Detecting Asks in Social Engineering Attacks: Impact of Linguistic and Structural Knowledge

Authors

  • Bonnie Dorr Institute for Human and Machine Cognition
  • Archna Bhatia Institute for Human and Machine Cognition
  • Adam Dalton Institute for Human and Machine Cognition
  • Brodie Mather Institute for Human and Machine Cognition
  • Bryanna Hebenstreit SUNY at Albany
  • Sashank Santhanam UNC-Charlotte
  • Zhuo Cheng UNC-Charlotte
  • Samira Shaikh UNC-Charlotte
  • Alan Zemel SUNY at Albany
  • Tomek Strzalkowski Rensselaer Polytechnic Institute

DOI:

https://doi.org/10.1609/aaai.v34i05.6269

Abstract

Social engineers attempt to manipulate users into undertaking actions such as downloading malware by clicking links or providing access to money or sensitive information. Natural language processing, computational sociolinguistics, and media-specific structural clues provide a means for detecting both the ask (e.g., buy gift card) and the risk/reward implied by the ask, which we call framing (e.g., lose your job, get a raise). We apply linguistic resources such as Lexical Conceptual Structure to tackle ask detection and also leverage structural clues such as links and their proximity to identified asks to improve confidence in our results. Our experiments indicate that the performance of ask detection, framing detection, and identification of the top ask is improved by linguistically motivated classes coupled with structural clues such as links. Our approach is implemented in a system that informs users about social engineering risk situations.

Downloads

Published

2020-04-03

How to Cite

Dorr, B., Bhatia, A., Dalton, A., Mather, B., Hebenstreit, B., Santhanam, S., Cheng, Z., Shaikh, S., Zemel, A., & Strzalkowski, T. (2020). Detecting Asks in Social Engineering Attacks: Impact of Linguistic and Structural Knowledge. Proceedings of the AAAI Conference on Artificial Intelligence, 34(05), 7675-7682. https://doi.org/10.1609/aaai.v34i05.6269

Issue

Section

AAAI Technical Track: Natural Language Processing