Abstract
Chat-based Social Engineering (CSE) is widely recognized as a key factor to successful cyber-attacks, especially in small and medium-sized enterprise (SME) environments. Despite the interest in preventing CSE attacks, few studies have considered the specific features of the language used by the attackers. This work contributes to the area of early-stage automated CSE attack recognition by proposing an approach for building and annotating a specific-purpose corpus and presenting its application in the CSE domain. The resulting CSE corpus is then evaluated by training a bi-directional long short-term memory (bi-LSTM) neural network for the purpose of named entity recognition (NER). The results of this study emphasize the importance of adding a plethora of metadata to a dataset to provide critical in-context features and produce a corpus that broadens our understanding of the tactics used by social engineers. The outcomes can be applied to dedicated cyber-defence mechanisms utilized to protect SME employees using Electronic Medium Communication (EMC) software.
Subject
Fluid Flow and Transfer Processes,Computer Science Applications,Process Chemistry and Technology,General Engineering,Instrumentation,General Materials Science
Reference52 articles.
1. What Is “Social Engineering”?https://www.enisa.europa.eu/topics/csirts-in-europe/glossary/what-is-social-engineering
2. Social Engineering Threats and Awareness: A Survey;Kumar;Eur. J. Adv. Eng. Technol.,2015
3. A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks
4. Social Engineering Attacks: A Survey
5. 2020 Data Breach Investigations Reporthttps://enterprise.verizon.com/resources/reports/dbir/
Cited by
8 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献