Analysis and Defensive Tools for Social-Engineering Attacks on Computer Systems

Abstract

The weakest link in an information-security chain is often the user because people can be manipulated. Attacking computer systems with information gained from social interactions is one form of social engineering (K. Mitnick, et al. 2002). It can be much easier to do than targeting the complex technological protections of systems (J. McDermott, Social engineering - the weakest link in information security). In an effort to formalize social engineering for cyberspace, we are building models of trust and attack. Models help in understanding the bewildering number of different tactics that can be employed. Social engineering attacks can be complex with multiple ploys and targets; our models function as subroutines that are called multiple times to accomplish attack goals in a coordinated plan. Models enable us to infer good countermeasures to social engineering