סמינר מחלקתי

Nancy Sarah Yacovzada and Michal Yaacov - Department of Industrial Engineering

Abstract:

Often the weakest link in security is not technology, but rather the people who use it. Moreover, it is well-known that most security breaches come from within the organization. While in some cases, such breaches are caused by malicious employees, often they are caused by vulnerable (naive) ones, for example by browsing malicious web sites. Our work aims at providing an automated scheme for the detection of such risky browsing behavior performed by vulnerable users. We do that by modelling and analyzing the interaction between two modules: one represents vulnerable users and the other represents risky web pages. In particular, we suggest an implementation of a closed-feedback loop between these modules, such that if a web page is exposed to a lot of traffic from risky users its "risk score" is increased, and in a similar way, if a user is exposed to risky websites (with high "risk score"), his own "risk score" is increased. We demonstrate the capabilities of our scheme using a large-scale real-world dataset of HTTP logs provided to us by an American toolbar

company. Preliminary results are encouraging: the closed-feedback learning process of web

pages and users can improve the detection process and lead to the detection of unknown

malicious web pages.

This work was performed under the supervision of Prof. Irad Ben-Gal.

ההרצאה תתקיים ביום שלישי 12.05.15, בשעה 14:00 בחדר 206, בנין וולפסון הנדסה, הפקולטה להנדסה, אוניברסיטת תל-אביב.