Social Engineering and Defense against Social Engineering

Authors(2) :-K. Narendra, E. Sreedevi

Social engineering is a standout amongst the most productive and powerful methods for accessing secure frameworks and acquiring touchy data, yet requires insignificant specialized learning. Attacks shift from mass phishing messages with little refinement through to very focused on, multi-layered attacks which utilize a scope of social engineering procedures. Social engineering works by controlling typical human behavioral attributes and all things considered there are just restricted specialized answers for make preparations for it. Subsequently, the best barrier is to teach clients on the methods utilized by social designers, and bringing issues to light with respect to how the two people and PC frameworks can be controlled to make a bogus level of trust. This can be supplemented by an authoritative disposition towards security that advances the sharing of concerns, upholds data security guidelines and backings clients for sticking to them. All things considered, a decided attacker with adequate expertise, assets and at last, good fortune will have the capacity to recover the data they are looking for. Consequently, associations and people ought to have measures set up to react to, and recuperate from, an effective attack.

Authors and Affiliations

K. Narendra
Department of MCA, Sree Vidyanikethan Institute of Management, Sri Venkateswara University, Tirupati, Andhra Pradesh, India
E. Sreedevi
Assistant Professor, Department of MCA, Sree Vidyanikethan Institute of Management, Tirupati, Andhra Pradesh, India

Social Engineering, Social Technology, Social Attacks, Phishing, Information Security

  1. D. Bisson, “5 Social Engineering Attacks to Watch Out For," March 2015,
  2. http://www.tripwire.com/state-of-security/security-awareness/5-social-engineering-attacks-to-watch-out-for/ (accessed April 7, 2016)
  3. S. D. Applegate, “Social engineering: hacking the wetware!" Information Security Journal: a Global Perspective, vol. 18, 2009, pp. 40-46.
  4. K. Manske, “An introduction to social engineering," Security Management Practices, November/December 2000, pp. 53-59.
  5. F. Mouton et al., “Social engineering attack framework," Proc. of Information Security for South Africa (ISSA), 2014, pp. 1-9.
  6. P. Tetri and J. Vuorinen, “Dissecting social engineering," Behavior and Information Technology, vol. 32, no. 10, 2013, pp. 1014-1023.
  7. T. R. Peltier, “Social engineering: concepts and solutions," Information Security and Risk Management, Nov. 2006, pp. 13-21.
  8. M. Rouse, “Social engineering," http://searchsecurity.techtarget.com/definition/social-engineering (accessed April 7, 2016)
  9. Havenstein, H. Video games poised to boost corporate training. Computerworld, 26 August 2008 (2008).
  10. Rhodes, C. Safeguarding Against Social Engineering, East Carolina University, Article at http://www.infosecwriters.com/text_resources/pdf/Social_Engineering_CRhodes.pdf (2007).
  11. Microsoft. How to Protect Insiders from Social Engineering Threats, Midsize Business Security Guidance. http://technet.microsoft.com/en-us/library/cc875841.aspx (2006).
  12. Thapar, A. Social Engineering : An Attack Vector Most Intricate to Tackle, Infosec Writers, www.infosecwriters.com/text_resources/pdf/Social_Engineering_AThapar.pdf (2007).
  13. Bakhshi, T., Papadaki, M., Furnell, S.M. A Practical Assessment of Social Engineering Vulnerabilities. In: Clarke, N.L., Furnell, S.M. (eds.) Second International Symposium on Human Aspects of Information Security and Assurance (HAISA 2008), pp. 12--23, University of Plymouth (2008).
  14. APWG. Phishing Activity Trends Report Q2/2008. Anti-Phishing Working Group, AprilJune 2008, http://www.apwg.org/reports/apwg_report_Q2_2008.pdf (2008).
  15. Evers, J. Security expert: User education is pointless. http://news.cnet.com/2100-7350_3- 6125213.html (2006).
  16. Kumaraguru, P., Rhee, Y., Acquisti, A., Cranor, L.F., Hong, J., Hong, E. Protecting People from Phishing: The Design and Evaluation of an Embedded Training Email System. Institute for Software Research, Carnegie Mellon University (2007).
  17. Robila, S.A., James, J., Ragucci, W. Don't be a phish: steps in user education, in 11th Annual SIGCSE Conference on Technology and Technology In Computer Science Education (ITICSE '06), pp. 237—241 (2006).

Publication Details

Published in : Volume 3 | Issue 4 | March-April 2018
Date of Publication : 2018-04-30
License:  This work is licensed under a Creative Commons Attribution 4.0 International License.
Page(s) : 235-239
Manuscript Number : CSEIT1833250
Publisher : Technoscience Academy

ISSN : 2456-3307

Cite This Article :

K. Narendra, E. Sreedevi, "Social Engineering and Defense against Social Engineering", International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSRCSEIT), ISSN : 2456-3307, Volume 3, Issue 4, pp.235-239, March-April-2018.
Journal URL : http://ijsrcseit.com/CSEIT1833250

Article Preview

Follow Us

Contact Us