Conferences related to Social Engineering

Back to Top

2023 Annual International Conference of the IEEE Engineering in Medicine & Biology Conference (EMBC)

The conference program will consist of plenary lectures, symposia, workshops and invitedsessions of the latest significant findings and developments in all the major fields of biomedical engineering.Submitted full papers will be peer reviewed. Accepted high quality papers will be presented in oral and poster sessions,will appear in the Conference Proceedings and will be indexed in PubMed/MEDLINE.


2020 IEEE International Conference on Systems, Man, and Cybernetics (SMC)

The 2020 IEEE International Conference on Systems, Man, and Cybernetics (SMC 2020) will be held in Metro Toronto Convention Centre (MTCC), Toronto, Ontario, Canada. SMC 2020 is the flagship conference of the IEEE Systems, Man, and Cybernetics Society. It provides an international forum for researchers and practitioners to report most recent innovations and developments, summarize state-of-the-art, and exchange ideas and advances in all aspects of systems science and engineering, human machine systems, and cybernetics. Advances in these fields have increasing importance in the creation of intelligent environments involving technologies interacting with humans to provide an enriching experience and thereby improve quality of life. Papers related to the conference theme are solicited, including theories, methodologies, and emerging applications. Contributions to theory and practice, including but not limited to the following technical areas, are invited.


2020 IEEE Power & Energy Society General Meeting (PESGM)

The Annual IEEE PES General Meeting will bring together over 2900 attendees for technical sessions, administrative sessions, super sessions, poster sessions, student programs, awards ceremonies, committee meetings, tutorials and more


2019 IEEE/RSJ International Conference on Intelligent Robots and Systems (IROS)

robotics, intelligent systems, automation, mechatronics, micro/nano technologies, AI,


2018 IEEE 34th International Conference on Data Engineering (ICDE)

The annual ICDE conference addresses research issues and state of the art in designing, building, managing, and evaluating advanced data systems and industrial applications.


More Conferences

Periodicals related to Social Engineering

Back to Top

Broadcasting, IEEE Transactions on

Broadcast technology, including devices, equipment, techniques, and systems related to broadcast technology, including the production, distribution, transmission, and propagation aspects.


Circuits and Systems for Video Technology, IEEE Transactions on

Video A/D and D/A, display technology, image analysis and processing, video signal characterization and representation, video compression techniques and signal processing, multidimensional filters and transforms, analog video signal processing, neural networks for video applications, nonlinear video signal processing, video storage and retrieval, computer vision, packet video, high-speed real-time circuits, VLSI architecture and implementation for video technology, multiprocessor systems--hardware and software-- ...


Communications Letters, IEEE

Covers topics in the scope of IEEE Transactions on Communications but in the form of very brief publication (maximum of 6column lengths, including all diagrams and tables.)


Computational Biology and Bioinformatics, IEEE/ACM Transactions on

Specific topics of interest include, but are not limited to, sequence analysis, comparison and alignment methods; motif, gene and signal recognition; molecular evolution; phylogenetics and phylogenomics; determination or prediction of the structure of RNA and Protein in two and three dimensions; DNA twisting and folding; gene expression and gene regulatory networks; deduction of metabolic pathways; micro-array design and analysis; proteomics; ...


Computer

Computer, the flagship publication of the IEEE Computer Society, publishes peer-reviewed technical content that covers all aspects of computer science, computer engineering, technology, and applications. Computer is a resource that practitioners, researchers, and managers can rely on to provide timely information about current research developments, trends, best practices, and changes in the profession.


More Periodicals

Most published Xplore authors for Social Engineering

Back to Top

Xplore Articles related to Social Engineering

Back to Top

Benchmarking a mobile implementation of the social engineering prevention training tool

2017 Information Security for South Africa (ISSA), 2017

As the nature of information stored digitally becomes more important and confidential, the security of the systems put in place to protect this information needs to be increased. The human element, however, remains a vulnerability of the system and it is this vulnerability that social engineers attempt to exploit. The Social Engineering Attack Detection Model version 2 (SEADMv2) has been ...


Underlying finite state machine for the social engineering attack detection model

2017 Information Security for South Africa (ISSA), 2017

Information security is a fast-growing discipline, and relies on continued improvement of security measures to protect sensitive information. In general, human operators are often highly susceptible to manipulation, and tend to be one of the weakest links in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. ...


Social engineering attack framework

2014 Information Security for South Africa, 2014

The field of information security is a fast growing discipline. Even though the effectiveness of security measures to protect sensitive information is increasing, people remain susceptible to manipulation and the human element is thus a weak link. A social engineering attack targets this weakness by using various manipulation techniques in order to elicit sensitive information. The field of social engineering ...


Modelling of the social engineering attacks based on social graph of employees communications analysis

2018 IEEE Industrial Cyber-Physical Systems (ICPS), 2018

The article is aimed at solving the problem of constructing and analyzing a compressed social graph, taking into account the estimates of the probability of a transition of the intruder's influence from user to user. The subject of the study are user accounts in the social network VKontakte as the basis for building user interaction and social graphs on them. ...


Social Engineering Toolkit — A systematic approach to social engineering

2011 Proceedings of the 34th International Convention MIPRO, 2011

Social engineering techniques, exploiting humans as information systems' security weakest link, are mostly the initial attack vectors within larger intrusions and information system compromises. In order to practically evaluate the risks of information leakage trough the target organizations' employees, when performing a penetration test, an ethical hacker must consider social engineering as a very important aspect of the performed test. ...


More Xplore Articles

Educational Resources on Social Engineering

Back to Top

IEEE-USA E-Books

  • Benchmarking a mobile implementation of the social engineering prevention training tool

    As the nature of information stored digitally becomes more important and confidential, the security of the systems put in place to protect this information needs to be increased. The human element, however, remains a vulnerability of the system and it is this vulnerability that social engineers attempt to exploit. The Social Engineering Attack Detection Model version 2 (SEADMv2) has been proposed to help people identify malicious social engineering attacks. Prior to this study, the SEADMv2 had not been implemented as a user friendly application or tested with real subjects. This paper describes how the SEADMv2 was implemented as an Android application. This Android application was tested on 20 subjects, to determine whether it reduces the probability of a subject falling victim to a social engineering attack or not. The results indicated that the Android implementation of the SEADMv2 significantly reduced the number of subjects that fell victim to social engineering attacks. The Android application also significantly reduced the number of subjects that fell victim to malicious social engineering attacks, bidirectional communication social engineering attacks and indirect communication social engineering attacks. The Android application did not have a statistically significant effect on harmless scenarios and unidirectional communication social engineering attacks.

  • Underlying finite state machine for the social engineering attack detection model

    Information security is a fast-growing discipline, and relies on continued improvement of security measures to protect sensitive information. In general, human operators are often highly susceptible to manipulation, and tend to be one of the weakest links in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy with respect to formal definitions, attack frameworks, examples of attacks and detection models. In order to formally address social engineering in a broad context, this paper proposes the underlying finite state machine of the Social Engineering Attack Detection Model (SEADM). The model has been proven to successfully thwart social engineering attacks utilising either bidirectional communication, unidirectional communication or indirect communication. Proposing and exploring the underlying finite state machine of the model allows one to have a clearer overview of the mental processing performed within the model. While the current model provides a general procedural template for implementing detection mechanisms for social engineering attacks, the finite state machine provides a more abstract and extensible model that highlights the interconnections between task categories associated with different scenarios. The finite state machine is intended to help facilitate the incorporation of organisation specific extensions by grouping similar activities into distinct categories, subdivided into one or more states. In addition, it facilitates additional analysis on state transitions that are difficult to extract from the original flowchart based model.

  • Social engineering attack framework

    The field of information security is a fast growing discipline. Even though the effectiveness of security measures to protect sensitive information is increasing, people remain susceptible to manipulation and the human element is thus a weak link. A social engineering attack targets this weakness by using various manipulation techniques in order to elicit sensitive information. The field of social engineering is still in its infancy stages with regards to formal definitions and attack frameworks. This paper proposes a social engineering attack framework based on Kevin Mitnick's social engineering attack cycle. The attack framework addresses shortcomings of Mitnick's social engineering attack cycle and focuses on every step of the social engineering attack from determining the goal of an attack up to the successful conclusion of the attack. The authors use a previously proposed social engineering attack ontological model which provides a formal definition for a social engineering attack. The ontological model contains all the components of a social engineering attack and the social engineering attack framework presented in this paper is able to represent temporal data such as flow and time. Furthermore, this paper demonstrates how historical social engineering attacks can be mapped to the social engineering attack framework. By combining the ontological model and the attack framework, one is able to generate social engineering attack scenarios and to map historical social engineering attacks to a standardised format. Scenario generation and analysis of previous attacks are useful for the development of awareness, training purposes and the development of countermeasures against social engineering attacks.

  • Modelling of the social engineering attacks based on social graph of employees communications analysis

    The article is aimed at solving the problem of constructing and analyzing a compressed social graph, taking into account the estimates of the probability of a transition of the intruder's influence from user to user. The subject of the study are user accounts in the social network VKontakte as the basis for building user interaction and social graphs on them. Due to the peculiarities of the graphs under consideration, processing them is a very time-consuming task, requiring large computational resources. In order to optimize the algorithm of the analyzer being developed, the authors of this article conducted a study aimed at modifying the analysis module, with the purpose of diluting the social graph of staff interaction to optimize the process of its further processing. In this paper, we investigate various approaches to diminishing the dimension of edges of a graph, describe their weak and strong sides for the purpose of choosing the optimal graph dilution algorithm. The construction and analysis of the social graph will make it possible to calculate estimates of the security of users of the information system from social engineering attacks and also to analyze the trajectories of the spread of social engineering attacks.

  • Social Engineering Toolkit — A systematic approach to social engineering

    Social engineering techniques, exploiting humans as information systems' security weakest link, are mostly the initial attack vectors within larger intrusions and information system compromises. In order to practically evaluate the risks of information leakage trough the target organizations' employees, when performing a penetration test, an ethical hacker must consider social engineering as a very important aspect of the performed test. Social Engineering Toolkit (SET) is an integrated set of tools designed specifically to perform advanced attacks against the human element, and is the most advanced, if not the only toolkit of such kind that is publicly available as open source software. Incorporating many social engineering attack vectors, it heavily depends on Metasploit, an integrated penetration testing framework. This paper gives a brief introduction to the Social Engineering Toolkit software architecture, and provides an overview of supported attack vectors.

  • Social Engineering Attack Detection Model: SEADMv2

    Information security is a fast-growing discipline, and therefore the effectiveness of security measures to protect sensitive information needs to be increased. Since people are generally susceptible to manipulation, humans often prove to be the weak link in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy as far as formal definitions, attack frameworks, examples of attacks and detection models are concerned. This paper therefore proposes a revised version of the Social Engineering Attack Detection Model. The previous model was designed with a call centre environment in mind and is only able to cater for social engineering attacks that use bidirectional communication. Previous research discovered that social engineering attacks can be classified into three different categories, namely attacks that utilise bidirectional communication, unidirectional communication or indirect communication. The proposed (and revised) Social Engineering Attack Detection Model addresses this problem by extending the model to cater for social engineering attacks that use bidirectional communication, unidirectional communication or indirect communication. The revised Social Engineering Attack Detection Model is further verified using published generalised social engineering attack examples from each of the three categories mentioned.

  • A literature survey on social engineering attacks: Phishing attack

    Phishing is a network type attack where the attacker creates the fake of an existing webpage to fool an online user into elicit personal Information. The prime objective of this review is to do literature survey on social engineering attack: Phishing attack and techniques to detect attack. Phishing is the combination of social engineering and technical methods to convince the user to reveal their personal data. The paper discusses about the Phishing social engineering attack theoretically and their issues in the life of human Beings. Phishing is typically carried out by Email spoofing or instant messaging. It targets the user who has no knowledge about social engineering attacks, and internet security, like persons who do not take care of privacy of their accounts details such as Facebook, Gmail, credit banks accounts and other financial accounts. The paper discusses various types of Phishing attacks such as Tab-napping, spoofing emails, Trojan horse, hacking and how to prevent them. At the same time this paper also provides different techniques to detect these attacks so that they can be easily dealt with in case one of them occurs. The paper gives a thorough analysis of various Phishing attacks along with their advantages and disadvantages.

  • Social engineering in social networking sites: Affect-based model

    While social engineering represents a real and ominous threat to many organizations, companies, governments, and individuals, social networking sites (SNSs) have been identified as some of the most common means of social engineering attacks. Due to factors that reduce users' ability to detect social engineering tricks and increase attackers' ability to launch them, SNSs seem to be perfect breeding grounds for exploiting people's vulnerabilities and the weakest link in security. This work will contribute to the social engineering knowledge base by identifying different entities and sub-entities that affect social-engineering-based attacks in SNSs. Moreover, this paper includes an intensive and comprehensive overview of different aspects of social engineering threats in SNSs.

  • The awareness of social engineering in information revolution: Techniques and challenges

    The main purpose of this paper is to expound and clarify the term social engineering and common techniques used by attackers. In addition, it tries to highlight and evaluate the user's awareness around the world of social engineering attacks. Meanwhile, advices and solutions have been listed in order to minimize all risks could be caused by any certain attack. For instance, educational training should be conducted for all employees to warn them about varies techniques that attackers follow to drawn any victim. Another practice solution is to emphasize the protection of personal privacy among entire organization to prevent any leak of personal information which is the first key that attacker could obtain it easily.

  • How to Obtain Passwords of Online Scammers by Using Social Engineering Methods

    This paper addresses three social engineering techniques that vigilante online communities of scambaitersuse for 'Inbox diving': an act of gaining access to internet scammers email accounts. The methods have been gathered by analyzing scam baiting forums and were put on the test in direct email exchange between the author and Internet scammers. By diving into the scammers inboxes, their working methods can be observed, gang structures investigated and potential victims warned. I discuss the moral issues an 'inbox diver' faces and question the ethics of scam baiting communities that prefer social engineering techniques rather than hacking email accounts. The research lead into the creation of the artistic installation 'Password:' and presents an artistic position dealing with password security.



Standards related to Social Engineering

Back to Top

No standards are currently tagged "Social Engineering"


Jobs related to Social Engineering

Back to Top