Time-Based Model of the Success of a Malefactor’s Multistep Social Engineering Attack on a User

Research output: Chapter in Book/Report/Conference proceedingConference contributionResearchpeer-review

Abstract

Multistep social engineering attacks (that involve a chain of users) are a serious threat to an organization’s information security. Usually such attacks require an integrated approach to reduce the probability of their success. This approach can be analysis of the social graph with modeling of scenarios for the spread of multistep social engineering attacks, highlighting the most critical among them, the development of ways to reduce criticality and directly implement the most effective measures. The goal of this work was to improve the approach to modeling multistep social engineering attack by including the factor of accidents in the model of a malefactor’s actions. The novelty of the research lies in the proposal of the new approach to the analysis of multistep social engineering attacks, taking into account the factor of accidents of the malefactor’s actions. The theoretical significance of the work is to create a foundation for further modeling and analysis of multistep social engineering attacks. The practical significance of the study lies in the formation of a tool for a comprehensive analysis of the organization to identify the most critical scenarios for the development of social engineering attacks.

Original languageEnglish
Title of host publicationProceedings of the 5th International Scientific Conference “Intelligent Information Technologies for Industry”, IITI 2021
EditorsSergey Kovalev, Valery Tarassov, Vaclav Snasel, Andrey Sukhanov
PublisherSpringer Nature
Pages216-223
Number of pages8
ISBN (Print)9783030871772
DOIs
StatePublished - 2022
Event5th International Scientific Conference on Intelligent Information Technologies for Industry, IITI 2021 - Sochi, Russian Federation
Duration: 30 Sep 20214 Oct 2021

Publication series

NameLecture Notes in Networks and Systems
Volume330 LNNS
ISSN (Print)2367-3370
ISSN (Electronic)2367-3389

Conference

Conference5th International Scientific Conference on Intelligent Information Technologies for Industry, IITI 2021
Country/TerritoryRussian Federation
CitySochi
Period30/09/214/10/21

Scopus subject areas

  • Control and Systems Engineering
  • Signal Processing
  • Computer Networks and Communications

Keywords

  • Epidemic model
  • Heterogeneous network models
  • Information security
  • Multistep social engineering attacks
  • SIS model
  • Social engineering
  • Social graph

Fingerprint

Dive into the research topics of 'Time-Based Model of the Success of a Malefactor’s Multistep Social Engineering Attack on a User'. Together they form a unique fingerprint.

Cite this