Friday 28th of July 2017
 

Social Engineering Framework: Understanding the Deception Approach to Human Element of Security


Richardus Eko Indrajit

Social engineering has become serious phenomenon in the history of information security worldwide. Although this approach is widely used by criminals to exploit the human aspect as the security weakest link, there is not many studies focusing on such issue. Fail to understand the nature of social engineering will increase the security risk posture of the organisation. Inspite of the fact that most of social engineering attacks are seemed to be unstructure and diverse in nature, this research result shows that there exists common patterns that can be mapped and organised in a logical and structured way. This study is aimed to develop and to propose a framework to help security practitioners in having better and wholistic understanding on the nature and characteristics of such humen-based attack. By understanding the detail characteristics of social engineering, an effective countermeasure effort can be designed and developed. This concept shall be used by the management of organisation or institution in developing its security mitigation strategy.

Keywords: Social Engineering, Security, Deception, Attack, Human Element

Download Full-Text


ABOUT THE AUTHOR

Richardus Eko Indrajit
Richardus Eko Indrajit is a profesor of information system from ABFI Instiute Perbanas, Indonesia. Graduated as Bachelor fo Engineering from Sepuluh Nopember Institute of Technology, Surabaya, Indonesia. Holding a Master of Computer Science Degree from Harvard University, USA and Doctor of Business Administration from Pamantasan ng Lungsod ng Maynila, the Philippines. Presently, chairing the Association of Global IT Architect (IASA) – Indonesian Chapter, and acting as Strategic Advisor of Cyber Operation Center, Ministry of Defense, Republic of Indonesia.


IJCSI Published Papers Indexed By:

 

 

 

 
About IJCSI

IJCSI is a refereed open access international journal for scientific papers dealing in all areas of computer science research...

Learn more »
Join Us
FAQs

Read the most frequently asked questions about IJCSI.

Frequently Asked Questions (FAQs) »
Get in touch

Phone: +230 911 5482
Email: info@ijcsi.org

More contact details »