Approaches to Modeling Development Scenarios of Multistep Social Engineering Attacks

Abstract

Now Russian and foreign researchers are actively working on the problem of enhanced information security, specifically protect the organization from social engineering attacks. Which in turn can be direct and multistep. Multistep social engineering attacks are characterized by a chain of users become involved in the attack for obtain the greatest benefit by malefactors. The article focuses on improving approaches to modeling multistep social engineering attacks on the user. This study finds its application in the further design of complex information security management systems of an organization, namely, in the development of an automated complex for identifying the most critical nodes of an information system under social engineering attacks.