TY - JOUR AU - Shi, Zheyuan Ryan AU - Schlenker, Aaron AU - Hay, Brian AU - Bittleston, Daniel AU - Gao, Siyu AU - Peterson, Emily AU - Trezza, John AU - Fang, Fei PY - 2020/04/03 Y2 - 2024/03/29 TI - Draining the Water Hole: Mitigating Social Engineering Attacks with CyberTWEAK JF - Proceedings of the AAAI Conference on Artificial Intelligence JA - AAAI VL - 34 IS - 08 SE - IAAI Technical Track: Emerging Papers DO - 10.1609/aaai.v34i08.7050 UR - https://ojs.aaai.org/index.php/AAAI/article/view/7050 SP - 13363-13368 AB - <p>Cyber adversaries have increasingly leveraged social engineering attacks to breach large organizations and threaten the well-being of today's online users. One clever technique, the “watering hole” attack, compromises a legitimate website to execute drive-by download attacks by redirecting users to another malicious domain. We introduce a game-theoretic model that captures the salient aspects for an organization protecting itself from a watering hole attack by altering the environment information in web traffic so as to deceive the attackers. Our main contributions are (1) a novel Social Engineering Deception (SED) game model that features a continuous action set for the attacker, (2) an in-depth analysis of the SED model to identify computationally feasible real-world cases, and (3) the C<span style="font-variant: small-caps;">yber</span>TWEAK algorithm which solves for the optimal protection policy. To illustrate the potential use of our framework, we built a browser extension based on our algorithms which is now publicly available online. The C<span style="font-variant: small-caps;">yber</span>TWEAK extension will be vital to the continued development and deployment of countermeasures for social engineering.</p> ER -