Building and Evaluating an Annotated Corpus for Automated Recognition of Chat-Based Social Engineering Attacks

Building and Evaluating an Annotated Corpus for Automated Recognition of Chat-Based Social Engineering Attacks

Chat-based Social Engineering (CSE) is widely recognized as a key factor to successful cyber-attacks, especially in small and medium-sized enterprise (SME) environments. Despite the interest in preventing CSE attacks, few studies have considered the specific features of the language used by the atta...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Nikolaos Tsinganos, Ioannis Mavridis
Formato: article
Lenguaje:EN
Publicado: MDPI AG 2021
Materias:
cybersecurity
sensitive data
social engineering
corpus
annotation
chat-based attack
Technology
T
Engineering (General). Civil engineering (General)
TA1-2040
Biology (General)
QH301-705.5
Physics
QC1-999
Chemistry
QD1-999
Acceso en línea:https://doaj.org/article/c99db71197604b4d8070cefbc01d5bce
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:doaj.org-article:c99db71197604b4d8070cefbc01d5bce
record_format dspace
spelling oai:doaj.org-article:c99db71197604b4d8070cefbc01d5bce2021-11-25T16:39:36ZBuilding and Evaluating an Annotated Corpus for Automated Recognition of Chat-Based Social Engineering Attacks10.3390/app1122108712076-3417https://doaj.org/article/c99db71197604b4d8070cefbc01d5bce2021-11-01T00:00:00Zhttps://www.mdpi.com/2076-3417/11/22/10871https://doaj.org/toc/2076-3417Chat-based Social Engineering (CSE) is widely recognized as a key factor to successful cyber-attacks, especially in small and medium-sized enterprise (SME) environments. Despite the interest in preventing CSE attacks, few studies have considered the specific features of the language used by the attackers. This work contributes to the area of early-stage automated CSE attack recognition by proposing an approach for building and annotating a specific-purpose corpus and presenting its application in the CSE domain. The resulting CSE corpus is then evaluated by training a bi-directional long short-term memory (bi-LSTM) neural network for the purpose of named entity recognition (NER). The results of this study emphasize the importance of adding a plethora of metadata to a dataset to provide critical in-context features and produce a corpus that broadens our understanding of the tactics used by social engineers. The outcomes can be applied to dedicated cyber-defence mechanisms utilized to protect SME employees using Electronic Medium Communication (EMC) software.Nikolaos TsinganosIoannis MavridisMDPI AGarticlecybersecuritysensitive datasocial engineeringcorpusannotationchat-based attackTechnologyTEngineering (General). Civil engineering (General)TA1-2040Biology (General)QH301-705.5PhysicsQC1-999ChemistryQD1-999ENApplied Sciences, Vol 11, Iss 10871, p 10871 (2021)
institution DOAJ
collection DOAJ
language EN
topic cybersecurity
sensitive data
social engineering
corpus
annotation
chat-based attack
Technology
T
Engineering (General). Civil engineering (General)
TA1-2040
Biology (General)
QH301-705.5
Physics
QC1-999
Chemistry
QD1-999
spellingShingle cybersecurity
sensitive data
social engineering
corpus
annotation
chat-based attack
Technology
T
Engineering (General). Civil engineering (General)
TA1-2040
Biology (General)
QH301-705.5
Physics
QC1-999
Chemistry
QD1-999
Nikolaos Tsinganos
Ioannis Mavridis
Building and Evaluating an Annotated Corpus for Automated Recognition of Chat-Based Social Engineering Attacks
description Chat-based Social Engineering (CSE) is widely recognized as a key factor to successful cyber-attacks, especially in small and medium-sized enterprise (SME) environments. Despite the interest in preventing CSE attacks, few studies have considered the specific features of the language used by the attackers. This work contributes to the area of early-stage automated CSE attack recognition by proposing an approach for building and annotating a specific-purpose corpus and presenting its application in the CSE domain. The resulting CSE corpus is then evaluated by training a bi-directional long short-term memory (bi-LSTM) neural network for the purpose of named entity recognition (NER). The results of this study emphasize the importance of adding a plethora of metadata to a dataset to provide critical in-context features and produce a corpus that broadens our understanding of the tactics used by social engineers. The outcomes can be applied to dedicated cyber-defence mechanisms utilized to protect SME employees using Electronic Medium Communication (EMC) software.
format article
author Nikolaos Tsinganos
Ioannis Mavridis
author_facet Nikolaos Tsinganos
Ioannis Mavridis
author_sort Nikolaos Tsinganos
title Building and Evaluating an Annotated Corpus for Automated Recognition of Chat-Based Social Engineering Attacks
title_short Building and Evaluating an Annotated Corpus for Automated Recognition of Chat-Based Social Engineering Attacks
title_full Building and Evaluating an Annotated Corpus for Automated Recognition of Chat-Based Social Engineering Attacks
title_fullStr Building and Evaluating an Annotated Corpus for Automated Recognition of Chat-Based Social Engineering Attacks
title_full_unstemmed Building and Evaluating an Annotated Corpus for Automated Recognition of Chat-Based Social Engineering Attacks
title_sort building and evaluating an annotated corpus for automated recognition of chat-based social engineering attacks
publisher MDPI AG
publishDate 2021
url https://doaj.org/article/c99db71197604b4d8070cefbc01d5bce
work_keys_str_mv AT nikolaostsinganos buildingandevaluatinganannotatedcorpusforautomatedrecognitionofchatbasedsocialengineeringattacks
AT ioannismavridis buildingandevaluatinganannotatedcorpusforautomatedrecognitionofchatbasedsocialengineeringattacks
_version_ 1718413102105493504

Ejemplares similares