Vulnerability to social engineering in social networks: a proposed user-centric framework

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

4 Citations (Scopus)

Abstract

Social networking sites have billions of users who communicate and share their personal information every day. Social engineering is considered one of the biggest threats to information security nowadays. Social engineering is an attacker technique to manipulate and deceive users in order to access or gain privileged information. Such attacks are continuously developed to deceive a high number of potential victims. The number of social engineering attacks has risen dramatically in the past few years, causing unpleasant damage both to organizations and individuals. Yet little research has discussed social engineering in the virtual environments of social networks. One approach to counter these exploits is through research that aims to understand why people fall victim to such attacks. Previous social engineering and deception research have not satisfactory identified the factors that influence the users' ability to detect attacks Characteristics that influence users' vulnerability must be investigated to address this issue and help to build a profile for vulnerable users in order to focus on increasing the training programs and education for those users. In this context, the present study proposes a user-centric framework to understand the user's susceptibility, relevant factors and dimensions.
LanguageEnglish
Title of host publication2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF)
EditorsBarry Cartwright, George Weir , Laurie Yiu-Chung Lau
Place of PublicationPiscataway, NJ
PublisherIEEE
Pages95-100
Number of pages6
ISBN (Print)9781509060962
DOIs
Publication statusPublished - 17 Nov 2016
EventThe 4th International Conference on CyberCrime and Computer Forensic (ICCCF) - Simon Fraser University, Vancouver, Canada
Duration: 12 Jun 201614 Jun 2016

Conference

ConferenceThe 4th International Conference on CyberCrime and Computer Forensic (ICCCF)
CountryCanada
CityVancouver
Period12/06/1614/06/16

Fingerprint

Security of data
Virtual reality
Education

Keywords

  • social engineering
  • social networks
  • information security
  • phishing

Cite this

Albladi, S., & Weir, G. R. S. (2016). Vulnerability to social engineering in social networks: a proposed user-centric framework. In B. Cartwright, G. Weir , & L. Y-C. Lau (Eds.), 2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF) (pp. 95-100). Piscataway, NJ: IEEE. https://doi.org/10.1109/ICCCF.2016.7740435
Albladi, Samar ; Weir, George R S. / Vulnerability to social engineering in social networks : a proposed user-centric framework. 2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF). editor / Barry Cartwright ; George Weir ; Laurie Yiu-Chung Lau. Piscataway, NJ : IEEE, 2016. pp. 95-100
@inproceedings{519979d155514ca8a01cb22305e41849,
title = "Vulnerability to social engineering in social networks: a proposed user-centric framework",
abstract = "Social networking sites have billions of users who communicate and share their personal information every day. Social engineering is considered one of the biggest threats to information security nowadays. Social engineering is an attacker technique to manipulate and deceive users in order to access or gain privileged information. Such attacks are continuously developed to deceive a high number of potential victims. The number of social engineering attacks has risen dramatically in the past few years, causing unpleasant damage both to organizations and individuals. Yet little research has discussed social engineering in the virtual environments of social networks. One approach to counter these exploits is through research that aims to understand why people fall victim to such attacks. Previous social engineering and deception research have not satisfactory identified the factors that influence the users' ability to detect attacks Characteristics that influence users' vulnerability must be investigated to address this issue and help to build a profile for vulnerable users in order to focus on increasing the training programs and education for those users. In this context, the present study proposes a user-centric framework to understand the user's susceptibility, relevant factors and dimensions.",
keywords = "social engineering, social networks, information security, phishing",
author = "Samar Albladi and Weir, {George R S}",
note = "{\circledC} 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.",
year = "2016",
month = "11",
day = "17",
doi = "10.1109/ICCCF.2016.7740435",
language = "English",
isbn = "9781509060962",
pages = "95--100",
editor = "Barry Cartwright and {Weir }, George and Lau, {Laurie Yiu-Chung}",
booktitle = "2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF)",
publisher = "IEEE",

}

Albladi, S & Weir, GRS 2016, Vulnerability to social engineering in social networks: a proposed user-centric framework. in B Cartwright, G Weir & LY-C Lau (eds), 2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF). IEEE, Piscataway, NJ, pp. 95-100, The 4th International Conference on CyberCrime and Computer Forensic (ICCCF) , Vancouver, Canada, 12/06/16. https://doi.org/10.1109/ICCCF.2016.7740435

Vulnerability to social engineering in social networks : a proposed user-centric framework. / Albladi, Samar; Weir, George R S.

2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF). ed. / Barry Cartwright; George Weir ; Laurie Yiu-Chung Lau. Piscataway, NJ : IEEE, 2016. p. 95-100.

Research output: Chapter in Book/Report/Conference proceedingConference contribution book

TY - GEN

T1 - Vulnerability to social engineering in social networks

T2 - a proposed user-centric framework

AU - Albladi, Samar

AU - Weir, George R S

N1 - © 2016 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

PY - 2016/11/17

Y1 - 2016/11/17

N2 - Social networking sites have billions of users who communicate and share their personal information every day. Social engineering is considered one of the biggest threats to information security nowadays. Social engineering is an attacker technique to manipulate and deceive users in order to access or gain privileged information. Such attacks are continuously developed to deceive a high number of potential victims. The number of social engineering attacks has risen dramatically in the past few years, causing unpleasant damage both to organizations and individuals. Yet little research has discussed social engineering in the virtual environments of social networks. One approach to counter these exploits is through research that aims to understand why people fall victim to such attacks. Previous social engineering and deception research have not satisfactory identified the factors that influence the users' ability to detect attacks Characteristics that influence users' vulnerability must be investigated to address this issue and help to build a profile for vulnerable users in order to focus on increasing the training programs and education for those users. In this context, the present study proposes a user-centric framework to understand the user's susceptibility, relevant factors and dimensions.

AB - Social networking sites have billions of users who communicate and share their personal information every day. Social engineering is considered one of the biggest threats to information security nowadays. Social engineering is an attacker technique to manipulate and deceive users in order to access or gain privileged information. Such attacks are continuously developed to deceive a high number of potential victims. The number of social engineering attacks has risen dramatically in the past few years, causing unpleasant damage both to organizations and individuals. Yet little research has discussed social engineering in the virtual environments of social networks. One approach to counter these exploits is through research that aims to understand why people fall victim to such attacks. Previous social engineering and deception research have not satisfactory identified the factors that influence the users' ability to detect attacks Characteristics that influence users' vulnerability must be investigated to address this issue and help to build a profile for vulnerable users in order to focus on increasing the training programs and education for those users. In this context, the present study proposes a user-centric framework to understand the user's susceptibility, relevant factors and dimensions.

KW - social engineering

KW - social networks

KW - information security

KW - phishing

UR - http://ieeexplore.ieee.org/xpl/mostRecentIssue.jsp?punumber=7740273

U2 - 10.1109/ICCCF.2016.7740435

DO - 10.1109/ICCCF.2016.7740435

M3 - Conference contribution book

SN - 9781509060962

SP - 95

EP - 100

BT - 2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF)

A2 - Cartwright, Barry

A2 - Weir , George

A2 - Lau, Laurie Yiu-Chung

PB - IEEE

CY - Piscataway, NJ

ER -

Albladi S, Weir GRS. Vulnerability to social engineering in social networks: a proposed user-centric framework. In Cartwright B, Weir G, Lau LY-C, editors, 2016 IEEE International Conference on Cybercrime and Computer Forensic (ICCCF). Piscataway, NJ: IEEE. 2016. p. 95-100 https://doi.org/10.1109/ICCCF.2016.7740435