当前位置: X-MOL 学术Journal of Organizational and End User Computing › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
A Risk Analysis Framework for Social Engineering Attack Based on User Profiling
Journal of Organizational and End User Computing ( IF 3.6 ) Pub Date : 2020-07-01 , DOI: 10.4018/joeuc.2020070104
Ziwei Ye 1 , Yuanbo Guo 1 , Ankang Ju 1 , Fushan Wei 1 , Ruijie Zhang 1 , Jun Ma 1
Affiliation  

Socialengineeringattacksarebecomingseriousthreatstocloudservice.Socialengineeringattackers couldgetCloudservicecustomprivacyinformationorattackvirtualmachineimagesdirectly.Existing securityanalysisinstrumentsaredifficulttoquantifythesocialengineeringattackrisk,resultingin invaliddefenseguidanceforsocialengineeringattacks.Inthisarticle,ariskanalysisframeworkfor socialengineeringattackisproposedbasedonuserprofiling.Theframeworkprovidesapathwayto quantitativelycalculatethepossibilityofbeingcompromisedbysocialengineeringattackandpotential loss,soastoeffectivelycomplementcurrentsecurityassessmentinstruments.Thefrequencyofrelated operationsisusedtoprofileandgroupusersforrespectiveriskcalculation,andotherfeaturessuch assecurityawarenessandcapabilityofprotectionmechanismarealsoconsidered.Finally,examples aregiventoillustratehowtousetheframeworkinactualscenarioandapplyittosecurityassessment. KEywORdS Authority, Cloud Security, Network Security Assessment, Operating Frequency, Risk Analysis, Social Engineering, User Profiling, Vulnerability

中文翻译:

基于用户概要分析的社会工程攻击风险分析框架

还考虑了其​​他功能,例如安全意识和保护机制的能力。最后,给出了示例以说明如何使用实际情况下的框架,并将其应用于安全评估。KEywORdS机构,云安全,网络安全评估,运行频率,风险分析,社会工程,用户配置文件,漏洞
更新日期:2020-07-01
down
wechat
bug