Research On Social Engineering Simulation Evaluation Model And Attack Detection Method

Social engineering has a long history,and the rapid development of the mobile Internet has given it a new style.With the popularity of social networks,it once became one of the most common attacks in the current cyberspace.Social engineering regards people as the weakest in the system,and launches attacks the target-oriented psychological cognitive domain and social relationship domain,so it has the characteristics of changeable,complex and unpredictable forms.Telecom fraud is as one of the typical forms of social engineering,and it is still difficult to eradicate under vigorous crackdown of the state,and the crime of telecom fraud is still rampant.Therefore,to deal with the complex and changeable forms of social engineering attacks,this thesis establishes a simulation evaluation model of the social engineering attacks to achieve a quantitative evaluation model for the social engineering attack simulations.As a social engineering attack that has a wide range of influence and great harm,the attackers use the information difference between the target person and them on the phone to create a tense atmosphere,so that the target person cannot detect the attacker’s logic loopholes and achieve their goal of fraud.In view of this scenario,this thesis proposes a fraud semantic model,constructs a standard fraud script corpus and completes the corresponding attack detection.The main research work and innovation points are as follows:(1)Aiming at the problem of imperfect social engineering simulation evaluation,this thesis proposes a social engineering kill chain simulation evaluation model,which realizes the quantitative evaluation of the effectiveness of social engineering kill chain simulation.In the process of social engineering attack kill chain simulation,this thesis combines the execution steps of the social engineering attack to construct the social engineering kill chain and abstract the simulation evaluation model which ensure the comprehensiveness of the simulation,the authenticity of the data and the reliability of the simulation execution process.By evaluating each unit of the evaluation model,the simulation evaluation of the social engineering kill chain is effectively realized.(2)Aiming at the problem of the lack of a standardized fraud scripts corpus,this thesis proposes a fraud scripts corpus construction method for the telephone scenario,and realizes the construction of the corpus in this scenario.This thesis completes the collection of corpus data through multiple channels.This thesis de-anonymizes the collected real few-shot,and constructs a semantic pattern model by extracting key information in the samples.And take this as a entry point to build a thesaurus and atomic sentence library for sample expansion,forming a canonical telephone scam script corpus through lexical replacement technology and instance crossover augmentation.(3)Aiming at the lack of interpretability of the current text multi-classification task based on neural network model,this thesis proposes a telecom fraud script multi-classification detection algorithm based on subject word extraction,which provides an interpretable basis for fraud detection in telephone scenarios.This thesis completes the classification of fraud scenarios by constructing a feature selection dictionary for telephone fraud scenarios.In addition,by comparing with the existing text multi-classification model based on neural network model,the detection algorithm proposed in this thesis can accurately screen out the text containing semantics and point put the logical loopholes in the text,which has the interpretability that the neural network models lack.