REVIEW ON SOCIAL ENGINEERING ATTACKS AND DEFENSE MECHANISMS

Aanchal Kushwaha; Pramod Singh; Akhilesh A. Waoo

doi:10.29121/shodhkosh.v5.i5.2024.1887

Authors

Aanchal Kushwaha AKS University, SATNA, MP, India
Pramod Singh AKS University, SATNA, MP, India
Akhilesh A. Waoo AKS University, SATNA, MP, India

DOI:

https://doi.org/10.29121/shodhkosh.v5.i5.2024.1887

Keywords:

Social Engineering Attacks, Phishing, Baiting, Pretexting, Defence Mechanism

Abstract [English]

Social engineering attacks involve manipulating individuals to disclose sensitive information, compromise security, or perform actions that may not be in their best interest. These attacks exploit psychological and social aspects rather than relying on technical vulnerabilities. Techniques include phishing, pretexting, baiting, and quid pro quo, targeting human susceptibility to persuasion for malicious purposes. Understanding and awareness are crucial in mitigating the risks associated with social engineering attacks.

References

Salahdine, F.: Kaabouch, N., (2019), “Social Engineering Attacks: A Survey”, Future Internet 2019; 11(4),89, https://

Heartfield, R.; Loukas, G. (2015), “A taxonomy of attacks and survey of defense mechanisms for semantic social engineering attacks”, ACM Computing Survey; pp 1-39, DOI: https://doi.org/10.1145/2835375

Koyun, A.; Janabi AI E., (2017), “Social engineering attacks”, Journal of Multidisciplinary Engineering Science and Technology; Volume, 4 issue.

Syafitri, W.; Shukur, Z.; Umi Asma’Mokhtar; Sulaiman, R.; Muhammad Azwan Ibrahim, (2022), “Social engineering attacks prevention: A systematic literature review”, IEEE Pages 39325-39343. https://doi.org/10.1109/ACCESS.2022.3162594 DOI: https://doi.org/10.1109/ACCESS.2022.3162594

Junger, M.; Montoya, L.; Overink, FJ., (2017), “Priming and arming are not effective in preventing social engineering attacks”, computers in human behavior; Elsevier DOI: https://doi.org/10.1016/j.chb.2016.09.012

Saleem, J.; Hammoudeh, M., (2018), “Defense method against social engineering attacks” Computer and network security essentials; pp 603-618. DOI: https://doi.org/10.1007/978-3-319-58424-9_35

Abeer, F.; AL-Otaibi; ES AIsuwat. (2020), “A study on social engineering attacks: Phishing attacks”, International Journal of Recent Advances in Multidisciplinary Research; pp 6374-6380.

Krombholz, K.; Hober, H.; Weippl E., (2015), “Advanced social engineering attacks”, Journal of information security and Application; pages 113-122, https://doi.org/10.1016/j.jisa.2014.09.005 DOI: https://doi.org/10.1016/j.jisa.2014.09.005

Li, T.; Song, C.; Pang, Q., (2023), “Defending against social engineering attack: A security pattern-based analysis framework”, IET Information Security; pages 703-726, https://doi.org/10.1049/ise2.12125. DOI: https://doi.org/10.1049/ise2.12125

Rita, M.; Obedoza, A.; Rodriguez, G.; Johnston, A.; Salahdine, F.; Kaabouch, N., (2020),” Social engineering attacks a reconnaissance synthesis analysis”, IEEE Annual Ubiquitous Computing, Electronics & Mobile Communication Conference.

Beckers, K.; Krautsevich, L.; Yautsiukhin, A., (2014),” Analysis of social engineering threats with attack graphs”, International workshop on data Privacy Management, Quantitative Aspects in Security Assurance, Autonomous, and Spontaneous Security; pp 216-232. DOI: https://doi.org/10.1007/978-3-319-17016-9_14

Costantio, G., La Marra, A., Martinelli, F, Matteucci, CANDY, I., (2018), “A social engineering attack to leak information from an infotainment system”, Proceeding of the IEEE Vehicular Technology Conference; Porto, Portugal, 3, pp. 1-5. DOI: https://doi.org/10.1109/VTCSpring.2018.8417879

Foozy, CFM.; Ahmad, R.; Abdollah, MF.; Yusof, R., (2011), “Generic taxonomy of social engineering attack and defense mechanism for handheld computer study”, icact.org.

Wang, Z.; Zhu, H.; Sun, L., (2021), “Social engineering in cybersecurity: Effect mechanism, human vulnerabilities, and attack method”, Springer; IEEE Access, ieeexplore.ieee.org. DOI: https://doi.org/10.1109/ACCESS.2021.3051633

Tulkrm, P. (2021), “A Survey of Social Engineering Attacks: Detection and Prevention Tools”, Journal of Theoretical and Applied Information Technology.

Zulkumain, AU.; Hamidy, A.; Husain, AB.; Chizari, H. (2015), “Social Engineering Attack Mitigation”, International Journal of Mathematics and Computational Science; pp 188-198.

Jain, JK., Waoo, AA., Chauhan, D, (2022), “A Literature Review on Machine Learning for Cyber Security Issues”, International Journal of Scientific Research in Computer Science, Engineering and Information Technology, Volume 8, Issue 6 Page Number: 374-385, ISSN: 2456-3307 (www.ijsrcseit.com). https://doi.org/10.32628/CSEIT228654 DOI: https://doi.org/10.32628/CSEIT228654

Pramod Singh, Bharat Mishra, P. K. Rai, “Study and Analysis of Different Database Threats and Basic Access Control Models”, INTERNATIONAL JOURNAL OF APPLIED RESEARCH AND TECHNOLOGY, IJART- Vol-2, Issue-3, June 2017, ISSN 2519-5115. DOI: https://doi.org/10.24163/ijart/2017/2(3):181-189

Salahdine, F., & Kaabouch, N. (2019)., “Social Engineering Attacks: A Surve”, Future Internet, 11(4), 89. DOI: https://doi.org/10.3390/fi11040089

Atwell, C.; Blasi, T.; Hayajneh, T. (2016)," Reverse TCP and social engineering attacks in the era of big data”, IEEE International Conference of Intelligent Data and Security, New York, NY, USA, 9–10 April 2016; pp. 1–6. DOI: https://doi.org/10.1109/BigDataSecurity-HPSC-IDS.2016.60

Li, Y., & Liu, Q. (2021), “A comprehensive review study of cyber-attacks and cyber security”, Emerging trends and recent developments. Energy Reports, 7, 8176-8186. https://doi.org/10.1016/j.egyr.2021.08.126. DOI: https://doi.org/10.1016/j.egyr.2021.08.126