TY - GEN

T1 - Soft estimates of user protection from social engineering attacks

T2 - 8th Conference on Artificial Intelligence and Natural Language, AINL 2019

AU - Abramov, Maxim V.

AU - Tulupyev, Alexander L.

PY - 2019/1/1

Y1 - 2019/1/1

N2 - The material is devoted to solving an individual task of the research aimed at automating the construction of estimates of protection of users and, indirectly, critical documents from social engineering attacks. This issue is closely related to soft social computing. Also the estimates of protection of users are the basis of building a expert system, which can substitute for a social engineering specialist. The material describes the models of the following: the malefactor, the user, the relationships between them, the critical document, the information system, all of which represent the basic entities necessary for simulating social engineering attacks and building appropriate attack trees. Here we propose an approach to estimating the probability of a successful social engineering attacking impact by a malefactor on the user, based on the use of triangular norms. The conclusion is reached that in conditions of a lack of information for soft estimates at this stage, t-norms may be applicable, since, firstly, they provide the expected properties of a combination of the malefactor’s competency and user vulnerability models, secondly, they are not computationally difficult and, thirdly, in a number of cases allow for an understandable interpretation within the proposed area.

AB - The material is devoted to solving an individual task of the research aimed at automating the construction of estimates of protection of users and, indirectly, critical documents from social engineering attacks. This issue is closely related to soft social computing. Also the estimates of protection of users are the basis of building a expert system, which can substitute for a social engineering specialist. The material describes the models of the following: the malefactor, the user, the relationships between them, the critical document, the information system, all of which represent the basic entities necessary for simulating social engineering attacks and building appropriate attack trees. Here we propose an approach to estimating the probability of a successful social engineering attacking impact by a malefactor on the user, based on the use of triangular norms. The conclusion is reached that in conditions of a lack of information for soft estimates at this stage, t-norms may be applicable, since, firstly, they provide the expected properties of a combination of the malefactor’s competency and user vulnerability models, secondly, they are not computationally difficult and, thirdly, in a number of cases allow for an understandable interpretation within the proposed area.

KW - Artificial intelligence

KW - Attack graph

KW - Behavioral factors

KW - Expert system

KW - Information security

KW - Knowledge engineering

KW - Network security analysis

KW - Social engineering attacks

KW - Soft estimates

KW - Soft social computing

UR - http://www.scopus.com/inward/record.url?scp=85076199567&partnerID=8YFLogxK

U2 - 10.1007/978-3-030-34518-1_4

DO - 10.1007/978-3-030-34518-1_4

M3 - Conference contribution

AN - SCOPUS:85076199567

SN - 9783030345174

T3 - Communications in Computer and Information Science

SP - 47

EP - 58

BT - Artificial Intelligence and Natural Language - 8th Conference, AINL 2019, Proceedings

A2 - Ustalov, Dmitry

A2 - Filchenkov, Andrey

A2 - Pivovarova, Lidia

PB - Springer Nature

Y2 - 20 November 2019 through 22 November 2019

ER -