Social engineering and its countermeasures

Douglas P. Twitchell

doi:10.4018/978-1-60566-132-2.ch014

Social engineering and its countermeasures

Douglas P. Twitchell

Information Technology and Supply Chain Management Department

Illinois State University

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

6 Scopus citations

Abstract

This chapter introduces and defines social engineering, a recognized threat to the security of information systems. It also introduces a taxonomy for classifying social engineering attacks along four dimensions: who or what the targets are, what media are used, how the attacks fit in an attack cycle, and the techniques used to execute the attacks. Additionally, the chapter discusses current social engineering countermeasures and how to map attack types to these countermeasures. Finally, the chapter ends with a discussion of future trends and technologies for defending against social engineering attacks. Use of the taxonomy should help security professionals and researchers understand social engineering attacks, and implementation of the discussed current and future countermeasures should help professionals reduce the risks associated with social engineering attacks.

Original language	English
Title of host publication	Handbook of Research on Social and Organizational Liabilities in Information Security
Pages	228-242
Number of pages	15
DOIs	https://doi.org/10.4018/978-1-60566-132-2.ch014
State	Published - 2008

EGS Disciplines

Operations and Supply Chain Management

Access to Document

10.4018/978-1-60566-132-2.ch014

Cite this

@inbook{e3b160e9f78148728a6596372daea69a,

title = "Social engineering and its countermeasures",

abstract = "This chapter introduces and defines social engineering, a recognized threat to the security of information systems. It also introduces a taxonomy for classifying social engineering attacks along four dimensions: who or what the targets are, what media are used, how the attacks fit in an attack cycle, and the techniques used to execute the attacks. Additionally, the chapter discusses current social engineering countermeasures and how to map attack types to these countermeasures. Finally, the chapter ends with a discussion of future trends and technologies for defending against social engineering attacks. Use of the taxonomy should help security professionals and researchers understand social engineering attacks, and implementation of the discussed current and future countermeasures should help professionals reduce the risks associated with social engineering attacks.",

author = "Twitchell, {Douglas P.}",

note = "This chapter introduces and defines social engineering, a recognized threat to the security of information systems. It also introduces a taxonomy for classifying social engineering attacks along four dimensions: who or what the targets are, what media are used, how the attacks fit in an attack cycle, and the techniques used to execute the attacks.",

year = "2008",

doi = "10.4018/978-1-60566-132-2.ch014",

language = "English",

isbn = "9781605661322",

pages = "228--242",

booktitle = "Handbook of Research on Social and Organizational Liabilities in Information Security",

}

TY - CHAP

T1 - Social engineering and its countermeasures

AU - Twitchell, Douglas P.

N1 - This chapter introduces and defines social engineering, a recognized threat to the security of information systems. It also introduces a taxonomy for classifying social engineering attacks along four dimensions: who or what the targets are, what media are used, how the attacks fit in an attack cycle, and the techniques used to execute the attacks.

PY - 2008

Y1 - 2008

N2 - This chapter introduces and defines social engineering, a recognized threat to the security of information systems. It also introduces a taxonomy for classifying social engineering attacks along four dimensions: who or what the targets are, what media are used, how the attacks fit in an attack cycle, and the techniques used to execute the attacks. Additionally, the chapter discusses current social engineering countermeasures and how to map attack types to these countermeasures. Finally, the chapter ends with a discussion of future trends and technologies for defending against social engineering attacks. Use of the taxonomy should help security professionals and researchers understand social engineering attacks, and implementation of the discussed current and future countermeasures should help professionals reduce the risks associated with social engineering attacks.

AB - This chapter introduces and defines social engineering, a recognized threat to the security of information systems. It also introduces a taxonomy for classifying social engineering attacks along four dimensions: who or what the targets are, what media are used, how the attacks fit in an attack cycle, and the techniques used to execute the attacks. Additionally, the chapter discusses current social engineering countermeasures and how to map attack types to these countermeasures. Finally, the chapter ends with a discussion of future trends and technologies for defending against social engineering attacks. Use of the taxonomy should help security professionals and researchers understand social engineering attacks, and implementation of the discussed current and future countermeasures should help professionals reduce the risks associated with social engineering attacks.

UR - http://www.scopus.com/inward/record.url?scp=84856381706&partnerID=8YFLogxK

UR - http://dx.doi.org/10.4018/978-1-60566-132-2.ch014

U2 - 10.4018/978-1-60566-132-2.ch014

DO - 10.4018/978-1-60566-132-2.ch014

M3 - Chapter

AN - SCOPUS:84856381706

SN - 9781605661322

SP - 228

EP - 242

BT - Handbook of Research on Social and Organizational Liabilities in Information Security

ER -

Social engineering and its countermeasures

Abstract

EGS Disciplines

Access to Document

Other files and links

Fingerprint

Cite this