Publikation
Seen the villains: Detecting Social Engineering Attacks using Case-based Reasoning and Deep Learning
Merton Lansley; Nikolaos Polatidis; Stelios Kapetanakis; Kareem Amin; George Samakovitis; Miltos Petridis
In: Workshops Proceedings for the Twenty-seventh International Conference on Case-Based Reasoning: Case-based reasoning and deep learning workshop. Case-Based Reasoning and Deep Learning Workshop (CBDRL-2019), located at Twenty-seventh International Conference on Case-Based Reasoning, September 9, Otzenhausen, Germany, ICCBR, 2019.
Zusammenfassung
Social engineering attacks are frequent, well-known and easy-toapply attacks in the cyber domain. Historical evidence of such attacks has shown that the vast majority of malicious attempts against both physical and virtual IT systems were based or been initiated using social engineering methods. By identifying the importance of tackling efficiently cybersecurity threats and using the recent developments in machine learning, case based reasoning and cybersecurity we propose and demonstrate a two-stage approach that detects social engineering attacks and is based on natural language processing, case-based reasoning and deep learning. Our approach can be applied in offline texts or real time environments and can identify whether a human, chatbot or offline conversation is a potential social engineering attack or not. Initially, the conversation text is parsed and checked for grammatical errors using natural language processing techniques and case-based reasoning and then deep learning is used to identify and isolate possible attacks. Our proposed method is being evaluated using both real and semi-synthetic conversation points with high accuracy results. Comparison benchmarks are also presented for comparisons in both datasets.