Virtuous human hacking: The ethics of social engineering in penetration-testing
DOI: 10.1016/J.COSE.2019.02.012
关键词:
摘要: Abstract This paper offers a virtue ethics analysis of social engineering in penetration-testing. It begins by considering previous research on this topic and argues that such attempts misconstrue or more often overlook Aristotelian tradition. articulates the core tenets applies them to an white hat engineering. A requires individuals firms initiate penetration-test be placed within larger communal context which obligates who are potential human hacking victims participate constitution flourishing communities. As such, for consent is not necessary condition positive ethical status If methods consistent with moderation (i.e. golden mean) manipulation at lower orders hierarchy communities can justified if it reasonably understood as part individual's participatory obligation results participation essential ensure eudaimonia community. Nevertheless, mean robust mitigation strategies lessen degree harm inflicted victims. Where possible, should attained mitigation. Finally, penetration-testing must able demonstrate training program governs its use
sci-hub.se 参考文章(37)
Jurg Gerber, Kevin Steinmetz, "It Doesn't Have to Be This Way": Hacker Perspectives on Privacy Social Justice. ,vol. 41, pp. 29- ,(2015)
Aristotle, Stephen Everson, The politics and the constitution of Athens Cambridge University Press. ,(1996)
Monte Ransome Johnson, Aristotle on Teleology ,(2006)
Yair Levy, Michelle M. Ramim, Raymond A. Hackney, Assessing Ethical Severity of e-Learning Systems Security Attacks Journal of Computer Information Systems. ,vol. 53, pp. 75- 84 ,(2013) , 10.1080/08874417.2013.11645634
Helen S. Jones, John N. Towse, Nicholas Race, Susceptibility to Email Fraud: A Review of Psychological Perspectives, Data-Collection Methods, and Ethical Considerations International Journal of Cyber Behavior, Psychology and Learning archive. ,vol. 5, pp. 13- 29 ,(2015) , 10.4018/IJCBPL.2015070102
Wayne Vaught, Robert C. Solomon, Clancy W. Martin, Morality and the good life : an introduction to ethics through classical sources McGraw-Hill Higher Education. ,(1984)
Francois Mouton, Mercia M. Malan, Kai K. Kimppa, H.S. Venter, Necessity for ethics in social engineering research Computers & Security. ,vol. 55, pp. 114- 127 ,(2015) , 10.1016/J.COSE.2015.09.001
Engin Kirda, Davide Balzarotti, Veikko Pankakoski, Tobias Lauinger, Honeybot, your man in the middle for automated social engineering usenix conference on large scale exploits and emergent threats. pp. 11- 11 ,(2010)
John R. Drake, Asking for Facebook Logins: An Egoist Case for Privacy Journal of Business Ethics. ,vol. 139, pp. 429- 441 ,(2016) , 10.1007/S10551-015-2586-4
Sonam Chauhan, Shubhangini Rathore, Ethics in Behavioural Targeting: Mapping Consumers Perceptions Journal of Online Marketing. ,vol. 4, pp. 45- 61 ,(2014) , 10.4018/IJOM.2014040104