Associating Attacks with Actors

Proofpoint Inc. Computer Science, 2018-19

Liaison(s): Thomas Lynam
Advisor(s): Ran Libeskind-Hadas
Students(s): Harrison Chotzen (PM-S), Tim Gaskin (PM-F), Patrick McDonough, Steve Zhong

Proofpoint identifies thousands of malicious email attachments and URLs every day. However, currently only about half of all attack threats are associated with an actor. The aim of this Clinic project is to improve this ratio, by using machine learning and heuristics to provide a proof-of-concept for the systematic association of attacks with actors and identification of new actors.