Behavioural modelling of social engineering based malicious software presented at Virus Bulletin 2006

by Matthew Braverman (Microsoft),

Tags: Security


Summary : "Some of the most active threats in the wild today exploit weaknesses in the component
with the largest attack surface area in the end-to-end operation of a computer: the
user. Malicious software such as Sober, Netsky, Bagle, and Mywife can take control of
a computer not because of any software bug or vulnerability but because they somehow
lure the user to execute them, usually by running an attachment of an email. This paper
will provide examples of poignant social engineering 'exploits' over the past few years
and attempt to construct a model, using telemetry from Microsoft's Windows Malicious Software
Removal Tool, that can predict the prevalence of a specific social engineering threat based
on its characteristics and appeal to the user."