多机构协同反网络钓鱼培训系统设计

Proceedings of the 21st International Conference on Information Integration and Web-based Applications & Services Pub Date : 2019-12-02 DOI:10.1145/3366030.3366086

Masayuki Higashino

{"title":"多机构协同反网络钓鱼培训系统设计","authors":"Masayuki Higashino","doi":"10.1145/3366030.3366086","DOIUrl":null,"url":null,"abstract":"Phishing is a dangerous threat to organizations. A sender of a phishing email pretends to be a trusted person to steal valuable information, including personal identity data and credentials. If a targeted organization is sent a large number of attack emails, many members will be stolen valuable information. As a result, there are cases where the damage spreads by attack techniques in which targeted attack emails are sent in chaining from the account to other organizations. It is difficult to defend from such an attack by a single organization alone. In this paper, we design a system that can share information about phishing attack emails quickly and perform an anti-phishing training between multiple organizations. This system semi-automatically detoxifies and anonymizes attack emails received by an organization and shares it with multiple organizations. Each organization becomes possible to perform semiautomatic and continuous anti-phishing training using current attacking information.","PeriodicalId":446280,"journal":{"name":"Proceedings of the 21st International Conference on Information Integration and Web-based Applications & Services","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"A Design of an Anti-Phishing Training System Collaborated with Multiple Organizations\",\"authors\":\"Masayuki Higashino\",\"doi\":\"10.1145/3366030.3366086\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Phishing is a dangerous threat to organizations. A sender of a phishing email pretends to be a trusted person to steal valuable information, including personal identity data and credentials. If a targeted organization is sent a large number of attack emails, many members will be stolen valuable information. As a result, there are cases where the damage spreads by attack techniques in which targeted attack emails are sent in chaining from the account to other organizations. It is difficult to defend from such an attack by a single organization alone. In this paper, we design a system that can share information about phishing attack emails quickly and perform an anti-phishing training between multiple organizations. This system semi-automatically detoxifies and anonymizes attack emails received by an organization and shares it with multiple organizations. Each organization becomes possible to perform semiautomatic and continuous anti-phishing training using current attacking information.\",\"PeriodicalId\":446280,\"journal\":{\"name\":\"Proceedings of the 21st International Conference on Information Integration and Web-based Applications & Services\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-12-02\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings of the 21st International Conference on Information Integration and Web-based Applications & Services\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1145/3366030.3366086\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 21st International Conference on Information Integration and Web-based Applications & Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3366030.3366086","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

网络钓鱼对组织来说是一种危险的威胁。发送网络钓鱼邮件的人假装是受信任的人，窃取有价值的信息，包括个人身份数据和凭据。如果一个目标组织收到大量的攻击邮件，许多成员的宝贵信息将被窃取。因此，在某些情况下，损害会通过攻击技术传播，其中有针对性的攻击电子邮件会从该帐户连锁地发送到其他组织。单靠一个组织是很难抵御这种攻击的。在本文中，我们设计了一个可以快速共享网络钓鱼攻击邮件信息并在多个组织之间进行反网络钓鱼培训的系统。该系统半自动地对一个组织收到的攻击电子邮件进行解毒和匿名处理，并与多个组织共享。每个组织都可以使用当前的攻击信息执行半自动和连续的反网络钓鱼培训。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Design of an Anti-Phishing Training System Collaborated with Multiple Organizations

Phishing is a dangerous threat to organizations. A sender of a phishing email pretends to be a trusted person to steal valuable information, including personal identity data and credentials. If a targeted organization is sent a large number of attack emails, many members will be stolen valuable information. As a result, there are cases where the damage spreads by attack techniques in which targeted attack emails are sent in chaining from the account to other organizations. It is difficult to defend from such an attack by a single organization alone. In this paper, we design a system that can share information about phishing attack emails quickly and perform an anti-phishing training between multiple organizations. This system semi-automatically detoxifies and anonymizes attack emails received by an organization and shares it with multiple organizations. Each organization becomes possible to perform semiautomatic and continuous anti-phishing training using current attacking information.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings of the 21st International Conference on Information Integration and Web-based Applications & Services

自引率

0.00%

发文量