Over 2000 books to read online or download to your PC, Kindle, Android, iPad, iPhone and any electronic book reader
Find an eBook by title or author...


----------------------
High Precision Detection of Business Email Compromise
Asaf Cidon - Lior Gavish - Itay Bleier - Nadia Korshun - Marco Schweighauser and Alexey Tsitkin
eBook Edition: 2019

Business email compromise (BEC) and employee impersonation have become one of the most costly cyber-security threats, causing over $12 billion in reported losses. Impersonation emails take several forms: for example, some ask fora wire transfer to the attacker’s account, while others lead the recipient to following a link, which compromises their credentials. Email security systems are not effective in detecting these attacks, because the attacks do not contain a clearly malicious payload and are personalized to the recipient.

We present BEC-Guard, a detector used at Barracuda Networks that prevents business email compromise attacks in real time using supervised learning. BEC-Guard has been in production since July 2017 and is part of the Barracuda Sentinel email security product. BEC-Guard detects attacks by relying on statistics about the historical email patterns that can be accessed via cloud email provider APIs.

The two main challenges when designing BEC-Guard are the need to label millions of emails to train its classifiers, and to properly train the classifiers when the occurrence of employee impersonation emails is very rare, which can bias the classification. Our key insight is to split the classification problem into two parts, one analyzing the header of the email, and the second applying natural language processing to detect phrases associated with BEC or suspicious links in the email body.

BEC-Guard utilizes the public APIs of cloud email providers both to automatically learn the historical communication patterns of each organization, and to quarantine emails in real-time. We evaluated BEC-Guard on a commercial dataset containing more than 4,000 attacks, and show it achieves a precision of98.2% and a false positive rate of less than one in five million emails (From Author)

eBook Contents

Introduction – Background - Intuition: Exploiting the Unique Attributes of Each Attack - Classifier and Feature Design - System Design – Evasion – Evaluation - Related Work - Conclusions

eBook License:
Copyrighted from Barracuda Networks, The Columbia University and Usenix Association

Free PDF eBook – 563 Kb - 18 Pages
Welcome to eBooks for All! On this site you can read online for free and legally digital books (eBooks) or download them directly to your PC, eBook reader, Tablet or smartphone.
Last 10 added electronic books
Analysis of The Characteristics and Content Of Twitch Live-Streaming 
How artificial intelligence works 
Learning, Freedom and the Web - Mozilla 
The Theory and Practice of Online Learning 
Using Content Marketing to Generate Demand, Create New Audiences 
Online Communities 
The Ethics of Artificial Intelligence 
The Stages of Inbound Marketing 
Inbound Marketing for Small Businesses 
Tracking Trends in Business Email Compromise (BEC) Schemes