Tools
Tools
Shewale, Saraunsh (2024) Automated Threat Hunting for JavaScript-based Obfuscated Phishing Email Attachments. Masters thesis, Dublin, National College of Ireland.
Preview |
PDF (Master of Science)
Download (1MB) | Preview |
Preview |
PDF (Configuration Manual)
Download (2MB) | Preview |
Abstract
Phishing is a well-known social engineering attack vector that targets employees and high-level executives to trick them into disclosing their user account credentials. Emerging phishing techniques employ the use of obfuscated JavaScript code within .html file attachments. Such techniques bypass most of the advanced security protections in place. This research presents a lightweight, easy-to-set-up automated threat intelligence workflow that is focused on the extraction of potential Indicators of Compromise (IOCs) from suspicious emails. It helps to uncover and flag suspicious artifacts from the email and its attachments including IP address, email address, file hash, and URL. The project is built over a cloud-based SaaS service - Tines, and it leverages the effectiveness of existing open-source and commercial security services like VirusTotal, URLscan.io, EmailRep.io, and OpenAi.
| Item Type: | Thesis (Masters) |
|---|---|
| Supervisors: | Name Email Sahni, Vikas UNSPECIFIED |
| Subjects: | Q Science > QA Mathematics > Electronic computers. Computer science T Technology > T Technology (General) > Information Technology > Electronic computers. Computer science Q Science > QA Mathematics > Computer software > Computer Security T Technology > T Technology (General) > Information Technology > Computer software > Computer Security Q Science > Q Science (General) > Self-organizing systems. Conscious automata > Machine learning |
| Divisions: | School of Computing > Master of Science in Cyber Security |
| Depositing User: | Ciara O'Brien |
| Date Deposited: | 03 Jun 2025 17:02 |
| Last Modified: | 03 Jun 2025 17:02 |
| URI: | https://norma.ncirl.ie/id/eprint/7738 |
Actions (login required)
 |
View Item |