DID YOU KNOW? DTIC has over 3.5 million final reports on DoD funded research, development, test, and evaluation activities available to our registered users. Click
HERE to register or log in.
Accession Number:
AD1018750
Title:
To Click or Not to Click Technology and Human Factors to Mitigate Phishing Attacks on Air Force Networks
Descriptive Note:
Technical Report
Corporate Author:
AIR WAR COLL MAXWELL AFB AL MAXWELL AFB United States
Report Date:
2011-02-17
Pagination or Media Count:
21.0
Abstract:
Todays Air Force networks are under frequent attack. One of the most pernicious threats is a sophisticated phishing attack that can lead to complete network penetration. Once an adversary has gained network entry, they are in a position to exfiltrate sensitive data or pursue even more active forms of sabotage. Given this threat, it is imperative that the Air Force maintain effective defenses in the face of rapidly adapting and evolving enemies. However, there is room for improvement in AF defenses. As we will show, there are promising technical advances proposed in current research can help mitigate the threat. Additionally, while some advocate moving to purely technical defenses and thereby attempting to remove any reliance on end-user reactions, we are convinced user education will continue to play an important role to increase effectiveness in AF defenses. This research effort was undertaken in response to a request from Air Staff A35 to determine potential solutions to common phishing e-mail attacks for immediate use in AF Network defense tactics development and employment. A phishing attack uses technical subterfuges to exploit human users in the network. As phishing has both technical and human aspects, the most effective counter will contain both technical and human elements. Specifically, we recommend isolating the users interaction with the Internet most usually a web browser inside of a temporary virtual machine and implementing a user education campaign that includes an exercise component to reinforce desired user behaviors. Additionally, we discover there may be opportunity to enhance protection at the network boundary with advanced scanning methods.
Distribution Statement:
APPROVED FOR PUBLIC RELEASE
