Conversation-depth social engineering attack detection using attributes from automated dialog engagement

Assignee

• SRI International · US

Inventors

• Phillip A. Porras · Menlo Park, US
• Kenneth C. Nitz · Redwood City, US
• Keith M. Skinner · Menlo Park, US
• Dayne Freitag · Lemon Grove, US

Key dates

Classification

• Technology area (CPC G)Physics
• CPC primaryG06F40/35
• WIPO fieldComputer technology
• WIPO sectorElectrical engineering

Abstract

A method of determining an adversarial attack playbook includes receiving, from an adversarial actor, an electronic communication intended for a target user. The method includes engaging in a deep dialog with the adversarial actor by deploying a synthetic persona dynamically during the electronic communication. The deep dialog includes multiple rounds of communication exchanges. The method includes determining a length and type of the deep dialog to obtain attributes related to the adversarial actor. The method includes identifying a conversational pattern from the deep dialog. The conversational pattern comprises dialog interaction elements utilized by the adversarial actor. The method includes dynamically producing, based on the conversational pattern, the playbook associated with the adversarial actor. The playbook is indicative of a dialog interaction strategy implemented by the adversarial actor. The method includes providing the playbook to a social engineering attack (SEA) system in order to detect, avoid and/or mitigate future attacks.