Gallo, Luigi (2022) A MACHINE AND HUMAN LEARNING APPROACH FOR PHISHING DEFENSE. [Tesi di dottorato]

[thumbnail of Gallo_Luigi_34.pdf]
Preview
Text
Gallo_Luigi_34.pdf

Download (3MB) | Preview
Item Type: Tesi di dottorato
Resource language: English
Title: A MACHINE AND HUMAN LEARNING APPROACH FOR PHISHING DEFENSE
Creators:
Creators
Email
Gallo, Luigi
luigi.gallo3@unina.it
Date: 9 October 2022
Number of Pages: 120
Institution: Università degli Studi di Napoli Federico II
Department: Ingegneria Elettrica e delle Tecnologie dell'Informazione
Dottorato: Information technology and electrical engineering
Ciclo di dottorato: 34
Coordinatore del Corso di dottorato:
nome
email
Riccio, Daniele
daniele.riccio@unina.it
Tutor:
nome
email
Botta, Alessio
UNSPECIFIED
Date: 9 October 2022
Number of Pages: 120
Keywords: Cybersecurity; Spam email; Phishing email; Machine learning; Security awareness; Human factor
Settori scientifico-disciplinari del MIUR: Area 09 - Ingegneria industriale e dell'informazione > ING-INF/05 - Sistemi di elaborazione delle informazioni
Date Deposited: 17 Oct 2022 21:11
Last Modified: 28 Feb 2024 11:32
URI: http://www.fedoa.unina.it/id/eprint/14360

Collection description

The email threat landscape is constantly evolving and hence difficult to counteract even by carrier-grade spam filters. Dangerous spam emails may thus reach the users and then result in damaging attacks spreading through the corporate network. This thesis describes a collaborative approach for early detection of malicious spam emails and its application in the context of large companies. By the joint effort of the employees and the security analysts during the last two years, a large dataset of potentially malicious spam emails has been collected with each email being labeled as critical or irrelevant spam. By analyzing the main distinguishing characteristics of dangerous emails, a set of both traditional and novel features was identified and then tested and optimized by applying common super-vised machine learning classifiers. The obtained massive experimental results show that Support Vector Machine and Random Forest classifiers achieve the best performance, with the optimized feature set of only 36 features achieving 91.6% Recall and 95.2% Precision. These results, confirmed by a large empirical experiment conducted on 40,000+ company employees, led to the re-engineering of the email threat management process to ensure a high level of security in the company, as well as an increased security awareness of all company employees. Building on the experience gained, we designed, implemented, and deployed a new system comprising a web application to test user awareness about phishing, featuring a survey to identify the most interesting characteristics of users, and fueled by a large and varied set of test emails engineered to solicit the several possible cognitive vulnerabilities we all have. Results obtained can guide the development of novel email clients as well as tailored training programmes. Data collected is available to the scientific community for conducting further studies on the important issue of e-mail phishing.

Downloads

Downloads per month over past year

Actions (login required)

View Item View Item