Research On The Defense Technology Of Social-Engineering-Attacks

Nowadays, along with the rapid development of the Internet, personal security of the network is suffering from various forms of threats. With the rising of APT (Advanced Persistent Threat), the traditional method of network security is facing challenges. According to statistics, Social-Engineering-Attacks have become the main method of APT attacks, so it’s very important to study on the defense technology of Social-Engineering-Attacks.This article deeply studies on the methods and technologies of Social-Engineering-Attacks and analyses the effective way to defend this kind of attacks. The electronic-mailbox is facing huge threat of Social-Engineering-Attacks, it will be normal that the attacker using Social-Engineering-Attacks skills with e-mail to attack a certain personal. Therefore, the detection and filtering of Social-Engineering-Attacks e-mail that block the chain of Social-Engineering-Attacks, is the most basic and the core means against social engineering attack.Studying on a large number of Social-Engineering-Attacks emails submitted by the authority of the department, author made depth analysis and classified the Social-Engineering-Attacks emails into fishing emails, XSS emails, trojan in attachments emails then analyzed the common characteristics of the Social-Engineering-Attacks emails, and put forward some general features and take the simulation experiment to verifies the validity of these features in e-mail detection.On this basis, the article carried out a detailed design and implementation of Social-Engineering-Attacks emails detection system and described each part of the system and the topology structure, functions, databases entity relation, interfaces and other aspects. After the tests, the data of results proves that this system can effectively detect the Social-Engineering-Attacks emails. With further updating and maintenance of the knowledge-base, the recall rate and precision rate can stay at a higher level. So it proved that this plan could make effective guarantee for the defending of Social-Engineering-Attacks.