BEGIN:VCALENDAR VERSION:2.0 PRODID:-//talks.cam.ac.uk//v3//EN BEGIN:VTIMEZONE TZID:Europe/London BEGIN:DAYLIGHT TZOFFSETFROM:+0000 TZOFFSETTO:+0100 TZNAME:BST DTSTART:19700329T010000 RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=-1SU END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:+0100 TZOFFSETTO:+0000 TZNAME:GMT DTSTART:19701025T020000 RRULE:FREQ=YEARLY;BYMONTH=10;BYDAY=-1SU END:STANDARD END:VTIMEZONE BEGIN:VEVENT CATEGORIES:Computer Laboratory Security Seminar SUMMARY:Who's next? Identifying risk factors for subjects of targeted attacks - Martin Lee (Symantec) DTSTART;TZID=Europe/London:20121127T161500 DTEND;TZID=Europe/London:20121127T171500 UID:TALK40621AThttp://talks.cam.ac.uk URL:http://talks.cam.ac.uk/talk/index/40621 DESCRIPTION:Malware-containing emails can be sent to anyone. S ingle malware variants can be sent to tens of thou sands of recipients without distinction. However\, a small proportion of email malware is sent in lo w copy number to a small set of recipients that ha ve apparently been specifically selected by the at tacker. These targeted attacks are challenging to detect and if successful\, may be particularly dam aging for the recipient. The vast majority of Inte rnet users will never be sent a targeted attack. T he few users to which such attacks are sent\, pres umably possess features that have brought them to the attention of attackers\, and have caused them to be selected for attack. Applying epidemiologica l techniques to calculate the odds ratio for featu res of malware recipients\, both targeted and non- targeted\, allows the identification of putative f actors that are associated with targeted attack re cipients. In this paper we show that it is possibl e to identify putative risk factors that are assoc iated with individuals subjected to targeted attac ks\, by considering the threat akin to a public he alth issue. These risk factors may be used to iden tify those at risk of being subject to future targ eted attacks\, so that these individuals can take additional steps to secure their systems and data. LOCATION:Lecture Theatre 2\, Computer Laboratory\, William Gates Building CONTACT:Wei Ming Khoo END:VEVENT END:VCALENDAR