In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
Second International Conference on Human Aspects of Information Security & Assurance (HAISA 2008)
Title: The cycle of deception - a model of social engineering attacks, defenses and victims
Author(s): Marcus Nohlberg, Stewart Kowalski
Keywords: Social engineering, fraud, deception, security models, computer crime
Abstract: In this paper we propose a model for describing deceptive crimes in general and social engineering in particular. Our research approach was naïve inductivist and the methods used were literature study and interviews with the lead investigator in a grooming case, as we see many similarities between the techniques used in grooming, and those used in social engineering. From this we create cycles describing attacker, defender, and the victim and merge them into a model describing the cycle of deception. The model is then extended into a possible deception sphere. The resulting models can be used to educate about social engineering, to create automated social engineering attacks, to facilitate better incident reporting, and to understand the impact and economical aspects of defenses.
Download count: 3817
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.