Despite heavy investment in security infrastructure cyber crime is still growing both in quantity and quality. With the enormous growth in adoption of Internet enabled applications and devices the focus for cyber criminals is increasingly shifting from exploiting software vulnerabilities to exploiting vulnerabilities in human behavior through the use of social engineering methodologies. However, there only has been intermittent and as a result in exhaustive academic scrutiny on it till date.
The objective of this research, therefore, is to reinvigorate the extant research on cyber crimes built using social engineering principles by giving new directions and in-depth perspectives.
This research focuses on new and emerging attack types, level of awareness regarding these attack types and the impact these new attack types potentially have on users’ ability to detect
The new and emerging attack types are presented across two separate research studies that result in a taxonomy of social engineering attacks.
In order to understand the level of awareness and preparedness to tackle these new forms of attacks, a qualitative study of security policies for online banking industry is carried out.
Finally, the impact of these new types of social engineering attacks is tested through an experimental study where subjects are exposed to a simulated version of some of these attacks in order to test their deception detection abilities.
Together, the conceptual and the empirical studies contribute to research by: (1) providing a
systematic way to categorize social engineering attack types (2) suggesting a framework for
organizations to audit the adequacy of their security policies and (3) a revealing a new
direction and method for analyzing the impact of these attack types on users’ ability to detect
File Type: PDF
File Size: 4.19 MB
Total Pages: 194
Direct Link Mega:
Direct Link AnonFiles:
Direct Link Mediafire:
Direct Link Solidfiles:
Direct Link Sabercathost:
Direct Link Tusfiles: