Publicação
Recognition and evaluation of cybersecurity threats in reported emails
| Resumo: | Phishing is a specific type of cyberattack where attackers take advantage of, for example, malicious emails with the intent of tricking entities into disclosing private and sensitive information such as credentials for different types of accounts, financial data, and also personal information. This type of fraudulent activity has become very common and very well structured, where also attentive and informed companies and individuals pose as victims to the most sophisticated threats. To note that falling victim to such attacks pose as an unquestionably risk, from one’s career to financial losses and reputational damage. To lessen the probability of these risk’s occurrence, several companies are actively seeking for prevention solutions. One known, and very used, approach is the adoption of recognition tools that can automatically detect suspicious emails and mark them for further investigation. Yet, it is important to acknowledge that these tools may not consistently generate precise results. There exists the potential for inaccurately categorizing genuine emails as suspicious, also known as "false positives", or malicious emails as non-malicious, known as "false negatives". In order to address this issue, organizations may employ a blend of human knowledge and expertise partnered with intelligent software. For instance, by deploying automated and intelligent security ‘filters‘, such as firewalls, and Intrusion Detection Systems, a company can confidently trust that most illegitimate emails will be filtered out. In the event that a potential phishing email passes these security measures and reaches the company’s employees, the most detailed analysis can be done by trained personnel. This project focuses on evaluating these emails that may be potentially classified as phishing. The goal is to provide useful information to both email recipients who initially report such emails and the company’s security team. The information collected and analyzed can be crucial in helping the company make informed decisions on how to handle these situations. The proposed strategy will be based on the implementation of various methods that offer distinct approaches to tackling the phishing problem. Methods include URL analysis, assessing the similarity between sender and recipient domains, and using user relationships within the platform to obtain general information about malicious URLs. |
|---|---|
| Autores principais: | Murteira, Tiago Filipe Ferreira |
| Assunto: | Cibersegurança Phishing Deteção de Ameaças Ciberataques Segurança da Informação Teses de mestrado - 2024 |
| Ano: | 2024 |
| País: | Portugal |
| Tipo de documento: | dissertação de mestrado |
| Tipo de acesso: | acesso restrito |
| Instituição associada: | Universidade de Lisboa |
| Idioma: | inglês |
| Origem: | Repositório da Universidade de Lisboa |
| Resumo: | Phishing is a specific type of cyberattack where attackers take advantage of, for example, malicious emails with the intent of tricking entities into disclosing private and sensitive information such as credentials for different types of accounts, financial data, and also personal information. This type of fraudulent activity has become very common and very well structured, where also attentive and informed companies and individuals pose as victims to the most sophisticated threats. To note that falling victim to such attacks pose as an unquestionably risk, from one’s career to financial losses and reputational damage. To lessen the probability of these risk’s occurrence, several companies are actively seeking for prevention solutions. One known, and very used, approach is the adoption of recognition tools that can automatically detect suspicious emails and mark them for further investigation. Yet, it is important to acknowledge that these tools may not consistently generate precise results. There exists the potential for inaccurately categorizing genuine emails as suspicious, also known as "false positives", or malicious emails as non-malicious, known as "false negatives". In order to address this issue, organizations may employ a blend of human knowledge and expertise partnered with intelligent software. For instance, by deploying automated and intelligent security ‘filters‘, such as firewalls, and Intrusion Detection Systems, a company can confidently trust that most illegitimate emails will be filtered out. In the event that a potential phishing email passes these security measures and reaches the company’s employees, the most detailed analysis can be done by trained personnel. This project focuses on evaluating these emails that may be potentially classified as phishing. The goal is to provide useful information to both email recipients who initially report such emails and the company’s security team. The information collected and analyzed can be crucial in helping the company make informed decisions on how to handle these situations. The proposed strategy will be based on the implementation of various methods that offer distinct approaches to tackling the phishing problem. Methods include URL analysis, assessing the similarity between sender and recipient domains, and using user relationships within the platform to obtain general information about malicious URLs. |
|---|