Attack Process Clause Samples

Attack Process. This chapter describes the most relevant aspects of social engineering attacks process. The aim of this chapter is to understand better these attacks from the attacker’s point of view (see section 4.2), their motivations and most common “modus operandi”. To achieve this goal this chapter covers different levels of information: from general use cases to more specific ones. Understanding the attacker’s point of view is an open problem, which mainly has been addressed in three ways:  Modelling the attack process with specific models, see Section 4.1.  Understanding attackers using threat agents modelling, see Section 4.2.  Modelling users, using a model that establish how their trust and confidence processes are deceived, see Section 4.2 (see also Chapter 6 as part of the countermeasures strategies). Threat agents modelling is the base for a reactive defence strategy, while the users modelling is the base for a proactive defence, usually through awareness techniques. Attack models are instead useful for both approaches. Beside these models, also the modelling of victims is extremely important, because from the attackers’ point of view users are indeed victims. The victim modelling is part of the attack process in general terms.