Detecting Social Engineering

Get BibTex-formatted data

Download

PDF

Author

Michael D Hoeschele & Marcus K Rogers

Tech report number

CERIAS TR 2005-19

Entry type

article

Abstract

This paper proposes a theoretical solution to the problem of Social Engineering (SE) attacks perpetrated over the phone lines. As a byproduct real time attack signatures are generated, which can be used in a cyber forensic analysis of such attacks. Current methods of SE attack detection and prevention rely on policy and personnel training, which fails because the root of the problem, people, are still involved. The proposed solution relies on computer systems to analyze phone conversations in real time and determine if the caller is deceiving the receiver. This Social Engineering Defense Architecture (SEDA) is completely theoretical as the technologies employed are only in the proof of concept phase, but they are all proven to be tractable problems.

Download

PDF

Date

2005 – 02 – 15

Institution

CPT

Key alpha

Hoeschele

Organization

Purdue CERIAS

Publisher

IFIP

School

Technology

Affiliation

CERIAS

Bibdate

2/13/2005

Publication Date

2005-02-15

Keywords

social engineering, defense architecture, forensics

Language

English

Subject

social engineering, defense architecture, forensics

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Article{ Hoeschele,
	title = "Detecting Social Engineering",
	author = "Michael D Hoeschele & Marcus K Rogers",
	year = "2005",
	month = "02",
	institution = "CPT",
	organization = "Purdue CERIAS",
	publisher = "IFIP",
	school = "Technology",
	day = "15",
	abstract = "This paper proposes a theoretical solution to the problem of Social Engineering (SE)  attacks perpetrated over the phone lines.  As a byproduct real time attack signatures are generated, which can be used in a cyber forensic analysis of such attacks.  Current  methods of SE attack detection and prevention rely on policy and personnel training, which fails because the root of the problem, people, are still involved.  The proposed  solution relies on computer systems to analyze phone conversations in real time and determine if the caller is deceiving the receiver.  This Social Engineering Defense  Architecture (SEDA) is completely theoretical as the technologies employed are only in the proof of concept phase, but they are all proven to be tractable problems.   ",
	affiliation = "CERIAS",
	bibdate = "2/13/2005",
	keywords = "social engineering, defense architecture, forensics",
	language = "English",
	subject = "social engineering, defense architecture, forensics",
}