User-profiling is an interesting approach to countering phishing. In fact, the idea that user training might be implemented via tailored software somewhat resembles an approach to anti-malware that Jeff Debrosse and I discussed at Virus Bulletin a few years ago. Malice Through the Looking Glass: Behaviour Analysis for the Next Decade.
When we talk about behaviour analysis in this sector of the industry we’re usually referring to examination of the way that a program behaves in order to assess how likely it is to be malicious. The idea we put forward was that another (supplementary) approach would be to analyse the behaviour of the PC user and use that analysis to flag risky behaviour and attempt some sort of remediation. We didn’t consider implementation details – Virus Bulletin doesn’t like you to go over 6,000 words! – but one approach in a corporate product would be to alert not only the user, but the system administrator, who might recommend training for instance. In a training tool, risky behaviour might be addressed by switching the subject to a different, more intensive module, for instance. I’d think that would be compatible with the future research envisaged by the authors of the paper.
SOURCE: welivesecurity.com
Most Commented Posts
2020 Cybersecurity Landscape: 100+ Experts’ Predictions
Cyber Security Predictions 2021: Experts’ Responses
Experts’ Responses: Cyber Security Predictions 2023
Celebrating Data Privacy Day – 28th January 2023
Data Privacy Protection Day (Thursday 28th) – Experts Comments
Most Active Commenters
Recent Comments
There are a number of commonly used verification tools out…
Phishing remains a relentless and highly effective cybersecurity threat. Despite…
Each year, Cybersecurity Awareness Month serves as a valuable reminder…
Chat systems such as Slack and Teams need to be…
“This is a sophisticated phishing scam that will catch out…