Модель оценки защищенности пользователей информационных систем от социоинженерных атак, опирающаяся на профиль компетенций злоумышленника и профиль уязвимостей пользователя

Максим Викторович Абрамов

The problem of analyzing the security of users of information systems from socio-engineering attacks
is quite topical at present in the field of information security. In this area, approaches to analyzing the security of users of
information systems from socio-engineering attacks have already been proposed. Assessments of the security of users of
information systems from socio-engineering attacks, the success of a socio-engineering attack were built on the basis of
profiles of vulnerabilities of users. Generalized models for assessing the probability of success of a socially engineered
attack were proposed. This article examines the approach to constructing assessments of the success of socially engineered
attacking influences, based on the profile of user vulnerabilities and the profile of competences of the attacker.

Translated title of the contribution	ESTIMATION MODEL OF THE INFORMATION SYSTEMS USERS PROTECTION FROM SOCIAL ENGINEERING ATTACKS DEVELOPING ON THE ATTACKER COMPETENCES PROFILE AND THE USER VULNURABILITIES PROFILE
Original language	Russian
Title of host publication	Региональная информатика (РИ-2018). XVI Санкт-Петербургская международная конференция «Региональная информатика (РИ-2018)». Санкт-Петербург, 24-26 октября 2018 г.
Subtitle of host publication	Материалы конференции
Place of Publication	СПб.
Publisher	Санкт-Петербургское Общество информатики, вычислительной техники, систем связи и управления
Pages	539-540
ISBN (Print)	978–5–907050–44–0
State	Published - 2018
Event	XVI Санкт-Петербургская Международная конференция Региональная информатика "РИ-2018" - Дом ученых им.Горького Российской Академии наук, Северо-Западный институт управления-филиал Российской академии народного хозяйства и государственной службы при Президенте Российской Федерации, Санкт-Петербург, Russian Federation Duration: 24 Oct 2018 → 26 Oct 2018 Conference number: XVI http://spoisu.ru

Conference

Conference	XVI Санкт-Петербургская Международная конференция Региональная информатика "РИ-2018"
Abbreviated title	РИ-2018
Country/Territory	Russian Federation
City	Санкт-Петербург
Period	24/10/18 → 26/10/18
Internet address	http://spoisu.ru

Research areas

information security, social engineering attacks, user vulnerabilities profile, attacker competences profile, user's security assessment, user protection

ID: 36937423