Detecting Social Engineering
Author
Michael D Hoeschele & Marcus K Rogers
Tech report number
CERIAS TR 2005-19
Abstract
This paper proposes a theoretical solution to the problem of Social Engineering (SE) attacks perpetrated over the phone lines. As a byproduct real time attack signatures are generated, which can be used in a cyber forensic analysis of such attacks. Current methods of SE attack detection and prevention rely on policy and personnel training, which fails because the root of the problem, people, are still involved. The proposed solution relies on computer systems to analyze phone conversations in real time and determine if the caller is deceiving the receiver. This Social Engineering Defense Architecture (SEDA) is completely theoretical as the technologies employed are only in the proof of concept phase, but they are all proven to be tractable problems.
Organization
Purdue CERIAS
Publication Date
2005-02-15
Keywords
social engineering, defense architecture, forensics
Subject
social engineering, defense architecture, forensics