistical models.
Keywords: phishing, Cortex; analysis, cyber attack
References
[1] Weidman G.( 2014). Penetration testing : a hands-on introduction to hacking.
[2] Hadnagy C., Fincher M.(2015). Phishing Dark Waters: The Offensive and Defensive Sides of Malicious E-mails
[3] https://github.com/thehive-project/Cortex/
[4] https://github.com/gophish/gophish
[5] Narendra. M. Shekokar, Chaitali Shah, Mrunal Mahajan, Shruti Rachh.(2015). An Ideal Approach for Detection and Prevention of Phishing Attacks
[6] A study of cyber security challenges and its emergning trends onlatest technologies Nikhita G., Reddy, G.J.Ugander Reddy
I (we), the author(s), hereby declare under full moral, financial and criminal liability that the manuscript submitted for publication to the Journal of Computer and Forensic Sciences
a) is the result of my (our) own original research and that I (we) hold the right to publish it;
b) does not infringe any copyright or other third-party proprietary rights;
c) complies with the Journal’s research and publishing ethics standards;
d) has not been published elsewhere, under this or any other title;
e) is not under consideration by another publication, under this or any other title.
I (we) also declare under full moral, financial and criminal liability:
f) that all conflicts of interest that may directly or potentially influence or impart bias on the work have been disclosed in the manuscript;
g) that if the article has been accepted for publishing I (we) will transfer all copyright ownership of the manuscript to the University of Criminal Investigation and Police Studies in Belgrade.
Signed by the Corresponding Author on behalf of the all other authors.