Social Engineering Defender (SE.Def): Human Emotion Factor Based Classification and Defense against Social Engineering Attacks

Abstract

One of the weakest links in any security system is neither the devices used nor the programs running on them; but the human beings using these devices. Most cyberattacks are initiated by human error. Hackers always use the most accessible and effective social engineering techniques to attack. Simply put, it is the art of manipulating people into sharing sensitive and confidential information. This research proposes a framework with four modules, namely, a source analyzer, a content classifier and analyzer, a link analyzer, and a risk reporting module, as a social engineering defender system for categorizing the risks before the email reaches the inbox of the user. Before it reaches the end user’s inbox, the system blocks the emails the social engineering defender has marked as “very high risk”.