A carregar...
Publicação
ROBOPHISH: um sistema de robôs de software (RPA) para agilizar e automatizar o tratamento do phishing
| Nome: | Descrição: | Tamanho: | Formato: | |
|---|---|---|---|---|
| 3.38 MB | Adobe PDF |
Orientador(es)
Resumo(s)
Atualmente o phishing apresenta-se como uma ameaça relevante e pertinente, dado o aumento significativo da quantidade e complexidade deste ataque. É recorrente os utilizadores receberem grandes quantidades de emails de phishing, quer no contexto empresarial como no pessoal, sendo possível que estes representem um impacto muito significativo nas vítimas. A sofisticação deste tipo de ataques é cada vez maior, verificando-se um aumento de ataques de spear phishing, altamente direcionados, bem redigidos e eficazes. Estes ataques servem frequentemente como mecanismo para levar à infeção com malware mais sofisticado que, por sua vez, pode incluir novos tipos de ransomware ou wipers. Concorrentemente os processos atuais de resposta a esta crise ainda são pouco integrados, pouco eficientes e muito ad-hoc. Estes fatores levam a um dificuldade acrescida na prevenção e mitigação do phishing, fazendo deste um problema atual e complexo. Neste projeto são analisados os atuais processos e iniciativas da Altice Portugal e é proposta uma solução inovadora mais automatizada e integrada, tirando partido de tecnologias emergentes: Robotic Process Automation (RPA) e Crowdsourcing. O sistema RoboPHISH surge então com o objetivo de colmatar este problema, tendo como objetivo principal o bloquear os emails maliciosos enquanto são dadas respostas de forma eficaz e rápida aos colaboradores. O RoboPHISH é uma ferramenta capaz de tirar partido do RPA para extrair e analisar emails que os colaboradores consideraram suspeitos e atribuir uma classificação aos mesmos. O sistema está divido em três componentes principais, a primeira corresponde à denúncia dos emails, a segunda à análise e atribuição de categoria dos mesmos e por último a atuação junto das plataformas para mitigar o problema. O sistema foi desenvolvido, testado e encontra-se neste momento em produção na Direção de Cibersegurança (DCY), mostrando ser uma ferramenta útil e eficaz no combate ao phishing e apresentando resultados promissores.
Nowadays phishing attacks are a relevant and pertinent threat given the substantial increase in their quality and quantity. Mailboxes filled with phishing emails are common occurrences, whether in a personal of professional context, possibly impacting significant their victims. The sophistication in these attacks is increasing, with a greater number of spear phishing attacks, highly targeted, well written and effective. These attacks frequently serve as a vehicle to install sophisticated malware that may contain new types of ransomware or wipers. The current processes to respond to this crisis are not fully capable of dealing with it, being poorly integrated, inefficient and ad-hoc. These problems lead to a difficulty in the prevention and mitigation of phishing attacks, making this a current and complex problem. In this project the current processes and initiatives of the company (Altice Portugal) are analyzed and a more automated and integrated innovative solution is proposed. This solution takes advantage of emerging technologies: Robotic Process Automation (RPA) and Crowdsourcing. The RoboPHISH system emerges with the aim of addressing this problem, with the main goal of blocking malicious emails while giving efficient and quick responses to the employees. RoboPHISH is a tool capable of taking advantage of RPA to extract and analyze emails that employees consider suspicious and assign a rating to them. The system is divided into three main components, the first being the email report, the second the analyses and categorization of the email and the third the mitigation of the attack in the correct platforms. The system was developed, tested and is currently in production at Direção de Cibersegurança (DCY), showing to be a useful and effective tool in combating phishing and presenting promising results.
Nowadays phishing attacks are a relevant and pertinent threat given the substantial increase in their quality and quantity. Mailboxes filled with phishing emails are common occurrences, whether in a personal of professional context, possibly impacting significant their victims. The sophistication in these attacks is increasing, with a greater number of spear phishing attacks, highly targeted, well written and effective. These attacks frequently serve as a vehicle to install sophisticated malware that may contain new types of ransomware or wipers. The current processes to respond to this crisis are not fully capable of dealing with it, being poorly integrated, inefficient and ad-hoc. These problems lead to a difficulty in the prevention and mitigation of phishing attacks, making this a current and complex problem. In this project the current processes and initiatives of the company (Altice Portugal) are analyzed and a more automated and integrated innovative solution is proposed. This solution takes advantage of emerging technologies: Robotic Process Automation (RPA) and Crowdsourcing. The RoboPHISH system emerges with the aim of addressing this problem, with the main goal of blocking malicious emails while giving efficient and quick responses to the employees. RoboPHISH is a tool capable of taking advantage of RPA to extract and analyze emails that employees consider suspicious and assign a rating to them. The system is divided into three main components, the first being the email report, the second the analyses and categorization of the email and the third the mitigation of the attack in the correct platforms. The system was developed, tested and is currently in production at Direção de Cibersegurança (DCY), showing to be a useful and effective tool in combating phishing and presenting promising results.
Descrição
Trabalho de projeto de mestrado, Engenharia Informática (Sistemas de Informação) Universidade de Lisboa, Faculdade de Ciências, 2020
Palavras-chave
Phishing Automação RPA Cibersegurança Crowdsourcing Teses de mestrado - 2020