Underlying finite state machine for the social engineering attack detection model
作者: Francois Mouton , Alastair Nottingham , Louise Leenen , H.S. Venter
DOI: 10.1109/ISSA.2017.8251781
关键词: Social engineering (security) 、 Context model 、 Human–computer interaction 、 Automaton 、 Information security 、 Information sensitivity 、 Flowchart 、 Finite-state machine 、 Computer science 、 Bidirectional communication
摘要: Information security is a fast-growing discipline, and relies on continued improvement of measures to protect sensitive information. In general, human operators are often highly susceptible manipulation, tend be one the weakest links in chain. A social engineering attack targets this weakness by using various manipulation techniques elicit individuals perform requests. The field still its infancy with respect formal definitions, frameworks, examples attacks detection models. order formally address broad context, paper proposes underlying finite state machine Social Engineering Attack Detection Model (SEADM). model has been proven successfully thwart utilising either bidirectional communication, unidirectional communication or indirect communication. Proposing exploring allows have clearer overview mental processing performed within model. While current provides general procedural template for implementing mechanisms attacks, more abstract extensible that highlights interconnections between task categories associated different scenarios. intended help facilitate incorporation organisation specific extensions grouping similar activities into distinct categories, subdivided states. addition, it facilitates additional analysis transitions difficult extract from original flowchart based
sci-hub.se 参考文章(17)
Lech Janczewski, Koteswara Ivaturi, A Taxonomy for Social Engineering attacks ,(2011)
Mercia M. Malan, Francois Mouton, Hein S. Venter, Development of cognitive functioning psychological measures for the SEADM HAISA. pp. 40- 51 ,(2012)
Lena Laribee, Development of Methodical Social Engineering Taxonomy Project Monterey, California. Naval Postgraduate School. ,(2006)
Jamison W. Scheeres, Establishing the Human Firewall: Reducing an Individual's Vulnerability to Social Engineering Attacks ,(2012)
Francois Mouton, Louise Leenen, Mercia M. Malan, H. S. Venter, Towards an Ontological Model Defining the Social Engineering Domain IFIP Advances in Information and Communication Technology. pp. 266- 279 ,(2014) , 10.1007/978-3-662-44208-1_22
Francois Mouton, Mercia M. Malan, Kai K. Kimppa, H.S. Venter, Necessity for ethics in social engineering research Computers & Security. ,vol. 55, pp. 114- 127 ,(2015) , 10.1016/J.COSE.2015.09.001
F Mouton, M M Malan, H S Venter, Social engineering from a normative ethics perspective information security for south africa. pp. 1- 8 ,(2013) , 10.1109/ISSA.2013.6641064
Pekka Tetri, Jukka Vuorinen, Dissecting social engineering Behaviour & Information Technology. ,vol. 32, pp. 1014- 1023 ,(2013) , 10.1080/0144929X.2013.763860
Ram Bhakta, Ian G. Harris, Semantic analysis of dialogs to detect social engineering attacks ieee international conference semantic computing. pp. 424- 427 ,(2015) , 10.1109/ICOSC.2015.7050843
Monique Bezuidenhout, Francois Mouton, H. S. Venter, Social engineering attack detection model: SEADM information security for south africa. pp. 1- 8 ,(2010) , 10.1109/ISSA.2010.5588500