Abstract
In this research we present the hybrid model of finding the most critical distribution trajectories of multipath Social engineering attacks, passing through which by the malefactor on a global basis has the topmost degree of probability and will bring the greatest loss to the company. The solution of search problem concerning the most critical trajectories rests upon the assumption that the estimated probabilities of the direct Social engineering attack on user, degree evaluation of documents’ criticality, the estimated probabilities of Social engineering attack’s distribution from user to user are premised on linguistic indistinct variables are already calculated. The described model finds its application at creation when constructing the estimates of information systems users’ safety against Social engineering attacks and promotes well-timed informing of decision-makers on the vulnerabilities which being available in system.
The research was carried out in the framework of the project on state assignment SPIIRAS № 0073-2019-0003, with the financial support of the RFBR (project №18-01-00626, № 18-37-00323).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Abramov, M., Tulupyeva, T., Tulupyev, A.: Social Engineering Attacks: social networks and user security estimates. SUAI, St. Petersburg (2018), 266 p.
Amato, F., Castiglione, A., De Santo, A., Moscato, V., Picariello, A., Persia, F., Sperlí, G.: Recognizing human behaviours in online social networks. Comput. Secur. 74, 355–370 (2018)
Coughlan, S.: ‘Sharenting’ puts young at risk of online fraud. https://www.bbc.com/news/education-44153754. Accessed 03 Apr 2019
Cyber security facts and statistics for 2018 fraud. https://us.norton.com/internetsecurity-emerging-threats-10-facts-about-todays-cybersecurity-landscape-that-you-should-know.html. Accessed 11 Apr 2019
Cybersecurity threatscape 2018: trends and forecasts. https://www.ptsecurity.com/ww-en/analytics/cybersecurity-threatscape-2018/. Accessed 28 Mar 2019
Edwards, M., Larson, R., Green, B., Rashid, A., Baron, A.: Panning for gold: automatically analysing online social engineering attack surfaces. Comput. Secur. 69, 18–34 (2017)
Khlobystova, A., Abramov, M., Tulupyev, A.: An approach to estimating of criticality of social engineering attacks traces. Studies in Systems. Decision and Control, pp. 446–456 (2019)
Khlobystova, A., Abramov, M., Tulupyev, A.: Identifying the most critical trajectory of the spread of a social engineering attack between two users. In: The Second International Scientific and Practical Conference “Fuzzy Technologies in the Industry – FTI 2018”. CEUR Workshop Proceedings, pp. 38–43 (2018)
Li, J., Zhang, Y., Chen, X., Xiang, Y.: Secure attribute-based data sharing for resource-limited users in cloud computing. Comput. Secur. 72, 1–12 (2018)
Muhammad, K., Sajjad, M., Mehmood, I., Rho, S., Baik, S.W.: Image steganography using uncorrelated color space and its application for security of visual contents in online social networks. Future Gener. Comput. Syst. 86, 951–960 (2018)
Musuva, P.M.W., Getao, K.W., Chepken, C.K.: A new approach to modelling the effects of cognitive processing and threat detection on phishing susceptibility. Comput. Hum. Behav. 94, 154–175 (2019)
Protecting People: A Quarterly Analysis of Highly Targeted Cyber Attacks. https://www.proofpoint.com/us/resources/threat-reports/quarterly-threat-analysis. Accessed 20 Jan 2019
Sahingoz, O.K., Buber, E., Demir, O., Diri, B.: Machine learning based phishing detection from URLs. Expert Syst. Appl. 117, 345–357 (2019)
Tang, J., Meng, F., Zhang, S., An, Q.: Group decision making with interval linguistic hesitant fuzzy preference relations. Expert Syst. Appl. 119, 231–246 (2019)
Tian, Z.P., Wang, J., Wang, J.Q., Chen, X.H.: Multicriteria decision-making approach based on gray linguistic weighted Bonferroni mean operator. Int. Trans. Oper. Res. 25(5), 1635–1658 (2018)
Vance, A., Lowry, P.B., Eggett, D.L.: Increasing accountability through the user interface design artifacts: a new approach to addressing the problem of access-policy violations. MIS Q. 39(2), 345–366 (2015)
Vishwanath, A., Harrison, B., Ng, Y.J.: Suspicion, cognition, and automaticity model of phishing susceptibility. Commun. Res. 45(8), 1146–1166 (2018)
Williams, E.J., Hinds, J., Joinson, A.N.: Exploring susceptibility to phishing in the workplace. Int. J. Hum Comput Stud. 120, 1–13 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Khlobystova, A., Abramov, M., Tulupyev, A. (2020). Employees’ Social Graph Analysis: A Model of Detection the Most Criticality Trajectories of the Social Engineering Attack’s Spread. In: Kovalev, S., Tarassov, V., Snasel, V., Sukhanov, A. (eds) Proceedings of the Fourth International Scientific Conference “Intelligent Information Technologies for Industry” (IITI’19). IITI 2019. Advances in Intelligent Systems and Computing, vol 1156. Springer, Cham. https://doi.org/10.1007/978-3-030-50097-9_20
Download citation
DOI: https://doi.org/10.1007/978-3-030-50097-9_20
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-50096-2
Online ISBN: 978-3-030-50097-9
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)