Towards Thwarting Social Engineering Attacks

by   Zheyuan Ryan Shi, et al.

Social engineering attacks represent an increasingly important attack vector growing in use by sophisticated hackers to compromise organizations. Water-hole attacks, in particular, have been leveraged in many recent high profile hacks. These attacks compromise a legitimate website to execute drive-by download attacks by redirecting users to another domain with an exploit kit. To prevent water-hole attacks, organizations use a slew of countermeasures that alter the environment information given by employees visiting websites. In this paper, we explore this domain and introduce a game-theoretic model that captures the most relevant aspects for an organization protecting itself from a water-hole attack. This model provides a foundation for an organization to implement an automated protection policy that uses technological based countermeasures. Our main contributions are (1) the Social Engineering Deception Game model, (2) detailed analysis of the game model, (3) an algorithm to solve for the optimal protection policy, (4) heuristics to improve the scalability of our approach, and (5) detailed experiments that analyze the application of our approach.


page 1

page 2

page 3

page 4


Draining the Water Hole: Mitigating Social Engineering Attacks

Cyber adversaries have increasingly leveraged social engineering attacks...

Winning the Ransomware Lottery: A Game-Theoretic Model for Mitigating Ransomware Attacks

Ransomware is a growing threat to individuals and enterprises alike, con...

Machine learning dismantling and early-warning signals of disintegration in complex systems

From physics to engineering, biology and social science, natural and art...

Social Engineering in Cybersecurity: A Domain Ontology and Knowledge Graph Application Examples

Social engineering has posed a serious threat to cyberspace security. To...

A Game-Theoretical Self-Adaptation Framework for Securing Software-Intensive Systems

The increasing prevalence of security attacks on software-intensive syst...

How to Pick Your Friends - A Game Theoretic Approach to P2P Overlay Construction

A major limitation of open P2P networks is the lack of strong identities...

Analysis of Recent Attacks based on Social Engineering Techniques

This paper attempts to strengthen the pursued research on social enginee...


Social engineering attacks [Abraham and Chengalur-Smith2010] attempt to manipulate people so they give up confidential information whether it be water-hole attacks, phishing emails or drive-by downloads. Within organizations, the number of social engineering attacks is growing at a catastrophic rate due to their profitability and the poor extent to which businesses are protecting themselves. A recent survey in 2016 found that 60% of organizations said that they were or may have been victims of at least one social engineering attacks in the past year [Field2016]. In order to thwart these attacks, organizations take several countermeasures which vary from training employees to recognize social engineering to technology-based countermeasures. While training employees can greatly improve the security of an organization, it is not completely effective and employees can still fall victim to a motivated adversary’s targeted campaign.

In the vein of technological based countermeasures, deceptive techniques present an interesting approach to thwart cyber adversaries [Almeshekah and Spafford2016, Albanese, Battista, and Jajodia2016]. Deception techniques are designed to confuse, misdirect, and delay an adversary by incorporating ambiguity and misdirecting his operations. Recent papers have explored deception during the reconnaissance phase of an adversary’s attack on enterprise networks [Jajodia et al.2017, Schlenker et al.2018]. With respect to social engineering, deception is a useful technique to provide automated countermeasures for a defender. In particular, water-hole attacks rely on the correct identification of a visitor’s system environment to deliver the correct malware to compromise the victim’s computer [Alrwais et al.2016]. Typically, the victim’s system information is gathered by analyzing the user-agent string [Cova, Kruegel, and Vigna2010]. Altering the user-agent string from the true system environment can have negative effects on the quality of the user’s internet browsing, as websites rely on the user-agent information to display the proper version of their website. However, altering the user-agent string potentially thwarts the attack altogether as the malware sent to the victim’s computer is tailored to the wrong system environment. In this way, deceptively setting an employee’s user-agent string provides a potential countermeasure to social engineering attacks, but must be done carefully to ensure the degradation of services is not too significant for the organization.

Our paper provides a game-theoretic method to find an optimal countermeasure to social engineering attacks. Recently, there has been a rise of interest in the application of game theory to cybersecurity settings 

[Laszka, Vorobeychik, and Koutsoukos2015, Serra et al.2015, Pıbil et al.2012]. As our first contribution, we propose a novel game model, the Social Engineering Deception (SED) game, which captures the strategic interaction between the adversary and his target organization. In a SED game, the organization strategically alters the user-agent strings of its web traffic, knowing that a powerful adversary will observe and react to it.

Second, we explore in depths the structure of the SED game. We show that it is NP-hard for the adversary to best respond to a defensive policy. We also identify some scenarios where the optimal protection policy can be found in polynomial time, including the case where the adversary is limited in the effort they can expend in an attack, as well as the case where the adversary’s effort is unlimited and has uniform cost to infect websites. Third, we propose a column generation-based algorithm which can solve the SED game in the general setting. Furthermore, we devise an elimination algorithm which might greatly reduce the number of protection policies that the organization has to consider. We also develop a greedy heuristic that efficiently computes a near-optimal response for the adversary.

Finally, we perform extensive experiments to evaluate the proposed algorithms. In the polynomial time tractable situations, our algorithm can solve SEDs involving websites within 20 seconds. We show that, in the general setting, our plain column generation algorithm can solve medium-sized instances in several minutes, whereas several baseline approaches proved to be intractable even on small instances involving 10 websites. At last, we demonstrate that, when enhanced with our preprocessing step, our algorithm can handle corporate-scale instances involving websites.

Motivating Examples

Water-hole attacks have become more prevalent in recent years and have been instrumental in recent hacks of thousands of industrial, government and financial organizations around the world. In 2013, a water-hole attack leveraged a Java zero-day vulnerability to specifically compromise several large corporate networks [Whittaker2013]. Apple and Facebook ended up falling victim to these attacks along with Twitter. Analysis from researchers at Kaspersky of the techniques used by the hackers showed the use of a ”water-hole” style attack by compromising an iOS development forum ( From here, the users were redirected to a site that executed the Java zero-day vulnerability in the victims web-browser to hack their machine [Mimoso2013].

Later in 2015, the attacks on these companies ramped up again with the majority of the victim organizations from the technology, pharmaceutical, commodities, and legal sectors and based in the U.S., Canada and Europe. Importantly, the web exploits targeted particular networks by isolating the attacks to visitors only from certain IP addresses [Constantin2015]. More recent attacks in 2017 targeted 100 organizations in 31 different countries with the vast majority of the organizations being banks [Symantec2017]. The attackers redirected users from a compromised website to a customized exploit kit, which was preconfigured to infect visitors from approximately 150 different IP addresses [Dimitrova2017]

. Modern cyber adversaries are patient, sophisticated and persistent in their attacks on corporate or government entities. To maximize the probability of a successful attack, adversaries research target organizations to be well-informed about targeted companies, the desired sensitive or confidential information, and potentially, the browsing habits of the company’s employees.

These examples highlight the need for organizations to deploy proactive defensive approaches that directly account for adversarial interaction when protecting their employees from being compromised. Current technical approaches to protect users from water-hole attacks include sand-boxing the potential attack on a user (by using a new VM for every web browser tab), white-listing only trusted websites to run Java, Flash or Javascript functionality [Farquhar2017] and altering the user-agent string of a user. Our framework empowers an organization to take a proactive approach to mitigate the potential exposure to water-hole attacks on the internet. This reduces the available attack vectors to an adversary and introduces uncertainty into an attacker’s plans. Crucially, the model aims to minimize the noticeable impact to employees while autonomously deploying the best available countermeasures to mitigate a water-hole attack.

Anatomy of a Water-hole Attack

Water-hole attacks are a variant on phishing attacks and serve as a sophisticated technique for attackers to identify the vulnerable systems with weak security connected to an organization’s network. To gain a better understanding of water-hole attacks, it is valuable to cover the primary steps in executing one successfully.

Figure 1: Anatomy of a water-hole attack carried out by hackers targeting an organization.
  • Step 1. Adversary finds a target organization.

  • Step 2. Discovers frequently visited websites and embeds the malware in one.

  • Step 3. User visits website and is redirected to find vulnerabilities in user’s machine.

  • Step 4. Delivers the exploit.

  • Step 5. Accesses information from the target.

In step 1, an adversary spends time to find a particular organization he wants to target which can be motivated by stealing financial information, sensitive government information, proprietary trade secrets, and numerous other reasons. Step 2 is a lengthy reconnaissance phase to understand the browsing habits of employees from the targeted organization along with understanding the connections to the organization’s network, e.g., employees, connected vendors, or business partners. This allows the adversary to determine the most lucrative websites to compromise to get maximum exposure to employees and connected individuals of the targeted organization. In step 3, the employees visit the compromised website and are subsequently redirected to another website which scans the system environment information and determines the present vulnerabilities. To gather this information, several techniques can be used, including analyzing the user-agent string of an incoming victim. Step 4 sees the adversary deliver an exploit for one of the identified vulnerabilities to compromise the user’s machine. Finally, in step 5 the adversary has the desired access and can leverage the compromised machine to navigate in the organization’s network and access the desired sensitive information.

Our approach relies on altering this standard interaction and introducing uncertainty and difficulty in Step 3 of a water-hole attack. Identifying the vulnerabilities in a visitor relies on gathered information from reconnaissance methods. By introducing deception during this phase, it enables a defender to prevent a water-hole attack before employees are compromised and provides an opportunity to identify attempted attacks. For instance, in the 2013 attacks on Facebook, Apple, and other tech companies, a Java zero-day vulnerability was used to compromise employees which had Java enabled in their browsers. However, if the employee system’s were altered to make it appear that Java was not enabled, the adversary would not have sent the exploit and subsequently compromised the employees.

Social Engineering Deception Games

We use the 2017 Ratankba malware attacks to ground our model in a real world example and provide a backdrop for the assumptions made throughout. This attack was executed by compromising the website of the Polish Financial Supervision Authority and affected over 31 banks and organizations in Poland along with additional victims worldwide. Our aim is to protect our organization , i.e., a Polish bank, from a water-hole attack that compromises our employees .

The interaction in the social engineering domain between an organization (i.e., defender) and an adversary is modeled as a zero-sum Stackelberg game where the defender first chooses an alteration policy, i.e., how to alter user-agent strings for employees, which is observed by the adversary who then chooses a best-response. In everyday activities employees will visit a set of websites which contains a majority of legitimate sites as well as water-holes set up by an adversary. The defender’s alteration policy represents the proportion of the organization’s employees traffic to for which the user-agent string will be altered. We make the simplifying assumption that when an employee’s user-agent string is altered a drive-by download attack will be unsuccessful, and if the traffic is unaltered the attack will be successful. For instance, the Ratankba attacks exploited vulnerabilities in Silverlight and Flash Player and if the user-agent string was altered the presence of these extensions could have been hidden. In Appendix, we explore the consequences of relaxing this assumption 111Online appendix at

For each website , there is a total amount of traffic per week–though this could also represent daily or monthly traffic as well. Denote as the traffic from employee in to per week. The total amount of traffic from organization to per week can then be captured by where . As altering the user-agent string can degrade the webpage rendered, we also consider a cost to alter a single unit of traffic to . We assume the defender’s traffic alterations are limited due to a budget on the allowable cost per week due to the alterations, and therefore,


The adversary must choose which websites to compromise, represented by binary decision variables . The adversary has a cost for compromising a website that captures the effort required to turn a legitimate site into a water-hole, i.e., compromising is nearly impossible while the Polish Financial Authority cannot invest the same resources to prevent a compromise. This cost serves as a proxy for the level of security for a given website, and if the cost is not considered for the adversary he would be assumed to compromise all websites – which is unlikely to happen in the real-world and counters what has been observed from previous campaigns using water-hole attacks [Cyberpro2018]. The adversary then has a budget for compromising websites, i.e.,


(it is assumed ).

Our initial analysis assumes the attacker spends a certain amount of effort on scanning the incoming traffic for each compromised website, described by decision variable representing how much traffic he would scan per week for . The adversary then has a budget for scanning the incoming traffic per week, i.e.,


He may change his scanning plan every week based on which employees have been compromised, but for now we analyze a single-stage setting played over a single week. Note in the Ratankba attacks the adversaries only redirected certain IP addresses. This shows that adversaries scan the traffic to determine if the IP address for a visitor matches his desired targets, and after finding a match, the victims would be redirected to the exploit kit. We later discuss the implications of relaxing this assumption where it is assumed the scanning budget .

Variable Meaning
Set of employees for
Set of Websites
Defender alteration policy
All traffic to
Traffic for employee to
Traffic from to
Cost to alter user-agent string
Budget for defender to alter traffic
Binary variable for adversary to compromise
Cost to compromise for adversary
Budget for adversary to compromise websites
Scanning effort decision vector for adversary
Budget for adversary to scan traffic
Table 1: Notation Table

Given this setting, the attacker’s objective function can vary depending on his ultimate goals for a water-hole campaign. We consider an attacker with the objective of maximizing the expected amount of unaltered flow from through scanning (this is justifiable when there is a fixed probability of successfully finding out information about every time the attacker traces the traffic from ). The utility function for attacking a website is then


and maximizes the amount of employee’s the attacker compromises from the water-hole campaign. Unfortunately, this objective is non-linear due to the product term which can create issues for the optimization problem.

Analysis of SED Games

Having introduced the ingredients of a SED game, we present the defender’s optimization problem as below.


One may notice that the adversary’s problem (the inner problem for ) has a knapsack flavor. Indeed, as we show below, this allows for a greedy allocation of the attacker’s effort budget, which leads to a polynomial time solvable special case of SED.

Theorem 1.

Let be an optimal solution to . Let . There exists an optimal solution where .


For each , let . Suppose some in an optimal solution , and w.l.o.g assume . Let . Consider the solution where , , and for all other websites . This is a feasible solution, and the objective function increases by . Furthermore, at least one of and is removed from . We can apply this argument repeatedly until . ∎

Corollary 1.

If , the defender’s optimal strategy can be found in polynomial time.


Since , we know for any feasible solution. If , then we have and . If , by Theorem 1, we have and . In either case, there is only website such that . It follows that given a defender strategy . The optimal defender strategy can be found by solving the following LP.


We also consider another simplified version of the problem where the attacker has uniform cost and unlimited effort budget. In some forms of attack, there is no explicit effort budget for the attacker. For example, when the attacker aims at anyone who visits a certain website, there is no need to scan the traffic based on the visitor’s IP address. In other scenarios, the attacker may have some systematic way of compromising a website, thus making the cost of attack uniform. Under these assumptions, the attacker’s best response problem is a knapsack problem with uniform weight, and thus polynomial time solvable. Here we show that the defender’s optimal strategy can also be found efficiently.

Theorem 2.

When the attacker’s cost is uniform () and the effort budget is , the defender’s optimal strategy can be found in polynomial time.


Under these assumptions, our problem becomes


The constraint must be satisfied with equality because for all . The defender’s problem is to minimize the sum of largest linear functions among the of them, subject to the polyhedral constraints on . This problem can be solved as a single LP [Ogryczak and Tamir2003] as follows.


The above special cases aside, one question which arises is that, given a fixed defender strategy , is the inner optimization for efficiently computable in general. Unfortunately, as we show next the problem of computing the adversary’s best response is an NP-hard problem.

Theorem 3.

The adversary’s best response problem is NP-hard.


We reduce from the knapsack problem. In the knapsack problem, we have items each with a weight and value , and aim to pick items of maximum possible value subject to a capacity . We now create an instance of the social engineering deception problem. Create a website for each item with and . Assume that . Next, set and . Notice, that the objective function becomes where and . Hence, whenever . Using this the adversary’s best response problem then is given by:


Observe this is exactly the Knapsack problem described above yielding the NP-hardness result. ∎

Defender’s Preprocessing

In reality, not all websites are worth equally to an organization and the attackers against it. Consider again the 2017 Ratankba malware attacks in Poland. For a Polish bank, many employees may visit the website of the Polish Financial Supervision Authority daily, while perhaps the website of a computer science conference is only visited by a bored banker once throughout the week. Intuitively, potential attackers will probably not consider the conference website –- especially ones with tracking metrics – and thus, the bank may not need to alter/protect employee traffic to the conference website.

We now formalize this intuition as follows. We say a website is eliminated if it is not worthwhile for the defender to protect. More precisely, the attacker would get less utility on than some other website , even if the defender does not cover at all and covers to the maximum capacity. Suppose the cost of protecting the traffic to some website is quite high, such that . This means the defender can only cover to the extent . Then, the attacker is guaranteed to get utility at least by attacking this website with an effort . This leads us to the following theorem.

Theorem 4.

Consider websites . If the following conditions hold, the adversary will not attack unless he has used the maximum effort on , i.e. :

  1. .


From conditions 1 and 2, we know that for the same amount of effort, the attacker will be better off attacking website than , regardless of the defender’s strategy.

Suppose and (consequently ). Then we could let and . This is possible because from condition 4, so we have . Doing this does not increase the attack cost because now and and from condition 3.

Suppose and (consequently ). Let and . We know that if , then . Of course, the attack cost does not increase as well. ∎

If a website is often visited worldwide, yet seldom visited within the company, then it would be hard for the attacker to scan a visit to from within the company. Thus, the attacker may not do it as long as he has better (i.e. more profitable, efficient, and feasible) options which already exhaust his effort budget. Theorem 4 suggests the elimination procedure in Alg. 1.

1Define where .
2 foreach website  do
3       Calculate
4foreach website  do
5       Let where
6       if exists such that
7       (1) , (2) , and (3)  then
8             Eliminate .
Algorithm 1 Elimination

If attack costs are uniform, the condition on Line 1 of Alg. 1 becomes “find such that and ”. Then Alg. 1 can run in polynomial time, and we show its effectiveness in the experiment section.

Finding an Optimal Defender Strategy

In this section, we present our algorithm to solve in the general case. We define as the set of all max effort vectors. That is, if and . By Theorem 1, if we enumerate all of , we would be able to find an optimal defender strategy using the LP in Equations (24)-(27) with in Equation (25) replaced by .


However, the order of is prohibitively high, making the approach above impractical. We propose a cut generation algorithm to find the optimal defender strategy. The algorithm starts with a feasible defender strategy , which can be found by solving the dual formulation of the relaxed optimization problem . The dual formulation is included in Appendix. We then iteratively solve the adversary’s problem and the defender’s problem. Given a defender strategy , we solve the adversary’s optimization problem given by the inner MILP in Equations (6)(8) and obtain an adversary best response effort vector . Instead of enumerating all of , we keep a running subset of max effort vectors , and add the best response effort vector to this subset . We solve the defender’s optimization problem in Equations (24)(27) with this running subset . This process repeats until no new action vectors are found for the adversary.

1Get initial defender strategy using the relaxed LP (see Appendix)
2 Initialize max effort vector set .
3 while new max effort vector was added to  do
4       Find adversary’s best response to defender strategy by the inner MILP in Equations (6)(8).
5       if Solution yields a new max effort vector  then
6             Add to .
7      Solve defender’s optimal strategy problem w.r.t. effort set as the LP in Equations (24)(27).
8       Update the game value and defender’s strategy according to the solution.
Algorithm 2 Cut Generation

We note that our problem is similar but different from the recent line of work on bi-level knapsack with interdiction [Caprara et al.2014, Caprara et al.2016]. Our outer problem of is continuous rather than discrete, and the additional dimension of attacker’s effort makes the inner problem of more complicated than that being studied in the existing works.

In light of the hardness of finding the adversary’s best response (Theorem 3), we consider a greedy heuristic to improve its performance in practice. Leveraging Theorem 1, the algorithm greedily allocates adversary’s effort to websites that are most “cost-benefit efficient”. Specifically, the algorithm ranks the websites in decreasing order of the ratio . In the experiments, we test the performance of the greedy heuristic using different values of .

1Sort the websites in decreasing order of .
2 foreach website in the sorted order do
3       if remaining attack budget attack cost  then
4             Attack this website with maximum effort allowed
5      if running out of attack budget or effort budget then
6             break
Algorithm 3 Greedy

Although this algorithm does not provide an approximation guarantee, it performs well in practice. As we show in the experiment section, the accuracy of its solution improves in practice as the size of the problem grows.


We hereby investigate the practical performance of our proposed algorithms for SED. All experiments are run on a 3.8GHz Intel Core i5 desktop with 32GB RAM. All optimization problems are solved using IBM CPLEX 12.8. Unless otherwise noted, the problem parameters are generated following the distributions detailed in Appendix.

First, we run experiments on the polynomial time tractable cases of SED, according to Corollary 1 and Theorem 2. In the case of small effort budget ( for all ), is generated uniformly between and . The results in Figure 2222

All running time results are averaged over 10 instances, with error bars representing standard deviations, unless otherwise noted.

show that in both cases, our solution can be easily scaled to websites. This implies these cases could be deployed in corporate-scale applications in the real world.

Figure 2: Running time of SED problems with assumptions (1) or (2) and .

With this, we move on to the general cases of SED without the additional assumptions. To begin with, we consider the greedy algorithm (Alg. 3) for the adversary’s best response problem. Recall that the adversary selects websites based on a decreasing order of . With different choices of denominator , we compare the solution value of the greedy algorithm with the optimal solution OPT obtained by solving the inner MILP in Equations 6-8. We show the solution gap in Table 2. We observe that yields the smallest solution gap, and hence we fix in subsequent experiments. Fixing this choice of , Fig. 3 shows that the greedy algorithm typically runs within of the time required by the MILP. The solution gap of the greedy algorithm decreases to near zero as the problem size grows.

Table 2: Solution gaps of different greedy heuristics for the adversary best response problem. Results are averaged over runs on different problem sizes , with 5 instances for each size.
Figure 3: Running time and solution gap of the greedy heuristic for the adversary best response problem.

We now compare the performance of our algorithm on the general case SED problem with two other baselines. The first baseline algorithm, referred to as Max Effort, enumerates all adversary’s maximal effort vectors, and solves the linear program described in Equations (

24)-(27). The other baseline, referred to as All Actions, decomposes SED into subproblems, each assuming some adversary’s maximal effort vector is a best response. The details of this algorithm can be found in Appendix. In the greedy version of cut generation, the greedy algorithm (Alg. 3) is always used first. If it does not yield a new effort vector, the MILP is used. Cut generation terminates if the MILP again does not find a new effort vector. As shown in Fig. 4, both baseline algorithms quickly become intractable even on problems with under websites. On the other hand, we note that the cut generations approaches are able to find the optimal solutions rather efficiently. In particular, the greedy algorithm for the adversary’s best response problem does help further improve the performance of cut generation.

Figure 4: Running time on small size SED problems.

We advance to examine our proposed solutions on larger problem instances, and report the results in Fig. 5. Surprisingly, the greedy algorithm no longer seems to be helpful. Cut generation with greedy attacker’s best response typically does not terminate within 600 seconds on problems of size greater than . One possible reason is that, even though at each iteration of cut generation, the greedy algorithm yields an attacker strategy which achieves almost the same utility as the optimal strategy, the actual strategy chosen be the greedy is very different from the optimal strategy, as we observed. This problem is more prominent in larger problems, as the adversary has a wider range of strategies to choose and optimize on.

Figure 5: Running time of cut generation on medium size SED problems. Error bars represent the standard deviations of the means.

Admittedly, a set of 350 websites is possibly too small when considering the number of websites that a company, or even an individual, visits in a week. However, as we mentioned earlier, different websites have different importance to the entity in consideration. We now experiment with the defender’s preprocessing step and scale our algorithm to handle much larger problems. We partition the collection of websites into two sets , where and . contains websites that have a large portion of their traffic coming from the target organization; while contains websites with a smaller ratio. To reflect this distinction, in our experiments, the parameters for websites in and are generated from different distributions (see Appendix). We consider a simpler case where for all websites, the attacker has a uniform cost of attack. However, we do not assume the attacker has infinite effort budget, and thus the problem does not relegate to the polynomial time solvable case in Theorem 2. Nevertheless, as shown in Fig. 6, the defender’s preprocessing step enables us to solve most SED games with websites within roughly 2 minutes. On the other hand, without preprocessing, cut generation typically does not terminate in 2000 seconds on SED games with websites. We note that, in reality, the ratio may be a lot smaller, and our algorithm would run even faster.

Figure 6: Effect of preprocessing on large size SED problems. For each problem size. we ran 10 instances, and in 8 of them the eliminate algorithm was able to reduce the size of the problem. The results are averaged over these 8 instances. Error bars represent the standard deviations of the means.


  • [Abraham and Chengalur-Smith2010] Abraham, S., and Chengalur-Smith, I. 2010. An overview of social engineering malware: Trends, tactics, and implications. Technology in Society 32(3):183–196.
  • [Albanese, Battista, and Jajodia2016] Albanese, M.; Battista, E.; and Jajodia, S. 2016. Deceiving attackers by creating a virtual attack surface. In Cyber Deception. Springer. 169–201.
  • [Almeshekah and Spafford2016] Almeshekah, M. H., and Spafford, E. H. 2016. Cyber security deception. In Cyber Deception. Springer-Verlag. 25–52.
  • [Alrwais et al.2016] Alrwais, S.; Yuan, K.; Alowaisheq, E.; Liao, X.; Oprea, A.; Wang, X.; and Li, Z. 2016. Catching predators at watering holes: finding and understanding strategically compromised websites. In Proceedings of the 32nd Annual Conference on Computer Security Applications, 153–166. ACM.
  • [Caprara et al.2014] Caprara, A.; Carvalho, M.; Lodi, A.; and Woeginger, G. J. 2014. A study on the computational complexity of the bilevel knapsack problem. SIAM Journal on Optimization 24(2):823–838.
  • [Caprara et al.2016] Caprara, A.; Carvalho, M.; Lodi, A.; and Woeginger, G. J. 2016. Bilevel knapsack with interdiction constraints. INFORMS Journal on Computing 28(2):319–333.
  • [Constantin2015] Constantin, L. 2015. Hacker group that hit Twitter, Facebook, Apple and Microsoft intensifies attacks.
  • [Cova, Kruegel, and Vigna2010] Cova, M.; Kruegel, C.; and Vigna, G. 2010. Detection and analysis of drive-by-download attacks and malicious javascript code. In Proceedings of the 19th international conference on World wide web, 281–290. ACM.
  • [Cyberpro2018] Cyberpro. 2018. WATERING HOLE ATTACKS.
  • [Dimitrova2017] Dimitrova, M. 2017. Watering Hole Attacks 2017: Banks Compromised with Downloader.Ratankba.
  • [Farquhar2017] Farquhar, D. 2017. Watering hole attack prevention.
  • [Field2016] Field, T. 2016. Email security: Social engineering report.
  • [Jajodia et al.2017] Jajodia, S.; Park, N.; Pierazzi, F.; Pugliese, A.; Serra, E.; Simari, G. I.; and Subrahmanian, V. 2017. A probabilistic logic of cyber deception. IEEE Transactions on Information Forensics and Security 12(11):2532–2544.
  • [Laszka, Vorobeychik, and Koutsoukos2015] Laszka, A.; Vorobeychik, Y.; and Koutsoukos, X. D. 2015. Optimal personalized filtering against spear-phishing attacks. In AAAI, 958–964.
  • [Mimoso2013] Mimoso, M. 2013. iOS Developer Site at Core of Facebook, Apple Watering Hole Attack.
  • [Ogryczak and Tamir2003] Ogryczak, W., and Tamir, A. 2003. Minimizing the sum of the k largest functions in linear time. Information Processing Letters 85(3):117–122.
  • [Pıbil et al.2012] Pıbil, R.; Lisỳ, V.; Kiekintveld, C.; Bošanskỳ, B.; and Pechoucek, M. 2012. Game theoretic model of strategic honeypot selection in computer networks. Decision and Game Theory for Security 7638:201–220.
  • [Schlenker et al.2018] Schlenker, A.; Thakoor, O.; Xu, H.; Tambe, M.; Vayanos, P.; Fang, F.; Tran-Thanh, L.; and Vorobeychik, Y. 2018. Deceiving cyber adversaries: A game theoretic approach. In International Conference on Autonomous Agents and Multiagent Systems.
  • [Serra et al.2015] Serra, E.; Jajodia, S.; Pugliese, A.; Rullo, A.; and Subrahmanian, V. 2015. Pareto-optimal adversarial defense of enterprise systems. ACM Transactions on Information and System Security (TISSEC) 17(3):11.
  • [Symantec2017] Symantec, S. R. 2017. Attackers target dozens of global banks with new malware.
  • [Whittaker2013] Whittaker, Z. 2013. Facebook, Apple hacks could affect anyone: Here’s what you can do.