|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Who's next? Identifying risk factors for subjects of targeted attacks
If you have a question about this talk, please contact Wei Ming Khoo.
Malware-containing emails can be sent to anyone. Single malware variants can be sent to tens of thousands of recipients without distinction. However, a small proportion of email malware is sent in low copy number to a small set of recipients that have apparently been specifically selected by the attacker. These targeted attacks are challenging to detect and if successful, may be particularly damaging for the recipient. The vast majority of Internet users will never be sent a targeted attack. The few users to which such attacks are sent, presumably possess features that have brought them to the attention of attackers, and have caused them to be selected for attack. Applying epidemiological techniques to calculate the odds ratio for features of malware recipients, both targeted and non-targeted, allows the identification of putative factors that are associated with targeted attack recipients. In this paper we show that it is possible to identify putative risk factors that are associated with individuals subjected to targeted attacks, by considering the threat akin to a public health issue. These risk factors may be used to identify those at risk of being subject to future targeted attacks, so that these individuals can take additional steps to secure their systems and data.
This talk is part of the Computer Laboratory Security Seminar series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsCUES Neuropsychiatry discussion group Commercialisation Seminar Series
Other talksNew Governance and the European Union: An Empirical and Conceptual Critique Title TBA Some of my Accidents Faster C++ Sex, Disease and Fertility in History Pursuing Justice in Africa