Hi [[ session.user.profile.firstName ]]

Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing

Historically, machine learning for information security has prioritized defense: think intrusion detection systems, malware classification and botnet traffic identification. Offense can benefit from data just as well. Social networks, especially Twitter with its access to extensive personal data, bot-friendly API, colloquial syntax and prevalence of shortened links, are the perfect venues for spreading machine-generated malicious content.

We present a recurrent neural network that learns to tweet phishing posts targeting specific users. The model is trained using spear phishing pen-testing data, and in order to make a click-through more likely, it is dynamically seeded with topics extracted from timeline posts of both the target and the users they retweet or follow. We augment the model with clustering to identify high value targets based on their level of social engagement such as their number of followers and retweets, and measure success using click-rates of IP-tracked links. Taken together, these techniques enable the world's first automated end-to-end spear phishing campaign generator for Twitter.

Presenters:
- Dr. Phil Tully, Senior Data Scientist, ZeroFOX
- John Seymour, Data Scientist, ZeroFOX
Recorded Dec 7 2016 49 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Dr. Phil Tully, Sr Data Scientist & John Seymour, Data Scientist at ZeroFOX
Presentation preview: Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
The latest trends and best practice advice from the leading experts
This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Weaponizing Data Science for Social Engineering: Automated E2E Spear Phishing
  • Live at: Dec 7 2016 5:00 pm
  • Presented by: Dr. Phil Tully, Sr Data Scientist & John Seymour, Data Scientist at ZeroFOX
  • From:
Your email has been sent.
or close