Study on the effectiveness of the security countermeasures against spear phishing

Misun Song, Junseok Seo, Kyung Ho Lee

Research output: Chapter in Book/Report/Conference proceedingConference contribution

1 Citation (Scopus)

Abstract

The presentation entitled ICS Spear Phishing, held at the 2013 edition of Digital Bond’s Supervisory Control and Data Acquisition (SCADA) Security Scientific Symposium (S4) demonstrated that an attacker could employ a spear phishing attack to obtain rights to the accounts of the Industrial Control System (ICS) administrators or technicians. Motivated by this announcement, this paper analyzes the definition, principle, and problem of spear phishing, which is a social engineering attack. Furthermore, the need for countermeasures to the attack was presented. Attacks with spear phishing are gradually increased, but the existing system used in many organizations (e.g. e-mail filtering system) cannot follow the trend utilized by most attackers. Also, organizations have yet to establish adequate countermeasures, much less any standards for the countermeasures, to the problem of spear phishing. There is an urgent need to accomplish these objectives because the attack is gradually evolving. In summary, this paper advocates the awareness of the spear phishing threat and the implementation of countermeasures such as security education or simulation. In addition, it suggests on how to carry out the simulation effectively and how to quantify the gathered data.

Original languageEnglish
Title of host publicationInformation Security Applications - 15th International Workshop, WISA 2014, Revised Selected Papers
PublisherSpringer Verlag
Pages394-404
Number of pages11
Volume8909
ISBN (Electronic)9783319150864
DOIs
Publication statusPublished - 2015
Event15th International Workshop on Information Security Applications, WISA 2014 - , Korea, Republic of
Duration: 2014 Aug 252014 Aug 27

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume8909
ISSN (Print)03029743
ISSN (Electronic)16113349

Other

Other15th International Workshop on Information Security Applications, WISA 2014
CountryKorea, Republic of
Period14/8/2514/8/27

    Fingerprint

Keywords

  • Phishing
  • Policy
  • Simulation
  • Social engineering

ASJC Scopus subject areas

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Song, M., Seo, J., & Lee, K. H. (2015). Study on the effectiveness of the security countermeasures against spear phishing. In Information Security Applications - 15th International Workshop, WISA 2014, Revised Selected Papers (Vol. 8909, pp. 394-404). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 8909). Springer Verlag. https://doi.org/10.1007/978-3-319-15087-1_31