Since security is based on trust in authenticity as well as trust in protection, the weakest link in the security chain is often between the keyboard and chair. We have a natural human willingness to accept someone at his or her word. Attacking computer systems via information gained from social interactions is a form of social engineering. Attackers know how much easier it is to trick insiders instead of targeting the complex technological protections of systems. In an effort to formalize social engineering, we are building two models: Trust and Attack. Because social-engineering attacks are complex and typically require multiple visits and targets, these two models can be applied, individually or together, at various times to each individual attack goal. / US Air Force (USAF) author.
Identifer | oai:union.ndltd.org:nps.edu/oai:calhoun.nps.edu:10945/2734 |
Date | 06 1900 |
Creators | Laribee, Lena |
Contributors | Martell, Craig H., Rowe, Neil C., Naval Postgraduate School (U.S.) |
Publisher | Monterey, California. Naval Postgraduate School |
Source Sets | Naval Postgraduate School |
Detected Language | English |
Type | Thesis |
Format | xiv, 53 p. : col. ill. ;, application/pdf |
Rights | This publication is a work of the U.S. Government as defined in Title 17, United States Code, Section 101. As such, it is in the public domain, and under the provisions of Title 17, United States Code, Section 105, is not copyrighted in the U.S., Approved for public release, distribution unlimited |
Page generated in 0.0015 seconds