An Attack Vector for Deception Through Persuasion Used by Hackers and Crakers

Hasan, Mosin; Prajapati, Nilesh

doi:10.1109/netcom.2009.59

Cited by 3 publications

(2 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The impulsive and unpredictable behaviour of human users has been widely characterised as one of the most significant weaknesses in modern computer systems [Hasan and Prajapati 2009]. While security controls against technical exploitations have improved considerably in recent years, the same successes have proven difficult to replicate in user security.…”

Section: Survey Of Semantic Attack Defence Mechanismsmentioning

confidence: 99%

“…The landscape of semantic attacks is wide and continuously expanding. While user targeting has been historically limited to emails and websites, the advent of the Internet of Things [Hasan and Prajapati 2009] is expanding the scope of exploitations to even include smart home appliances [Kuipers et al 2010]. Current systems have limited capability to compare a spoofed file icon with the associated extension or to efficiently highlight the execution similarities of different file extensions to users in a pro-active fashion.…”

Section: Survey Of Semantic Attack Defence Mechanismsmentioning

confidence: 99%

See 1 more Smart Citation

A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks

2015

View full text Add to dashboard Cite

Social engineering is used as an umbrella term for a broad spectrum of computer exploitations that employ a variety of attack vectors and strategies to psychologically manipulate a user. Semantic attacks are the specific type of social engineering attacks that bypass technical defences by actively manipulating object characteristics, such as platform or system applications, to deceive rather than directly attack the user. Commonly observed examples include obfuscated URLs, phishing emails, drive-by downloads, spoofed websites and scareware to name a few. This paper presents a taxonomy of semantic attacks, as well as a survey of applicable defences. By contrasting the threat landscape and the associated mitigation techniques in a single comparative matrix, we identify the areas where further research can be particularly beneficial.

show abstract

Section: Survey Of Semantic Attack Defence Mechanismsmentioning

confidence: 99%

Section: Survey Of Semantic Attack Defence Mechanismsmentioning

confidence: 99%