User characteristics that influence judgment of social engineering attacks in social networks

Albladi, Samar Muslah; Weir, George R. S.

doi:10.1186/s13673-018-0128-7

Cited by 53 publications

(41 citation statements)

References 42 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This raises the necessity of finding a solution that helps the user toward acceptable defensive behaviour in the social network (SN) setting. Identifying the user characteristics that make them more or less vulnerable to social engineering threats is a major step toward protecting against such threats (Albladi and Weir 2018). Knowing where weakness resides can help focus awareness-raising and target training sessions for those individuals, with the aim of reducing their likely victimisation.…”

Section: Introductionmentioning

confidence: 99%

Predicting individuals’ vulnerability to social engineering in social networks

Albladi

Weir

2020

Cybersecur

Self Cite

View full text Add to dashboard Cite

The popularity of social networking sites has attracted billions of users to engage and share their information on these networks. The vast amount of circulating data and information expose these networks to several security risks. Social engineering is one of the most common types of threat that may face social network users. Training and increasing users' awareness of such threats is essential for maintaining continuous and safe use of social networking services. Identifying the most vulnerable users in order to target them for these training programs is desirable for increasing the effectiveness of such programs. Few studies have investigated the effect of individuals' characteristics on predicting their vulnerability to social engineering in the context of social networks. To address this gap, the present study developed a novel model to predict user vulnerability based on several perspectives of user characteristics. The proposed model includes interactions between different social network-oriented factors such as level of involvement in the network, motivation to use the network, and competence in dealing with threats on the network. The results of this research indicate that most of the considered user characteristics are factors that influence user vulnerability either directly or indirectly. Furthermore, the present study provides evidence that individuals' characteristics can identify vulnerable users so that these risks can be considered when designing training and awareness programs.

show abstract

Section: Introductionmentioning

confidence: 99%

Predicting individuals’ vulnerability to social engineering in social networks

Albladi

Weir

2020

Cybersecur

Self Cite

View full text Add to dashboard Cite

show abstract

“…When trying to evaluate human behavior towards online threats, it is crucial to identify the human factors related to those threats. According to the existing literature, demographic factors, Internet use, and security knowledge have been found as some of the major determinants associated with social engineering attacks [13,14].…”

Section: Introductionmentioning

confidence: 99%

“…Age. According to [13], young Internet users are more susceptible to phishing or social engineering attacks. Similar findings were concluded by Airehrour et al [14], who stated that people in the age group 28-38 years are less vulnerable to social engineering attacks.…”

Section: Introductionmentioning

confidence: 99%

“…Parrish et al [20] propose a model showcasing experience as a factor that affects an Internet user's judgment. Albladi and Weir [13] concluded that significant experience in the field of information security impacts an Internet user's chances of being a victim of social engineering attacks. By 'past experiences' the authors refer to previous incidents faced by the users in which they had been victims of any kind of social engineering attacks such as phishing or identity theft.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Does Awareness of Social Engineering Make Employees More Secure?

Aldawood¹,

Alashoor²,

Skinner³

2020

IJCA

View full text Add to dashboard Cite

Social engineering has become one of the biggest security threats facing organizations. Rather than relying upon information security technical-related shortcomings to break into computer networks, social engineers make use of employees' individual and organizational traits to deceive them. In such a scenario, it is crucial for organizations to ensure that their employees not only possess sound knowledge about information security but also about the concept of social engineering and threats emerging from social engineering attacks. This study aims to test whether awareness of social engineering can predict and explain individuals' securityprotective practices. We conducted a survey of 265 employees working in different organizations in Saudi Arabia. The results suggest that awareness of social engineering is a positive predictor of security-protective practices above and beyond the predictability power of possessing information security knowledge. Thus, to reduce the probability of potential consequences of social engineering attacks, our study suggests that organizations should not only strive to enhance employees' security knowledge but should also invest in increasing employees' awareness of social engineering.

show abstract

“…Heuristic-based malware detection involves malware scanning to detect features suspected of malicious behavior. Towards this end, many dynamic and static analysis methods have been developed [8][9][10][11]. A dynamic analysis method detects malicious behavior by executing the malware itself in an isolated virtual environment [12], whereas a static analysis method detects malicious behavior by identifying the overall structure without executing the malware [13,14].…”

Section: Introductionmentioning

confidence: 99%

FastText-Based Local Feature Visualization Algorithm for Merged Image-Based Malware Classification Framework for Cyber Security and Cyber Defense

Jang

Sung

2020

Mathematics

View full text Add to dashboard Cite

The importance of cybersecurity has recently been increasing. A malware coder writes malware into normal executable files. A computer is more likely to be infected by malware when users have easy access to various executables. Malware is considered as the starting point for cyber-attacks; thus, the timely detection, classification and blocking of malware are important. Malware visualization is a method for detecting or classifying malware. A global image is visualized through binaries extracted from malware. The overall structure and behavior of malware are considered when global images are utilized. However, the visualization of obfuscated malware is tough, owing to the difficulties encountered when extracting local features. This paper proposes a merged image-based malware classification framework that includes local feature visualization, global image-based local feature visualization, and global and local image merging methods. This study introduces a fastText-based local feature visualization method: First, local features such as opcodes and API function names are extracted from the malware; second, important local features in each malware family are selected via the term frequency inverse document frequency algorithm; third, the fastText model embeds the selected local features; finally, the embedded local features are visualized through a normalization process. Malware classification based on the proposed method using the Microsoft Malware Classification Challenge dataset was experimentally verified. The accuracy of the proposed method was approximately 99.65%, which is 2.18% higher than that of another contemporary global image-based approach.

show abstract

User characteristics that influence judgment of social engineering attacks in social networks

Cited by 53 publications

References 42 publications

Predicting individuals’ vulnerability to social engineering in social networks

Predicting individuals’ vulnerability to social engineering in social networks

Does Awareness of Social Engineering Make Employees More Secure?

FastText-Based Local Feature Visualization Algorithm for Merged Image-Based Malware Classification Framework for Cyber Security and Cyber Defense

Contact Info

Product

Resources

About