User-profiling is an interesting approach to countering phishing. In fact, the idea that user training might be implemented via tailored software somewhat resembles an approach to anti-malware that Jeff Debrosse and I discussed at Virus Bulletin a few years ago. Malice Through the Looking Glass: Behaviour Analysis for the Next Decade.
When we talk about behaviour analysis in this sector of the industry we’re usually referring to examination of the way that a program behaves in order to assess how likely it is to be malicious. The idea we put forward was that another (supplementary) approach would be to analyse the behaviour of the PC user and use that analysis to flag risky behaviour and attempt some sort of remediation. We didn’t consider implementation details – Virus Bulletin doesn’t like you to go over 6,000 words! – but one approach in a corporate product would be to alert not only the user, but the system administrator, who might recommend training for instance. In a training tool, risky behaviour might be addressed by switching the subject to a different, more intensive module, for instance. I’d think that would be compatible with the future research envisaged by the authors of the paper.
SOURCE: welivesecurity.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Experts Insight On US Pipeline Shut After Cyberattack
Most Active Commenters
Recent Comments
“Cybersecurity Awareness Month’s new evergreen theme "Secure Our World” is…
“Avoid storing data on personal devices: A crucial but often overlooked…
“I recommend a new nuance to passwords that isn’t often…
“In my role overseeing cloud environments and incident response, I'm…
“Cybersecurity Awareness Month serves as a reminder to confront the…