Language Properties of Phone Scammers: Cyberdefense At the Level of the Human
by Judith Tabron
The prevalence of human interactive components of serious system breaches continues to be a problem for every organization. Humans are the biggest vulnerability in any security system; helping people identify social engineering attempts over the phone will be cheaper and more effective than yet another technological implementation. At minimum it will add an important and necessary layer to defense in depth.
Forensic linguistics is the study of language as evidence for the law. It is a relatively new field and has not previously been applied to cybersecurity. Linguistic analysis uncovers several features of language interaction in a limited data set (recorded IRS phone scammers) that begin to answer how forensic linguistics could assist in cybersecurity defense.
This presentation will briefly introduce and explain polar tag questions, topic control, question deferral, and irregular narrative constructions in IRS scam phone calls, and offer some starting points for identifying such linguistic properties during the course of a phone call to help improve defense at the human level. We think this is only the beginning of applying forensic linguistics to cybersecurity.
Видео Language Properties of Phone Scammers: Cyberdefense At the Level of the Human канала Black Hat
The prevalence of human interactive components of serious system breaches continues to be a problem for every organization. Humans are the biggest vulnerability in any security system; helping people identify social engineering attempts over the phone will be cheaper and more effective than yet another technological implementation. At minimum it will add an important and necessary layer to defense in depth.
Forensic linguistics is the study of language as evidence for the law. It is a relatively new field and has not previously been applied to cybersecurity. Linguistic analysis uncovers several features of language interaction in a limited data set (recorded IRS phone scammers) that begin to answer how forensic linguistics could assist in cybersecurity defense.
This presentation will briefly introduce and explain polar tag questions, topic control, question deferral, and irregular narrative constructions in IRS scam phone calls, and offer some starting points for identifying such linguistic properties during the course of a phone call to help improve defense at the human level. We think this is only the beginning of applying forensic linguistics to cybersecurity.
Видео Language Properties of Phone Scammers: Cyberdefense At the Level of the Human канала Black Hat
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![First Contact - Vulnerabilities in Contactless Payments](https://i.ytimg.com/vi/YmJ4ULncNwg/default.jpg)
![How the Security Features in TLS Inspection Solutions can be Exploited for Covert Data Exfiltration](https://i.ytimg.com/vi/Wo2PiS9eLAk/default.jpg)
![iOS Kernel PAC, One Year Later](https://i.ytimg.com/vi/7zCBOFxATFs/default.jpg)
![Come to the Dark Side, We Have Apples: Turning macOS Management Evil](https://i.ytimg.com/vi/pOQOh07eMxY/default.jpg)
![Beyond Root: Custom Firmware for Embedded Mobile Chipsets](https://i.ytimg.com/vi/5mRbq0d2Nss/default.jpg)
![Needing the DoH: The Ongoing Encryption and Centralization of DNS](https://i.ytimg.com/vi/XCnE2o2pfxs/default.jpg)
![hAFL1: Our Journey of Fuzzing Hyper-V and Discovering a 0-Day](https://i.ytimg.com/vi/ALcm6pmR8ck/default.jpg)
![RCE-as-a-Service: Lessons Learned from 5 Years of Real-World CI/CD Pipeline Compromise](https://i.ytimg.com/vi/Pe9nJLZvABM/default.jpg)
![Escaping Virtualized Containers](https://i.ytimg.com/vi/0hrv0qyOEd0/default.jpg)
![Portable Data exFiltration: XSS for PDFs](https://i.ytimg.com/vi/kMirO25kulw/default.jpg)
![Chip.Fail - Glitching the Silicon of the Connected World](https://i.ytimg.com/vi/CX71p_qcCxY/default.jpg)
![My Cloud is APT's Cloud: Investigating and Defending Office 365](https://i.ytimg.com/vi/ia0T8i7LAAI/default.jpg)
![Attack on Titan M, Reloaded: Vulnerability Research on a Modern Security Chip](https://i.ytimg.com/vi/bCjkAkXiwK4/default.jpg)
![The B-MAD Approach to Threat Modeling](https://i.ytimg.com/vi/N5icvgTyg7k/default.jpg)
![Hey Google, Activate Spyware! – When Google Assistant Uses a Vulnerability as a Feature](https://i.ytimg.com/vi/IO5iBSV1VpE/default.jpg)
![Hacking a Capsule Hotel - Ghost in the Bedrooms](https://i.ytimg.com/vi/oO-WFAIK01s/default.jpg)
![Breaking Firmware Trust From Pre-EFI: Exploiting Early Boot Phases](https://i.ytimg.com/vi/Z81s7UIiwmI/default.jpg)
![Hiding Objects from Computer Vision by Exploiting Correlation Biases](https://i.ytimg.com/vi/Lfsc5TkJ07U/default.jpg)
![ProxyLogon is Just the Tip of the Iceberg: A New Attack Surface on Microsoft Exchange Server!](https://i.ytimg.com/vi/SmTW_cGbveM/default.jpg)
![Reverse Engineering the Tesla Battery Management System to increase Power Available](https://i.ytimg.com/vi/UV2zvgyIF0I/default.jpg)
![Multiple Bugs in Multi-Party Computation: Breaking Cryptocurrency's Strongest Wallets](https://i.ytimg.com/vi/0Okqvm4lBQI/default.jpg)