LERSSE-RefConfPaper-2016-003

Harvesting the Low-hanging Fruits: Defending Against Automated Large-Scale Cyber-Intrusions by Focusing on the Vulnerable Populations

Hassan Halawa ; Konstantin Beznosov ; Yazan Boshmaf ; Baris Coskun ; Matei Ripeanu ; Elizeu Santos-Neto

29 September 2016

Abstract: The orthodox paradigm to defend against automated social-engineering attacks in large-scale socio-technical systems is reactive and victim-agnostic. Defenses generally focus on identifying the attacks/attackers (e.g., phishing emails, social-bot infiltrations, malware offered for download). To change the status quo, we propose to identify, even if imperfectly, the vulnerable user population, that is, the users that are likely to fall victim to such attacks. Once identified, information about the vulnerable population can be used in two ways. First, the vulnerable population can be influenced by the defender through several means including: education, specialized user experience, extra protection layers and watchdogs. In the same vein, information about the vulnerable population can ultimately be used to fine-tune and reprioritize defense mechanisms to offer differentiated protection, possibly at the cost of additional friction generated by the defense mechanism. Secondly, information about the user population can be used to identify an attack (or compromised users) based on differences between the general and the vulnerable population. This paper considers the implications of the proposed paradigm on existing defenses in three areas (phishing of user credentials, malware distribution and socialbot infiltration) and discusses how using knowledge of the vulnerable population can enable more robust defenses.

Keyword(s): Vulnerable population ; Cyber intrusions ; Defense system design

Published in: In Proceedings of the New Security Paradigms Workshop (NSPW), September 26-29, 2016, Granby, CO, USA.:

The record appears in these collections:
Refereed Conference Papers

 Record created 2016-12-12, last modified 2019-03-21


Fulltext:
Download fulltextPDF Download fulltextPDF (PDFA)
Rate this document:

Rate this document:
1
2
3
 
(Not yet reviewed)