Analysis of the core research for vendor email compromise filtering model using machine learning

Ескіз

Файли

284121-664114-1-10-20230919.pdf (341.8 KB)

Дата

2023

Автори

Науковий керівник

Назва журналу

Номер ISSN

Назва тому

Видавець

Igor Sikorsky Kyiv Polytechnic Institute

Анотація

Vendor email compromise became one of most sophisticated types of social engineering attacks. Strengths of this malicious activity rely on basis of impersonating vendor that company working with. Thus, it is easy for attacker to exploit this trust for doing different type of data exfiltration or ransom. To mitigate risks, that come with these challenges, information security specialist should consider using different types of approaches, including machine learning, to identify anomalies in email, so further damages can be prevented. The purpose of this work lies in the identification of optimal approach for VEC-style attacks detection and optimizing these approaches with least amount of falsepositive (FP) parameters. The object of this research is different methods of text processing algorithms, including machine learning methods for detecting VEC emails. The subject of research in this paper mainly considers impact of mentioned text processing algorithms and its relation with efficiency of VEC email classification, identifying most effective approach and, also, how to improve results of such detections. Results of this paper consists of details for VEC-email attacks detection, challenges that comes with different approaches and proposed solution, that lies in using text processing techniques and agentrelated approach with main sphere of implication – machine-learning systems, that are used for identifying social-engineering attacks through email.

Опис

Ключові слова

VEC, email, machine learning, malicious activity

Бібліографічний опис

Zibarov, D. Аnalysis of the core research for vendor email compromise filtering model using machine learning / Dmytro Zibarov, Oleh Kozlenko // Theoretical and Applied Cybersecurity : scientific journal. – 2023. – Vol. 5, Iss. 1. – Pp. 87–90. – Bibliogr. 6 ref.

URI

https://ela.kpi.ua/handle/123456789/62376

DOI

https://doi.org/10.20535/tacs.2664-29132023.1.284121

Зібрання

Theoretical and Applied Cybersecurity: scientific journal, Vol. 5, No. 1