10.1145/3011883.3011885acmotherconferencesArticle/Chapter ViewAbstractPublication PagesnspwConference Proceedingsconference-collections
Open access

Harvesting the low-hanging fruits: defending against automated large-scale cyber-intrusions by focusing on the vulnerable population

Published: 26 September 2016 Publication History


The orthodox paradigm to defend against automated social-engineering attacks in large-scale socio-technical systems is reactive and victim-agnostic. Defenses generally focus on identifying the attacks/attackers (e.g., phishing emails, social-bot infiltrations, malware offered for download). To change the status quo, we propose to identify, even if imperfectly, the vulnerable user population, that is, the users that are likely to fall victim to such attacks. Once identified, information about the vulnerable population can be used in two ways. First, the vulnerable population can be influenced by the defender through several means including: education, specialized user experience, extra protection layers and watchdogs. In the same vein, information about the vulnerable population can ultimately be used to fine-tune and reprioritize defense mechanisms to offer differentiated protection, possibly at the cost of additional friction generated by the defense mechanism. Secondly, information about the user population can be used to identify an attack (or compromised users) based on differences between the general and the vulnerable population. This paper considers the implications of the proposed paradigm on existing defenses in three areas (phishing of user credentials, malware distribution and socialbot infiltration) and discusses how using knowledge of the vulnerable population can enable more robust defenses.


Published In

cover image ACM Other conferences
NSPW '16: Proceedings of the 2016 New Security Paradigms Workshop
September 2016
113 pages
Permission to make digital or hard copies of part or all of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for third-party components of this work must be honored. For all other uses, contact the Owner/Author.


  • ACSA: Applied Computing Security Assoc
  • The National Science Foundation
  • DELL


Association for Computing Machinery

New York, NY, United States

Publication History

Published: 26 September 2016

Author Tags

  1. cyber intrusions
  2. defense system design
  3. vulnerable population


  • Research-article


NSPW '16
  • ACSA
NSPW '16: New Security Paradigms Workshop 2016
September 26 - 29, 2016
Colorado, Granby, USA

Acceptance Rates

Overall Acceptance Rate 98 of 265 submissions, 37%


