Social engineering attacks are frequent, well-known and easy-toapply attacks in the cyber domain. Historical evidence of such attacks has shown that the vast majority of malicious attempts against both physical and virtual IT systems were based or been initiated using social engineering methods. By identifying the importance of tackling efficiently cybersecurity threats and using the recent developments in machine learning, case based reasoning and cybersecurity we propose and demonstrate a two-stage approach that detects social engineering attacks and is based on natural language processing, case-based reasoning and deep learning. Our approach can be applied in offline texts or real time environments and can identify whether a human, chatbot or offline conversation is a potential social engineering attack or not. Initially, the conversation text is parsed and checked for grammatical errors using natural language processing techniques and case-based reasoning and then deep learning is used to identify and isolate possible attacks. Our proposed method is being evaluated using both real and semi-synthetic conversation points with high accuracy results. Comparison benchmarks are also presented for comparisons in both datasets.
|Publication status||Published - 2019|
|Event||Workshops Proceedings for the Twenty-seventh International Conference on Case-Based Reasoning: Case-based reasoning and deep learning workshop - |
Duration: 9 Sep 2019 → 9 Sep 2019
|Workshop||Workshops Proceedings for the Twenty-seventh International Conference on Case-Based Reasoning|
|Period||9/09/19 → 9/09/19|
Lansley, M., Polatidis, N., Kapetanakis, S., Amin, K., Samakovitis, G., & Petridis, M. (2019). Seen the villains: Detecting Social Engineering Attacks using Case-based Reasoning and Deep Learning. Paper presented at Workshops Proceedings for the Twenty-seventh International Conference on Case-Based Reasoning, .