Skip to Main Content
Frequently Asked Questions
Submit an ETD
Global Search Box
Need Help?
Keyword Search
Participating Institutions
Advanced Search
School Logo
Files
File List
RaqabMSThesisPhishingChartv17.pdf (1.17 MB)
ETD Abstract Container
Abstract Header
GAINING MONITORING CAPABILITIES AND INSIGHTS INTO RESPONSES FROM PHISHING DATA
Author Info
Raqab, Alah
Permalink:
http://rave.ohiolink.edu/etdc/view?acc_num=osu1397504041
Abstract Details
Year and Degree
2014, Master of Science, Ohio State University, Industrial and Systems Engineering.
Abstract
Cyber-attacks are considered the greatest domestic security threat in the United States and among the greatest international security threats. In the recent past, phishing and “denial of service” attacks are starting to become the most relevant forms of cyber intrusion, even while they can involve exploiting system vulnerabilities. Specifically, phishing attacks are reaching the level at which many large organizations are seriously considering purchasing technology and adopting mitigating practices. Therefore, data-driven decision support technology relating to mitigating or avoiding phishing and denial of service attacks are increasingly relevant. A key element of the proposed approach is to treat management of phishing and denial of service cyber-attacks in a manner similar to quality management in production systems. Phishing control charting can become critical tools in both moving target (MT) decision-making and metric development, just as similar techniques are already in manufacturing and service operations. In this thesis, we explore the case study application of design for six sigma to create a proposed integrated system response to phishing email attacks. Specifically, we used a CTQ flow diagram to clarify the relevance of CTQ characteristics including the number of phishing emails and the number of suspended accounts. In Chapter 3, we describe the observed autocorrelations in time series corresponding to both CTQ characteristics. This motivated the use of moving centerline demerit (MCD) charts from a standard reference. From developing an interrelationship diagram, we identified several important interrelationships including the relationship between phishing emails and organizational password policies. Clear seasonality was observed in the data suggesting that responsiveness in certain months (January and summer months) are months are more critical than other months. Strong patterns were identified in that selected sub-populations were much more prone to being tricked by the emails and giving away their information. We omit the specific populations and organizational details for security reasons but the Pareto 80-20 rule was observed to be highly relevant in formulating system responses. We developed a simple charting method based on word frequencies to provide recent information summarizing the nature of phishing attacks. By integrating previous conclusions, we formulated a recommended system response that targets sub-populations, uses the proposed text series charts, and actually reduces password changing requirements on several sub-populations.
Committee
Theodore Allen (Advisor)
Cathy Xia (Committee Member)
Pages
50 p.
Subject Headings
Industrial Engineering
;
Operations Research
;
Statistics
Keywords
Cyber-attacks
;
phishing
;
design for six sigma
;
quality contorl
Recommended Citations
Refworks
EndNote
RIS
Mendeley
Citations
Raqab, A. (2014).
GAINING MONITORING CAPABILITIES AND INSIGHTS INTO RESPONSES FROM PHISHING DATA
[Master's thesis, Ohio State University]. OhioLINK Electronic Theses and Dissertations Center. http://rave.ohiolink.edu/etdc/view?acc_num=osu1397504041
APA Style (7th edition)
Raqab, Alah.
GAINING MONITORING CAPABILITIES AND INSIGHTS INTO RESPONSES FROM PHISHING DATA.
2014. Ohio State University, Master's thesis.
OhioLINK Electronic Theses and Dissertations Center
, http://rave.ohiolink.edu/etdc/view?acc_num=osu1397504041.
MLA Style (8th edition)
Raqab, Alah. "GAINING MONITORING CAPABILITIES AND INSIGHTS INTO RESPONSES FROM PHISHING DATA." Master's thesis, Ohio State University, 2014. http://rave.ohiolink.edu/etdc/view?acc_num=osu1397504041
Chicago Manual of Style (17th edition)
Abstract Footer
Document number:
osu1397504041
Download Count:
634
Copyright Info
© 2014, some rights reserved.
GAINING MONITORING CAPABILITIES AND INSIGHTS INTO RESPONSES FROM PHISHING DATA by Alah Raqab is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License. Based on a work at etd.ohiolink.edu.
This open access ETD is published by The Ohio State University and OhioLINK.