Attack models Sample Clauses

Attack models. One of the common efforts in scientific literature is to implement a model with attacks involving SE. This effort is quite challenging because these attacks are often not fully documented and collected evidences are usually limited. Part, if not all, of the exploits happen in the human side of the Information System, which has limited possibilities to gather evidences using a forensic approach. This is complicated because most users do not understand how security works, so they build their own models, very often incorrectly [135]. Merging the definition of the attacker, the defender and the victim into a descriptive model is useful to:  Help educate other users about social engineering,  Create social engineering vulnerability assessment frameworks  Improve incident reporting  Understand the effect of implemented defense strategies. One of the early models of SE is the SEAC (Social Engineering Attack Cycle), proposed by ▇. ▇▇▇▇▇▇▇ ▇n 2002 [136], which is reported in Figure 24 and is made of four phases:  Information Gathering (Research). This phase initially requires the Social Engineer (SE) to select a source of information then to pick the right tool to “harvest” it and finally find a way, or a tool, to organize everything collected into a coherent result. The number of possible sources of information is huge and listing them all is a challenging task; nevertheless, it is still possible to give a broad description of the most relevant ones. Primarily, sources should be divided into two major groups according to the method user to collect the information: physical sources require some sort of hardware and some “physical involvement” (e.g., steal of USB keys or drives) from the Social Engineer while technical sources usually just require a computer with Internet access and some software (e.g., steal of assets on servers).  Development of Relationship (Developing rapport and trust). This phase requires the SE to earn the trust of the victim. There is not just a unique way to achieve this goal and it depends on the kind of attack the social engineers are interested in and how much time and skills they have. A weeklong friendship on a social media, a well-crafted fake blog or website and even just few well-written sentences on a forum can be enough. In some specific situations, this phase may require a more physical involvement, like casually meeting the victim in a pub or in a gym52.  Exploitation of Relationship (Exploiting trust). The victim is read...