User characteristics that influence judgment of social engineering attacks in social networks

Samar Muslah Albladi; George R.S. Weir

doi:10.1186/s13673-018-0128-7

User characteristics that influence judgment of social engineering attacks in social networks

Samar Muslah Albladi, George R.S. Weir

Research output: Contribution to journal › Article

8 Citations (Scopus)

Abstract

Social engineering is a growing source of information security concern. Exploits appear to evolve, with increasing levels of sophistication, in order to target multiple victims. Despite increased concern with this risk, there has been little research activity focused upon social engineering in the potentially rich hunting ground of social networks. In this setting, factors that influence users’ proficiency in threat detection need to be understood if we are to build a profile of susceptible users, develop suitable advice and training programs, and generally help address this issue for those individuals most likely to become targets of social engineering in social networks. To this end, the present study proposes and validates a user-centric framework based on four perspectives: socio-psychological, habitual, socio-emotional, and perceptual. Previous research tends to rely on selected aspects of these perspectives and has not combined them into a single model for a more cohesive understanding of user’s susceptibility.

Language	English
Article number	5
Number of pages	24
Journal	Human-centric Computing and Information Sciences
Volume	8
Issue number	1
DOIs	10.1186/s13673-018-0128-7
Publication status	Published - 28 Feb 2018

Fingerprint

Security of data

Keywords

deception
information security
phishing
social engineering
social network

Cite this

Albladi, S. M., & Weir, G. R. S. (2018). User characteristics that influence judgment of social engineering attacks in social networks. Human-centric Computing and Information Sciences, 8(1), [5]. https://doi.org/10.1186/s13673-018-0128-7

Albladi, Samar Muslah ; Weir, George R.S. / User characteristics that influence judgment of social engineering attacks in social networks. In: Human-centric Computing and Information Sciences. 2018 ; Vol. 8, No. 1.

@article{6d7b644e71814ef99561814d532da4dc,

title = "User characteristics that influence judgment of social engineering attacks in social networks",

abstract = "Social engineering is a growing source of information security concern. Exploits appear to evolve, with increasing levels of sophistication, in order to target multiple victims. Despite increased concern with this risk, there has been little research activity focused upon social engineering in the potentially rich hunting ground of social networks. In this setting, factors that influence users’ proficiency in threat detection need to be understood if we are to build a profile of susceptible users, develop suitable advice and training programs, and generally help address this issue for those individuals most likely to become targets of social engineering in social networks. To this end, the present study proposes and validates a user-centric framework based on four perspectives: socio-psychological, habitual, socio-emotional, and perceptual. Previous research tends to rely on selected aspects of these perspectives and has not combined them into a single model for a more cohesive understanding of user’s susceptibility.",

keywords = "deception, information security, phishing, social engineering, social network",

author = "Albladi, {Samar Muslah} and Weir, {George R.S.}",

year = "2018",

month = "2",

day = "28",

doi = "10.1186/s13673-018-0128-7",

language = "English",

volume = "8",

journal = "Human-centric Computing and Information Sciences",

issn = "2192-1962",

number = "1",

}

Albladi, SM & Weir, GRS 2018, 'User characteristics that influence judgment of social engineering attacks in social networks' Human-centric Computing and Information Sciences, vol. 8, no. 1, 5. https://doi.org/10.1186/s13673-018-0128-7

User characteristics that influence judgment of social engineering attacks in social networks. / Albladi, Samar Muslah ; Weir, George R.S.

In: Human-centric Computing and Information Sciences, Vol. 8, No. 1, 5, 28.02.2018.

Research output: Contribution to journal › Article

TY - JOUR

T1 - User characteristics that influence judgment of social engineering attacks in social networks

AU - Albladi, Samar Muslah

AU - Weir, George R.S.

PY - 2018/2/28

Y1 - 2018/2/28

N2 - Social engineering is a growing source of information security concern. Exploits appear to evolve, with increasing levels of sophistication, in order to target multiple victims. Despite increased concern with this risk, there has been little research activity focused upon social engineering in the potentially rich hunting ground of social networks. In this setting, factors that influence users’ proficiency in threat detection need to be understood if we are to build a profile of susceptible users, develop suitable advice and training programs, and generally help address this issue for those individuals most likely to become targets of social engineering in social networks. To this end, the present study proposes and validates a user-centric framework based on four perspectives: socio-psychological, habitual, socio-emotional, and perceptual. Previous research tends to rely on selected aspects of these perspectives and has not combined them into a single model for a more cohesive understanding of user’s susceptibility.

AB - Social engineering is a growing source of information security concern. Exploits appear to evolve, with increasing levels of sophistication, in order to target multiple victims. Despite increased concern with this risk, there has been little research activity focused upon social engineering in the potentially rich hunting ground of social networks. In this setting, factors that influence users’ proficiency in threat detection need to be understood if we are to build a profile of susceptible users, develop suitable advice and training programs, and generally help address this issue for those individuals most likely to become targets of social engineering in social networks. To this end, the present study proposes and validates a user-centric framework based on four perspectives: socio-psychological, habitual, socio-emotional, and perceptual. Previous research tends to rely on selected aspects of these perspectives and has not combined them into a single model for a more cohesive understanding of user’s susceptibility.

KW - deception

KW - information security

KW - phishing

KW - social engineering

KW - social network

UR - http://www.scopus.com/inward/record.url?scp=85042652340&partnerID=8YFLogxK

U2 - 10.1186/s13673-018-0128-7

DO - 10.1186/s13673-018-0128-7

M3 - Article

VL - 8

JO - Human-centric Computing and Information Sciences

T2 - Human-centric Computing and Information Sciences