ResearchSpace

Underlying finite state machine for the social engineering attack detection model

Show simple item record

dc.contributor.author Mouton, Francois
dc.contributor.author Nottingham, Alastair T
dc.contributor.author Leenen, Louise
dc.contributor.author Venter, HS
dc.date.accessioned 2018-01-04T10:44:27Z
dc.date.available 2018-01-04T10:44:27Z
dc.date.issued 2017-08
dc.identifier.citation Mouton, F. et al. 2017. Underlying finite state machine for the social engineering attack detection model. Information Security for South Africa Conference (ISSA2017), 16-17 August 2017, Sandton, Johannesburg, South Africa, pp. 98-105 en_US
dc.identifier.isbn 978-1-5386-0544-8
dc.identifier.uri http://www.infosecsa.co.za/Programme
dc.identifier.uri http://hdl.handle.net/10204/9913
dc.description Copyright: 2017 IEEE. Due to copyright restrictions, the attached PDF file only contains the abstract of the full text item. For access to the full text item, please consult the publisher's website. en_US
dc.description.abstract Information security is a fast-growing discipline, and relies on continued improvement of security measures to protect sensitive information. In general, human operators are often highly susceptible to manipulation, and tend to be one of the weakest links in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy with respect to formal definitions, attack frameworks, examples of attacks and detection models. In order to formally address social engineering in a broad context, this paper proposes the underlying finite state machine of the Social Engineering Attack Detection Model (SEADM). The model has been proven to successfully thwart social engineering attacks utilising either bidirectional communication, unidirectional communication or indirect communication. Proposing and exploring the underlying finite state machine of the model allows one to have a clearer overview of the mental processing performed within the model. While the current model provides a general procedural template for implementing detection mechanisms for social engineering attacks, the finite state machine provides a more abstract and extensible model that highlights the interconnections between task categories associated with different scenarios. The finite state machine is intended to help facilitate the incorporation of organisation specific extensions by grouping similar activities into distinct categories, subdivided into one or more states. In addition, it facilitates additional analysis on state transitions that are difficult to extract from the original flowchart based model. en_US
dc.language.iso en en_US
dc.publisher IEEE en_US
dc.relation.ispartofseries Worklist;19982
dc.subject Bidirectional communication en_US
dc.subject Finite state machine en_US
dc.subject Indirect communication en_US
dc.subject Social engineering en_US
dc.subject Social engineering attack examples en_US
dc.subject Social engineering attack detection model en_US
dc.subject Social engineering attack framework en_US
dc.subject Unidirectional communication en_US
dc.title Underlying finite state machine for the social engineering attack detection model en_US
dc.type Conference Presentation en_US
dc.identifier.apacitation Mouton, F., Nottingham, A. T., Leenen, L., & Venter, H. (2017). Underlying finite state machine for the social engineering attack detection model. IEEE. http://hdl.handle.net/10204/9913 en_ZA
dc.identifier.chicagocitation Mouton, Francois, Alastair T Nottingham, Louise Leenen, and HS Venter. "Underlying finite state machine for the social engineering attack detection model." (2017): http://hdl.handle.net/10204/9913 en_ZA
dc.identifier.vancouvercitation Mouton F, Nottingham AT, Leenen L, Venter H, Underlying finite state machine for the social engineering attack detection model; IEEE; 2017. http://hdl.handle.net/10204/9913 . en_ZA
dc.identifier.ris TY - Conference Presentation AU - Mouton, Francois AU - Nottingham, Alastair T AU - Leenen, Louise AU - Venter, HS AB - Information security is a fast-growing discipline, and relies on continued improvement of security measures to protect sensitive information. In general, human operators are often highly susceptible to manipulation, and tend to be one of the weakest links in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy with respect to formal definitions, attack frameworks, examples of attacks and detection models. In order to formally address social engineering in a broad context, this paper proposes the underlying finite state machine of the Social Engineering Attack Detection Model (SEADM). The model has been proven to successfully thwart social engineering attacks utilising either bidirectional communication, unidirectional communication or indirect communication. Proposing and exploring the underlying finite state machine of the model allows one to have a clearer overview of the mental processing performed within the model. While the current model provides a general procedural template for implementing detection mechanisms for social engineering attacks, the finite state machine provides a more abstract and extensible model that highlights the interconnections between task categories associated with different scenarios. The finite state machine is intended to help facilitate the incorporation of organisation specific extensions by grouping similar activities into distinct categories, subdivided into one or more states. In addition, it facilitates additional analysis on state transitions that are difficult to extract from the original flowchart based model. DA - 2017-08 DB - ResearchSpace DP - CSIR KW - Bidirectional communication KW - Finite state machine KW - Indirect communication KW - Social engineering KW - Social engineering attack examples KW - Social engineering attack detection model KW - Social engineering attack framework KW - Unidirectional communication LK - https://researchspace.csir.co.za PY - 2017 SM - 978-1-5386-0544-8 T1 - Underlying finite state machine for the social engineering attack detection model TI - Underlying finite state machine for the social engineering attack detection model UR - http://hdl.handle.net/10204/9913 ER - en_ZA


Files in this item

This item appears in the following Collection(s)

Show simple item record