Files in this item

FilesDescriptionFormat

application/pdf

application/pdfpaper_235.pdf (756kB)
(no description provided)PDF

Description

Title:Modeling Deception for Identifying and Protecting against Advanced Email Phishing
Author(s):Almoqbil, Abdullah
Subject(s):Information security
Deception
Phishing emails
Functional ontology construction
Reinforcement
Abstract:Cheating, beguiling, and misleading information exist all around us; understanding deception and its consequences is crucial in our information environment. This study investigates deception in phishing emails that successfully bypassed Microsoft 365 filtering system. We devised a model that explains why some people are deceived and how the target individuals and organizations can understand the motivation behind deception and how to prevent or counter attacks. The theoretical framework used in this study was Anderson’s Functional Ontology Construction (FOC). The methodology of the study involves quantitative and qualitative descriptive design, where the data source for this study is the phishing emails archived from an educational organization. We looked for term frequency inverse document frequency (Tf-idf) and the distribution of words over documents (topic modeling) and found the subjects of phishing emails that targeted educational organizations are related to banks, jobs, and technologies. Also, our analysis shows the phishing emails in the dataset come under six categories; reward, urgency, curiosity, fear, job, and entertainment. Results indicate that staff and students were primarily targeted, and a list of the most used verbs for deception was compiled. We uncovered the stimuli being used by scammers and types of reinforcements used to misinform the target to ensure successful trapping via phishing emails. We identified how scammers pick their targets and how they tailor and systematically orchestrate individual attack on targets. The limitations of this study pertain to the sample size and the collection method. Future work will focus on implementing the derived model into building a software that can perform deception identification, target alerting and protection against advanced email phishing.
Issue Date:2020-10-13
Series/Report:Information Security
Data Visualization
Ontologies
Sociology of Information
Genre:Conference Poster
Type:Text
URI:http://hdl.handle.net/2142/108840
Date Available in IDEALS:2020-10-09


This item appears in the following Collection(s)

Item Statistics