dc.contributor.author |
Mouton, Francois
|
|
dc.contributor.author |
Nottingham, Alastair T
|
|
dc.contributor.author |
Leenen, Louise
|
|
dc.contributor.author |
Venter, HS
|
|
dc.date.accessioned |
2018-01-04T10:44:27Z |
|
dc.date.available |
2018-01-04T10:44:27Z |
|
dc.date.issued |
2017-08 |
|
dc.identifier.citation |
Mouton, F. et al. 2017. Underlying finite state machine for the social engineering attack detection model. Information Security for South Africa Conference (ISSA2017), 16-17 August 2017, Sandton, Johannesburg, South Africa, pp. 98-105 |
en_US |
dc.identifier.isbn |
978-1-5386-0544-8 |
|
dc.identifier.uri |
http://www.infosecsa.co.za/Programme
|
|
dc.identifier.uri |
http://hdl.handle.net/10204/9913
|
|
dc.description |
Copyright: 2017 IEEE. Due to copyright restrictions, the attached PDF file only contains the abstract of the full text item. For access to the full text item, please consult the publisher's website. |
en_US |
dc.description.abstract |
Information security is a fast-growing discipline, and relies on continued improvement of security measures to protect sensitive information. In general, human operators are often highly susceptible to manipulation, and tend to be one of the weakest links in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy with respect to formal definitions, attack frameworks, examples of attacks and detection models. In order to formally address social engineering in a broad context, this paper proposes the underlying finite state machine of the Social Engineering Attack Detection Model (SEADM). The model has been proven to successfully thwart social engineering attacks utilising either bidirectional communication, unidirectional communication or indirect communication. Proposing and exploring the underlying finite state machine of the model allows one to have a clearer overview of the mental processing performed within the model. While the current model provides a general procedural template for implementing detection mechanisms for social engineering attacks, the finite state machine provides a more abstract and extensible model that highlights the interconnections between task categories associated with different scenarios. The finite state machine is intended to help facilitate the incorporation of organisation specific extensions by grouping similar activities into distinct categories, subdivided into one or more states. In addition, it facilitates additional analysis on state transitions that are difficult to extract from the original flowchart based model. |
en_US |
dc.language.iso |
en |
en_US |
dc.publisher |
IEEE |
en_US |
dc.relation.ispartofseries |
Worklist;19982 |
|
dc.subject |
Bidirectional communication |
en_US |
dc.subject |
Finite state machine |
en_US |
dc.subject |
Indirect communication |
en_US |
dc.subject |
Social engineering |
en_US |
dc.subject |
Social engineering attack examples |
en_US |
dc.subject |
Social engineering attack detection model |
en_US |
dc.subject |
Social engineering attack framework |
en_US |
dc.subject |
Unidirectional communication |
en_US |
dc.title |
Underlying finite state machine for the social engineering attack detection model |
en_US |
dc.type |
Conference Presentation |
en_US |
dc.identifier.apacitation |
Mouton, F., Nottingham, A. T., Leenen, L., & Venter, H. (2017). Underlying finite state machine for the social engineering attack detection model. IEEE. http://hdl.handle.net/10204/9913 |
en_ZA |
dc.identifier.chicagocitation |
Mouton, Francois, Alastair T Nottingham, Louise Leenen, and HS Venter. "Underlying finite state machine for the social engineering attack detection model." (2017): http://hdl.handle.net/10204/9913 |
en_ZA |
dc.identifier.vancouvercitation |
Mouton F, Nottingham AT, Leenen L, Venter H, Underlying finite state machine for the social engineering attack detection model; IEEE; 2017. http://hdl.handle.net/10204/9913 . |
en_ZA |
dc.identifier.ris |
TY - Conference Presentation
AU - Mouton, Francois
AU - Nottingham, Alastair T
AU - Leenen, Louise
AU - Venter, HS
AB - Information security is a fast-growing discipline, and relies on continued improvement of security measures to protect sensitive information. In general, human operators are often highly susceptible to manipulation, and tend to be one of the weakest links in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy with respect to formal definitions, attack frameworks, examples of attacks and detection models. In order to formally address social engineering in a broad context, this paper proposes the underlying finite state machine of the Social Engineering Attack Detection Model (SEADM). The model has been proven to successfully thwart social engineering attacks utilising either bidirectional communication, unidirectional communication or indirect communication. Proposing and exploring the underlying finite state machine of the model allows one to have a clearer overview of the mental processing performed within the model. While the current model provides a general procedural template for implementing detection mechanisms for social engineering attacks, the finite state machine provides a more abstract and extensible model that highlights the interconnections between task categories associated with different scenarios. The finite state machine is intended to help facilitate the incorporation of organisation specific extensions by grouping similar activities into distinct categories, subdivided into one or more states. In addition, it facilitates additional analysis on state transitions that are difficult to extract from the original flowchart based model.
DA - 2017-08
DB - ResearchSpace
DP - CSIR
KW - Bidirectional communication
KW - Finite state machine
KW - Indirect communication
KW - Social engineering
KW - Social engineering attack examples
KW - Social engineering attack detection model
KW - Social engineering attack framework
KW - Unidirectional communication
LK - https://researchspace.csir.co.za
PY - 2017
SM - 978-1-5386-0544-8
T1 - Underlying finite state machine for the social engineering attack detection model
TI - Underlying finite state machine for the social engineering attack detection model
UR - http://hdl.handle.net/10204/9913
ER -
|
en_ZA |