Presentation the interaction of the subject and the object of socio-engineering influence with a social graph

Authors

  • Olha Kruk Pukhov Institute for Modelling in Energy Engineering, Ukraine
  • Rostyslav Herasymov Pukhov Institute for Modelling in Energy Engineering, Ukraine
  • Oksana Tsurkan Pukhov Institute for Modelling in Energy Engineering,

Abstract

The use of social engineering as an interaction between an attacker and an employee is considered. It shows its focus on receiving sensitive information. This is achieved by an attacker by studying, engaging, trusting, using employee trust. To prevent this, psycho-personal qualities, professional competences of the social engineer and employee are taken into account, and their interaction is represented by a social graph. Its tops reflect a social engineer, employee, quality and compensation; connections – the relationship between them. This approach will make it impossible to manipulate the employee’s mind.

References

O. Tsurkan, R. Herasymov, and O. Kruk, “Methods of counteracting social engineering”, Information Technology and Security, vol. 7., iss. 2 (13), pp. 161-170, July-December 2019, doi: 10.20535/2411-1031.2019.7.2. 190563.

F. Mouton, L. Leenen, and H. Venter, “Social engineering attack examples, templates and scenarios”, Computers & Security, vol. 59, pp. 186-209, September 2016, doi: 10.1016/j.cose.2016.03.004.

S. Ellis, “Social Engineering Deceptions and Defenses”, in Computer and Information Security Handbook, J. Vassa, Eds. Burlington, USA: Morgan Kaufmann, 2017, pp. 465-474, doi: 10.1016/B978-0-12-803843-7.00029-6.

A. Fathollahi-Fard, M. Hajiaghaei-Keshteli, and R. Tavakkoli-Moghaddam, “The Social Engineering Optimizer (SEO)”, Engineering applications of artificial intelligence, vol. 72, pp. 267-293, June 2018, doi:10.1016/j.engappai.2018.04.009.

V.V. Mokhor, O.V. Tsurkan, R.P. Herasymov, and V.V. Tsurkan, “Information Security Assessment of Computer Systems by Socio-engineering Approach”, Selected Papers of the XVII International Scientific and Practical Conference “Information Technologies and Security”. Kyiv, 2017. pp. 92-98. [Online]. Available: http://ceur-ws.org/Vol2067/paper13.pdf.

J. Gross, J. Yellen, and M. Anderson, Graph theory and its applications. Boca Raton, USA: CRC Press, 2019.

CSITIC-2020

Downloads

Published

2020-04-23

Issue

2020: COMPUTER AND INFORMATION SYSTEMS AND TECHNOLOGIES

Section

RELIABILITY AND SAFETY ASSURANCE TECHNOLOGIES FOR COMPUTER AND INFORMATIONAL SYSTEMS