Social Engineering Attack Detection Model: SEADMv2

Mouton, Francois; Leenen, Louise; Venter, Hein S.

doi:10.1109/cw.2015.52

Cited by 28 publications

(20 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Also, the authors will use these templates to expand on existing research on social engineering attack detection models and to propose specific attack detection models for each type of communication. [60] …”

Section: Resultsmentioning

confidence: 99%

See 1 more Smart Citation

Social engineering attack examples, templates and scenarios

Mouton

Leenen

Venter

2016

Computers & Security

Self Cite

124

View full text Add to dashboard Cite

The field of information security is a fast-growing discipline. Even though the effectiveness of security measures to protect sensitive information is increasing, people remain susceptible to manipulation and thus the human element remains a weak link. A social engineering attack targets this weakness by using various manipulation techniques to elicit sensitive information. The field of social engineering is still in its early stages with regard to formal definitions, attack frameworks and templates of attacks. This paper proposes detailed social engineering attack templates that are derived from real-world social engineering examples. Current documented examples of social engineering attacks do not include all the attack steps and phases. The proposed social engineering attack templates attempt to alleviate the problem of limited documented literature on social engineering attacks by mapping the real-world examples to the social engineering attack framework. Mapping several similar real-world examples to the social engineering attack framework allows one to establish a detailed flow of the attack whilst abstracting subjects and objects. This mapping is then utilised to propose the generalised social engineering attack templates that are representative of real-world examples, whilst still being general enough to encompass several different real-world examples. The proposed social engineering attack templates cover all three types of communication, namely bidirectional communication, unidirectional communication and indirect communication. In order to perform comparative studies of different social engineering models, processes and frameworks, it is necessary to have a formalised set of social engineering attack scenarios that are fully detailed in every phase and step of the process. The social engineering attack templates are converted to social engineering attack scenarios by populating the template with both subjects and objects from real-world examples whilst still maintaining the detailed flow of the attack as provided in the template. Furthermore, this paper illustrates how the social engineering attack scenarios are applied to verify a social engineering attack detection model. These templates and scenarios can be used by other researchers to either expand on, use for comparative measures, create additional examples or evaluate models for completeness. Additionally, the proposed social engineering attack templates can also be used to develop social engineering awareness material.

show abstract

Section: Resultsmentioning

confidence: 99%

“…In previous research, the authors proposed a social engineering attack detection model (SEADM) which was designed to allow users of the model to be more vigilant against social engineering attacks [60]. The model is depicted in Figure 3.…”

Section: Application Of the Social Engineering Attack Templatesmentioning

confidence: 99%

Social engineering attack examples, templates and scenarios

Mouton

Leenen

Venter

2016

Computers & Security

Self Cite

124

View full text Add to dashboard Cite

show abstract

“…In Heartfield and Loukas (2018) the authors show that the human factor is the weakest link in social engineering attacks and based on a human study the prove that. In Bezuidenhout et al (2010) and Mouton et al (2015) the authors provide a theoretical foundation that potentially could be used in real systems to detect attacks. In the works of Nicholson et al (2017) it is explained how social engineering attacks can potentially be detected, whereas in Krombholz et al (2015) and Mouton et al (2016) different examples of attacks with scenarios are presented.…”

Section: Related Workmentioning

confidence: 99%

SEADer++: social engineering attack detection in online environments using machine learning

Lansley

Mouton

Kapetanakis

et al. 2020

Journal of Information and Telecommunication

Self Cite

View full text Add to dashboard Cite

Social engineering attacks are one of the most well-known and easiest to apply attacks in the cybersecurity domain. Research has shown that the majority of attacks against computer systems was based on the use of social engineering methods. Considering the importance of emerging fields such as machine learning and cybersecurity we have developed a method that detects social engineering attacks that is based on natural language processing and artificial neural networks. This method can be applied in offline texts or online environments and flag a conversation as a social engineering attack or not. Initially, the conversation text is parsed and checked for grammatical errors using natural language processing techniques and then an artificial neural network is used to classify possible attacks. The proposed method has been evaluated using a real dataset and a semi-synthetic dataset with very high accuracy results. Furthermore, alternative classification methods have been used for comparisons in both datasets.

show abstract

“…The authors have previously performed research within the field of social engineering that focused on formalising and expanding upon concepts in the field. This research included proposing a social engineering attack framework, providing social engineering attack examples, considering ethical questions relating to social engineering, and both developing and revising the Social Engineering Attack Detection Model (SEADM) [11][12][13][14].…”

Section: Introductionmentioning

confidence: 99%

Finite State Machine for the Social Engineering Attack Detection Model: SEADM

et al. 2018

Self Cite

View full text Add to dashboard Cite

Information security is a fast-growing discipline, and relies on continued improvement of security measures to protect sensitive information. Human operators are one of the weakest links in the security chain as they are highly susceptible to manipulation. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy with respect to formal definitions, attack frameworks, and examples of attacks and detection models. In order to formally address social engineering in a broad context, this paper proposes the underlying abstract finite state machine of the Social Engineering Attack Detection Model (SEADM). The model has been shown to successfully thwart social engineering attacks utilising either bidirectional communication, unidirectional communication or indirect communication. Proposing and exploring the underlying finite state machine of the model allows one to have a clearer overview of the mental processing performed within the model. While the current model provides a general procedural template for implementing detection mechanisms for social engineering attacks, the finite state machine provides a more abstract and extensible model that highlights the inter-connections between task categories associated with different scenarios. The finite state machine is intended to help facilitate the incorporation of organisation specific extensions by grouping similar activities into distinct categories, subdivided into one or more states. The finite state machine is then verified by applying it to representative social engineering attack scenarios from all three streams of possible communication. This verifies that all the capabilities of the SEADM are kept in tact, whilst being improved, by the proposed finite state machine.

show abstract

Social Engineering Attack Detection Model: SEADMv2

Cited by 28 publications

References 7 publications

Social engineering attack examples, templates and scenarios

Social engineering attack examples, templates and scenarios

SEADer++: social engineering attack detection in online environments using machine learning

Finite State Machine for the Social Engineering Attack Detection Model: SEADM

Contact Info

Product

Resources

About