A Study on the Psychology of Social Engineering-Based Cyberattacks and Existing Countermeasures

Siddiqi, Murtaza Ahmed; Pak, Wooguil; Siddiqi, Moquddam A.

doi:10.3390/app12126042

Cited by 41 publications

(32 citation statements)

References 73 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The results highlighted the important implications of increasing literacy in relation to cyber security. Siddiqi et al [40] suggested methods to counter SECA and concluded that training and educating individuals about cybersecurity measures and SECA is the top priority. With greater knowledge of the risk of attacks, a person can be more alert to SECAs.…”

Section: Discussionmentioning

confidence: 99%

Are You a Soft Target for Cyber Attack? Drivers of Susceptibility to Social Engineering-Based Cyber Attack (SECA): A Case Study of Mobile Messaging Application

Wulandari

Adnan

Wicaksono

2022

Human Behavior and Emerging Technologies

View full text Add to dashboard Cite

A rise in working and studying from home, activities which depend on the Internet, and the exchange of data coupled with a lack of understanding about security for interacting in cyberspace have made cybersecurity one of the most pressing concerns today. One form, in particular, is a social engineering-based cyber attack. Unfortunately, not much research has been conducted on the susceptibility factors that cause this to happen. This study attempts to understand what factors make a person susceptible to cyber attacks that can be seen from three perspectives: habitual perspective, perception perspective, and social and motivation perspective. The objective of the research is to identify specific characteristics and drivers regarding the social engineering-based cyber attack (SECA) susceptibility of a consumer exposed to social media messaging applications. A quantitative survey was employed to test a total of 114 respondents in Indonesia who are categorized as active Internet users. The study found variables within two of the three perspectives that positively contributed to a consumer’s susceptibility to cyberattack. These factors will provide valuable insight into prevention and knowledge of related risks of cyberattacks based on social engineering in the future.

show abstract

Section: Discussionmentioning

confidence: 99%

Are You a Soft Target for Cyber Attack? Drivers of Susceptibility to Social Engineering-Based Cyber Attack (SECA): A Case Study of Mobile Messaging Application

Wulandari

Adnan

Wicaksono

2022

Human Behavior and Emerging Technologies

View full text Add to dashboard Cite

show abstract

“…Yeo-Johnson [38] can be denoted as (5). Where 'j' represents feature attributes, 'λ' can be a R, and λ =1 gives the identity conversion.…”

Section: B Data Transformationmentioning

confidence: 99%

“…As per recent surveys, the reported cyberattacks in 2021 were approximately 5.1 billion [3] [4]. The reports also indicate a surge in sophisticated and high-impact cyberattacks on critical infrastructure globally [4] [5]. Understandably, such a high number of cyberattacks indicate the need for enhancement in network security approaches.…”

Section: Introductionmentioning

confidence: 99%

Tier-Based Optimization for Synthesized Network Intrusion Detection System

Siddiqi

Pak

2022

IEEE Access

View full text Add to dashboard Cite

The innovation and evolution of hacking methodologies have led to a sharp rise in cyber attacks, highlighting the need for enhanced network security approaches. Network intrusion detection systems based on machine learning are playing a significant role in the domain of network security. However, designing an optimal framework for a network intrusion detection system is an ongoing concern. In this study, an optimal framework for a network intrusion detection system based on image processing is proposed. The framework is a fusion of augmented feature selection flow with an image transformation and enhancement methodology. Initially, the proposed framework reduces the number of features to achieve overall efficiency. Later, the non-image data is transformed into images. The transformed images are then enhanced for achieving effective anomaly detection based on a deep-learning classifier. The proposed method is implemented on three diverse benchmark datasets of intrusion detection. To illustrate the efficiency of the proposed framework it is compared with some of the most recent publications on imageprocessing-based network intrusion detection systems.

show abstract

“…The authors in [8] used a modern approach to classify social engineering attacks based on the technique and the influence tactic that was employed. Furthermore, the authors mapped several types of attacks to various human vulnerabilities.…”

Section: Related Workmentioning

confidence: 99%

“…The difference between them lies in the fact that in compliance, a direct request is used to force a change in someone's behavior while in 'persuasion,' we are sending a message to force someone to change his/her behavior because of the message reception. Additionally, in [8], the authors further elaborate on influence methodologies, where they present the following categories: social influence, persuasion, attitude and behavior, trust and deception, language, and reasoning, countering social engineering-based cyberattacks, and machine learning-based countermeasures. Moreover, they classified the persuasion method into distinct types of persuasion: similarity, distraction, curiosity, and persuasion using authority.…”

Section: The Proposed Cse-pucmentioning

confidence: 99%

Utilizing Convolutional Neural Networks and Word Embeddings for Early-Stage Recognition of Persuasion in Chat-Based Social Engineering Attacks

2022

View full text Add to dashboard Cite

Social engineering is widely recognized as the key to successful cyber-attacks. Chat-based social engineering (CSE) attacks are attracting increasing attention because of recent changes in the digital work environment. Sophisticated CSE attacks target human personality traits, and persuasion is regarded as the catalyst to successful CSE attacks. To date, research in social engineering has mostly focused on phishing attacks, neglecting the importance of chat-based software. This paper describes the design and implementation of a persuasion classifier that utilizes machine learning and natural language processing techniques. For this purpose, a convolutional neural network was trained on a chat-based social engineering corpus (CSE Corpus), specifically annotated for recognizing Cialdini's persuasion principles. The proposed persuasion classifier network, named CSE-PUC, can determine whether a sentence carries a persuasive payload by producing a probability distribution over the sentence classes as a persuasion container. The present study is expected to contribute to our understanding of utilizing existing machine learning models and integrating context-aware information into real-life cyber security threats. The experimental application results reported in this work confirm that the approach taken can recognize persuasion methods and is thus able to protect an interlocutor from being victimized.

show abstract

A Study on the Psychology of Social Engineering-Based Cyberattacks and Existing Countermeasures

Cited by 41 publications

References 73 publications

Are You a Soft Target for Cyber Attack? Drivers of Susceptibility to Social Engineering-Based Cyber Attack (SECA): A Case Study of Mobile Messaging Application

Are You a Soft Target for Cyber Attack? Drivers of Susceptibility to Social Engineering-Based Cyber Attack (SECA): A Case Study of Mobile Messaging Application

Tier-Based Optimization for Synthesized Network Intrusion Detection System

Utilizing Convolutional Neural Networks and Word Embeddings for Early-Stage Recognition of Persuasion in Chat-Based Social Engineering Attacks

Contact Info

Product

Resources

About