Detection of Social Engineering Attacks Through Natural Language Processing of Conversations
- 1 February 2016
- conference paper
- conference paper
- Published by Institute of Electrical and Electronics Engineers (IEEE) in 2016 IEEE Tenth International Conference on Semantic Computing (ICSC)
- p. 262-265
- https://doi.org/10.1109/icsc.2016.95
Abstract
As computer security approaches improve, social engineering attacks have become more prevalent because they exploit human vulnerabilities which are hard to automatically protect. We present an approach to detecting a social engineering attack which applies natural language processing techniques to identify suspicious comments made by an attacker. Social engineering attacks involve either questions which request private information, or commands which request the listener to perform tasks which the speaker is not authorized to perform. Our approach uses natural language processing techniques to detect questions and commands, and extract their likely topics. Each extracted topic is compared against a topic blacklist to determine if the question or command is malicious. Our approach is generally applicable to many attack vectors since it relies only on the dialog text. We have applied our approach to analyze the transcripts of several attack dialogs and we have achieved high detection accuracy and low false positive rates in our experiments.Keywords
This publication has 5 references indexed in Scilit:
- Semantic analysis of dialogs to detect social engineering attacksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- Echoes of powerPublished by Association for Computing Machinery (ACM) ,2012
- Social engineering attack detection model: SEADMPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2010
- Accurate unlexicalized parsingPublished by Association for Computational Linguistics (ACL) ,2003
- Speech ActsPublished by Cambridge University Press (CUP) ,1969