|COOKIES: By using this website you agree that we can place Google Analytics Cookies on your device for performance monitoring.|
Who's next? Identifying risk factors for subjects of targeted attacks
If you have a question about this talk, please contact Wei Ming Khoo.
Malware-containing emails can be sent to anyone. Single malware variants can be sent to tens of thousands of recipients without distinction. However, a small proportion of email malware is sent in low copy number to a small set of recipients that have apparently been specifically selected by the attacker. These targeted attacks are challenging to detect and if successful, may be particularly damaging for the recipient. The vast majority of Internet users will never be sent a targeted attack. The few users to which such attacks are sent, presumably possess features that have brought them to the attention of attackers, and have caused them to be selected for attack. Applying epidemiological techniques to calculate the odds ratio for features of malware recipients, both targeted and non-targeted, allows the identification of putative factors that are associated with targeted attack recipients. In this paper we show that it is possible to identify putative risk factors that are associated with individuals subjected to targeted attacks, by considering the threat akin to a public health issue. These risk factors may be used to identify those at risk of being subject to future targeted attacks, so that these individuals can take additional steps to secure their systems and data.
This talk is part of the Computer Laboratory Security Seminar series.
This talk is included in these lists:
Note that ex-directory lists are not shown.
Other listsINTP Forum DAMTP atmosphere-ocean Empowered Voices Year
Other talksDay 1 - Corporate Finance Theory Symposium September 2015 Hack the Lab Hybrid functional devices based on graphene Artificial selection reveals the costs and benefits of large brain size Inside Snowden’s suitcase Forcing with large continuum