Abstract | ||
---|---|---|
Social engineering attacks have drawn more and more attention from both academia and industry, due to the serious threats they pose to information security via exploitation of human vulnerabilities. Unlike technology-based attacks, which have been investigated for decades, there is no efficient security requirements analysis approach for dealing with social engineering attacks. One major obstacle to this problem is the uncertainty of human behavior, making it difficult to effectively assess social engineering attacks. In this paper, we investigate the nature of social engineering attacks and identify their essential factors. Based on such findings, we formulate the problem of social engineering attack assessment, which can be quantitatively calculated using probabilistic model checking. Finally, we present a research agenda that details critical research directions and discusses corresponding challenges. |
Year | DOI | Venue |
---|---|---|
2019 | 10.1109/RE.2019.00051 | 2019 IEEE 27th International Requirements Engineering Conference (RE) |
Keywords | Field | DocType |
Social engineering attacks,security requirements engineering,likelihood assessment,model checking | Ontology (information science),Model checking,Computer science,Computer security,Information security,Requirements analysis,Requirements engineering,Social engineering (security),Probabilistic logic,Management science,Vulnerability | Conference |
ISSN | ISBN | Citations |
1090-705X | 978-1-7281-3913-5 | 0 |
PageRank | References | Authors |
0.34 | 8 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Tong Li | 1 | 148 | 30.10 |
Kaiyuan Wang | 2 | 0 | 0.34 |
Jennifer Horkoff | 3 | 888 | 69.90 |