Ebooks for All

More than 3000 Free eBooks online

Search hundreds of books on our site

 Electronic books  Computers  Mail 

You can read/download the book clicking below:

URL :  High Precision Detection of Business Email Compromise
Author : Asaf Cidon - Lior Gavish - Itay Bleier - Nadia Korshun - Marco Schweighauser and Alexey Tsitkin
Detail : eBook Edition: 2019

Business email compromise (BEC) and employee impersonation have become one of the most costly cyber-security threats, causing over $12 billion in reported losses. Impersonation emails take several forms: for example, some ask fora wire transfer to the attacker’s account, while others lead the recipient to following a link, which compromises their credentials. Email security systems are not effective in detecting these attacks, because the attacks do not contain a clearly malicious payload and are personalized to the recipient.

We present BEC-Guard, a detector used at Barracuda Networks that prevents business email compromise attacks in real time using supervised learning. BEC-Guard has been in production since July 2017 and is part of the Barracuda Sentinel email security product. BEC-Guard detects attacks by relying on statistics about the historical email patterns that can be accessed via cloud email provider APIs.

The two main challenges when designing BEC-Guard are the need to label millions of emails to train its classifiers, and to properly train the classifiers when the occurrence of employee impersonation emails is very rare, which can bias the classification. Our key insight is to split the classification problem into two parts, one analyzing the header of the email, and the second applying natural language processing to detect phrases associated with BEC or suspicious links in the email body.

BEC-Guard utilizes the public APIs of cloud email providers both to automatically learn the historical communication patterns of each organization, and to quarantine emails in real-time. We evaluated BEC-Guard on a commercial dataset containing more than 4,000 attacks, and show it achieves a precision of98.2% and a false positive rate of less than one in five million emails (From Author)

eBook Contents

Introduction – Background - Intuition: Exploiting the Unique Attributes of Each Attack - Classifier and Feature Design - System Design – Evasion – Evaluation - Related Work - Conclusions

eBook License:
Copyrighted from Barracuda Networks, The Columbia University and Usenix Association

Free PDF eBook – 563 Kb - 18 Pages
Category : 
Rating : 
0.00 (0 Votes)

© 2008-2020 Ebooks for all - Responsive Website v.2.4.7

Home | Contact | About us | Privacy Policy | Cookies Management | Legal Notice