当前位置:
X-MOL 学术
›
Journal of Organizational and End User Computing
›
论文详情
Our official English website, www.x-mol.net, welcomes your
feedback! (Note: you will need to create a separate account there.)
A Risk Analysis Framework for Social Engineering Attack Based on User Profiling
Journal of Organizational and End User Computing ( IF 3.6 ) Pub Date : 2020-07-01 , DOI: 10.4018/joeuc.2020070104 Ziwei Ye 1 , Yuanbo Guo 1 , Ankang Ju 1 , Fushan Wei 1 , Ruijie Zhang 1 , Jun Ma 1
Journal of Organizational and End User Computing ( IF 3.6 ) Pub Date : 2020-07-01 , DOI: 10.4018/joeuc.2020070104 Ziwei Ye 1 , Yuanbo Guo 1 , Ankang Ju 1 , Fushan Wei 1 , Ruijie Zhang 1 , Jun Ma 1
Affiliation
Socialengineeringattacksarebecomingseriousthreatstocloudservice.Socialengineeringattackers couldgetCloudservicecustomprivacyinformationorattackvirtualmachineimagesdirectly.Existing securityanalysisinstrumentsaredifficulttoquantifythesocialengineeringattackrisk,resultingin invaliddefenseguidanceforsocialengineeringattacks.Inthisarticle,ariskanalysisframeworkfor socialengineeringattackisproposedbasedonuserprofiling.Theframeworkprovidesapathwayto quantitativelycalculatethepossibilityofbeingcompromisedbysocialengineeringattackandpotential loss,soastoeffectivelycomplementcurrentsecurityassessmentinstruments.Thefrequencyofrelated operationsisusedtoprofileandgroupusersforrespectiveriskcalculation,andotherfeaturessuch assecurityawarenessandcapabilityofprotectionmechanismarealsoconsidered.Finally,examples aregiventoillustratehowtousetheframeworkinactualscenarioandapplyittosecurityassessment. KEywORdS Authority, Cloud Security, Network Security Assessment, Operating Frequency, Risk Analysis, Social Engineering, User Profiling, Vulnerability
中文翻译:
基于用户概要分析的社会工程攻击风险分析框架
还考虑了其他功能,例如安全意识和保护机制的能力。最后,给出了示例以说明如何使用实际情况下的框架,并将其应用于安全评估。KEywORdS机构,云安全,网络安全评估,运行频率,风险分析,社会工程,用户配置文件,漏洞
更新日期:2020-07-01
中文翻译:
基于用户概要分析的社会工程攻击风险分析框架
还考虑了其他功能,例如安全意识和保护机制的能力。最后,给出了示例以说明如何使用实际情况下的框架,并将其应用于安全评估。KEywORdS机构,云安全,网络安全评估,运行频率,风险分析,社会工程,用户配置文件,漏洞