2 Years in the anti-phishing group of a large company. Issue 105 (June 2021)
- Record Type:
- Journal Article
- Title:
- 2 Years in the anti-phishing group of a large company. Issue 105 (June 2021)
- Main Title:
- 2 Years in the anti-phishing group of a large company
- Authors:
- Gallo, Luigi
Maiello, Alessandro
Botta, Alessio
Ventre, Giorgio - Abstract:
- Abstract: The email threat landscape is constantly evolving and hence difficult to counteract even by carrier-grade spam filters. Dangerous spam emails may thus reach the users and then result in damaging attacks spreading through the corporate network. This paper describes a collaborative approach for early detection of malicious spam emails and its application in the context of large companies. By the joint effort of the employees and the security analysts during the last two years, a large dataset of potentially malicious spam emails has been collected with each email being labeled as critical or irrelevant spam. By analyzing the main distinguishing characteristics of dangerous emails, a set of both traditional and novel features was identified and then tested and optimized by applying common supervised machine learning classifiers. The obtained massive experimental results show that Support Vector Machine and Random Forest classifiers achieve the best performance, with the optimized feature set of only 36 features achieving 91.6% Recall and 95.2% Precision. These results, confirmed by a large empirical experiment conducted on 40, 000+ company employees, led to the re-engineering of the email threat management process to ensure a high level of security in the company, as well as an increased security awareness of all company employees.
- Is Part Of:
- Computers & security. Issue 105(2021)
- Journal:
- Computers & security
- Issue:
- Issue 105(2021)
- Issue Display:
- Volume 105, Issue 105 (2021)
- Year:
- 2021
- Volume:
- 105
- Issue:
- 105
- Issue Sort Value:
- 2021-0105-0105-0000
- Page Start:
- Page End:
- Publication Date:
- 2021-06
- Subjects:
- Cybersecurity -- Spam email -- Phishing email -- Machine learning -- Security awareness
Computer security -- Periodicals
Electronic data processing departments -- Security measures -- Periodicals
005.805 - Journal URLs:
- http://www.sciencedirect.com/science/journal/01674048 ↗
http://www.elsevier.com/journals ↗ - DOI:
- 10.1016/j.cose.2021.102259 ↗
- Languages:
- English
- ISSNs:
- 0167-4048
- Deposit Type:
- Legaldeposit
- View Content:
- Available online (eLD content is only available in our Reading Rooms) ↗
- Physical Locations:
- British Library DSC - 3394.781000
British Library DSC - BLDSS-3PM
British Library HMNTS - ELD Digital store - Ingest File:
- 22892.xml