Sign In

Communications of the ACM

ACM TechNews

Researchers Devise Hopeful Defense Against Credential Spear-Phishing Attacks

View as: Print Mobile App Share: Send by email Share on reddit Share on StumbleUpon Share on Hacker News Share on Tweeter Share on Facebook

A group of university researchers have proposed a method for detecting credential spear-phishing attacks.

Credit: The Register

Researchers at the University of California, Berkeley and collaborators have proposed DAS, a method for detecting credential spear-phishing attacks.

The team used a dataset of about 370 million emails from Lawrence Berkeley National Laboratory to analyze an attack's stages, then devised DAS to identify anomalies, uncovering 19 known spear-phishing campaigns in the dataset.

The researchers deconstructed the taxonomy of credential spear-phishing, demonstrating that enterprises can develop their own form of reputation monitoring from enterprise traffic monitoring.

"Our detector can detect real-world attacks, including those from a previously unseen attacker, with a budget of 10 alerts per day," the researchers say.

From a random sample of 100 days, DAS yielded figures ranging from 19 to zero alerts daily, with the average being seven alerts daily.

"Our detector's ability to identify both known and novel attacks, and the low volume and burden of alerts it imposes, suggests that our approach provides a practical path towards detecting credential spear-phishing attacks," the team says.

From Security Week
View Full Article


Abstracts Copyright © 2017 Information Inc., Bethesda, Maryland, USA


No entries found

Sign In for Full Access
» Forgot Password? » Create an ACM Web Account
ACM Resources