Semantic Scholar Open Access 2020 26 sitasi

A Risk Analysis Framework for Social Engineering Attack Based on User Profiling

Ziwei Ye Yuanbo Guo A. Ju Fushan Wei Ruijie Zhang +1 lainnya

Lihat Sumber DOI

Abstrak

Social engineering attacks are becoming serious threats to cloud service. Social engineering attackers could get Cloud service custom privacy information or attack virtual machine images directly. Existing security analysis instruments are difficult to quantify the social engineering attack risk, resulting in invalid defense guidance for social engineering attacks. In this article, a risk analysis framework for social engineering attack is proposed based on user profiling. The framework provides a pathway to quantitatively calculate the possibility of being compromised by social engineering attack and potential loss, so as to effectively complement current security assessment instruments. The frequency of related operations is used to profile and group users for respective risk calculation, and other features such as security awareness and capability of protection mechanism are also considered. Finally, examples are given to illustrate how to use the framework in actual scenario and apply it to security assessment.

Topik & Kata Kunci

Computer Science

Penulis (6)

Ziwei Ye

Yuanbo Guo

A. Ju

Fushan Wei

Ruijie Zhang

Jun Ma

Format Sitasi

APA MLA BibTeX

Ye, Z., Guo, Y., Ju, A., Wei, F., Zhang, R., Ma, J. (2020). A Risk Analysis Framework for Social Engineering Attack Based on User Profiling. https://doi.org/10.4018/joeuc.2020070104

Akses Cepat

Lihat di Sumber doi.org/10.4018/joeuc.2020070104

Informasi Jurnal

Tahun Terbit: 2020
Bahasa: en
Total Sitasi: 26×
Sumber Database: Semantic Scholar
DOI: 10.4018/joeuc.2020070104
Akses: Open Access ✓