Abstract
While many cyber security organizations urge the corporate world to use defence-in-depth to create vigilant network perimeters, the human factor is often overlooked. Security evaluation frameworks focus mostly on critical assets of an organization and technical aspects of prevailing risks. There is consequently no specific framework to identify, categorize, analyse and mitigate social engineering related risks. This paper identifies the requirement for such a framework through an in-depth investigation of an actual organization and extensive analysis of existing methodologies. On the basis of this a layered defence strategy SERA is developed, starting with the basic building blocks for social-engineering aware risk analysis. A chronological attack classification framework is presented as an enhancement of existing frameworks on social engineering.
| Original language | English |
|---|---|
| Title of host publication | Published in: Proceedings of 2016 SAI Computing Conference 2016, London : IEEE, pp. 1054-1062. ISBN: 9781467384605 Organising Body: IEEE Organising Body: IEEE |
| DOIs | |
| Publication status | Published - 15 Jul 2016 |
Bibliographical note
Note: Published in: Proceedings of 2016 SAI Computing Conference 2016, London : IEEE, pp. 1054-1062. ISBN: 9781467384605Organising Body: IEEE
Organising Body: IEEE
Keywords
- Computer science and informatics
Fingerprint
Dive into the research topics of 'A layered defense mechanism for a social engineering aware perimeter'. Together they form a unique fingerprint.Research output
- 1 Paper
-
A layered defense mechanism for a social engineering aware perimeter
Abeywardana, K. Y., Pfluegel, E. & Tunnicliffe, M., 15 Jul 2016.Research output: Contribution to conference › Paper › peer-review
Cite this
- APA
- Author
- BIBTEX
- Harvard
- Standard
- RIS
- Vancouver