Open access repository

Home Open access repository

In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).

» Openaccess proceedings » Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018)

Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018)

Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018)
Dundee, Scotland, UK, August 29-31, 2018
ISBN: 978-0-244-40254-9

Title: A Social Engineering Prevention Training Tool: Methodology and Design for Validating the SEADM
Author(s): Francois Mouton, Michael Pepper, Thomas Meyer
Reference: pp12-27
Keywords: Social engineering, attack prevention, Mitnick’s attack cycle, SEADMv2, social engineering attack detection model, social engineering attack examples, social engineering attack framework
Abstract: The information people possess is often of great value and thus, when stored electronically, is typically guarded by complicated security mechanisms. Such mechanisms are frequently upgraded in order to counteract threats that aim to obtain the information being guarded. Accordingly, the “social engineer” seeks to attack and exploit the weakest link in this information security system: the user. The general public is often not aware that they may be subjected to acts of social engineering (SE), and are hence not aware of what to look for and how to react appropriately in such situations. This leaves the unsuspecting public in a vulnerable position with very little assistance at their disposal.
The Social Engineering Prevention Training Tool (SEPTT) project of which we are part sought to address SE vulnerability by developing a tool that can be used in any scenario to determine if the user is being subjected to acts of SE, and to provide guidance as to the correct manner of response to follow in said scenario. The authors previously expanded on the original Social Engineering Attack Detection Model and produced the updated version 2, i.e. SEADMv2. A test methodology to validate the updated model is presented together with a preliminary design for the web application.
Download count: 156

How to get this paper:

Download a free PDF copy of this paperBuy this book at Lulu.com

PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.