Taxonomy of Cybersecurity Awareness Delivery Methods: A Countermeasure for Phishing Threats

Alhashmi, Asma A.; Darem, Abdulbasit; Abawajy, Jemal

doi:10.14569/ijacsa.2021.0121004

Cited by 7 publications

(6 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Similarly, Paula et al [23] contend that, even though technical defense in malware attacks and social engineering is a requirement, the overreliance on only technical techniques to the neglect of non-technical controls leads to compromise of security. A position supported by Alhashmi et al [7] and Musah et al [24]. They then advocated for the conduct of regular, routine, and wellorganized user awareness, training, and education to build user resistance and immunity to malware attacks.…”

Section: Workmentioning

confidence: 99%

“…Globally, malware attacks and exposures continue to attract all relevant stakeholders in the cybersecurity valuechain as more and more exposures occur [7]. Malicious Software (Malware) are software with malicious intent.…”

Section: A Malware and Malware Trendsmentioning

confidence: 99%

“…These reports indicated that the malware is not only increasing in volume but also in variety and complexity. An analysis of the literature suggests a global increasing trend of malware and other socially engineered attacks [6,7,22,24]. This growth and expansion of malware attacks remain a major problem for all cyber defense stakeholders [7,8,45].…”

Section: ) Malware Trends and Varietymentioning

confidence: 99%

“…An analysis of the literature suggests a global increasing trend of malware and other socially engineered attacks [6,7,22,24]. This growth and expansion of malware attacks remain a major problem for all cyber defense stakeholders [7,8,45]. The high variety and complexity of these malware imply that defending against such attacks using traditional signature-based techniques becomes problematic [6,10,22].…”

Section: ) Malware Trends and Varietymentioning

confidence: 99%

“…Thus, the concomitant effect of malware exposure is so dire that, stakeholders are spending hugely on providing defenses against malware attacks. Notwithstanding the huge investment, cyber exposure through malware attacks is still in ascendancy [7]. According to [8], on average, about 450,000 malware samples and PUS are recorded daily; this translates into 13,500,000 monthly and 162,000,000 annually.…”

Section: Introductionmentioning

confidence: 99%

See 4 more Smart Citations

An Evaluation of Current Malware Trends and Defense Techniques: A Scoping Review with Empirical Case Studies

Cletus,

Opoku,

Weyori

2024

JAIT

View full text Add to dashboard Cite

attackers and defenders makes the malware ecosystems highly volatile, dynamic, stochastic, and unpredictable. The volatility of the ecosystem means that, both attackers and defenders are innovating to outwit each other, which requires regular evaluation to establish gaps for remediation. In this paper, the aim was to establish current malware trends, comparative weaknesses and strengths of existing malware defenses, the identification of research gaps and a proposal of future directions to malware defense. We adopted a scoping review with empirical case studies using data from extant literature and industrial sources for the study. The results revealed that, current malware are targeted, unknown, persistent and stealth and are increasing in volumes, variety and complexity. Attackers adopt innovative modes of transmission to spread malware from one network to another and use both anti-static and advanced forms of obfuscation to evade detection. The poor adaptability, learnability, memorability and generalizability of signature-based detection methods such as static, dynamic, hybrid makes ML algorithms the state-of-art, but they also show instability in classification, poor and redundant features, class imbalance and the associated "accuracy paradox", and poor resilience to detecting previously unknown malware. Additionally, user and organizational vulnerabilities also exacerbates the defense challenge. The paper concluded that with the increasing sophistication in malware, ensuring holistic malware defense requires novel techniques that addresses these gaps. This implies that, current research should refocus on providing hybrid defense approaches that are not only technical in nature but also non-technical leading to the provision of improved holistic malware defense.

show abstract

Section: Workmentioning

confidence: 99%

Section: A Malware and Malware Trendsmentioning

confidence: 99%

Section: ) Malware Trends and Varietymentioning

confidence: 99%

Section: ) Malware Trends and Varietymentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

See 3 more Smart Citations

An Evaluation of Current Malware Trends and Defense Techniques: A Scoping Review with Empirical Case Studies

Cletus,

Opoku,

Weyori

2024

JAIT

View full text Add to dashboard Cite

show abstract

Cybersecurity Governance and Ethics

Sharma,

Habibi Lashkari,

Parizadeh

2024

Progress in IS

View full text Add to dashboard Cite

A Comprehensive Taxonomy of Social Engineering Attacks and Defense Mechanisms: Toward Effective Mitigation Strategies

Zaoui,

Yousra,

Yassine

et al. 2024

IEEE Access

View full text Add to dashboard Cite

Social engineering (SE) attacks are a growing concern for organizations that rely on technology to protect sensitive data. Identifying and preventing these attacks can be challenging, as they frequently rely on manipulating human behavior rather than exploiting technical vulnerabilities. Although various studies have explored SE attacks and their defense mechanisms, there remains a gap in the literature concerning the holistic and layered classification of these threats and countermeasures. To address this, we conducted a comprehensive literature survey to understand existing taxonomies and subsequently identified areas that required a more structured and exhaustive categorization. Based on the survey results, we propose a comprehensive taxonomy of SE attacks, classifying them based on three levels: environment, approaches, and mediums. Additionally, we present a taxonomy of social engineering countermeasures, encompassing both technical and non-technical solutions. The proposed taxonomies serve as a foundation for future research and offer organizations a valuable framework for developing effective strategies to detect, prevent, and respond to social engineering incidents.

show abstract

Taxonomy of Cybersecurity Awareness Delivery Methods: A Countermeasure for Phishing Threats

Cited by 7 publications

References 25 publications

An Evaluation of Current Malware Trends and Defense Techniques: A Scoping Review with Empirical Case Studies

An Evaluation of Current Malware Trends and Defense Techniques: A Scoping Review with Empirical Case Studies

Cybersecurity Governance and Ethics

A Comprehensive Taxonomy of Social Engineering Attacks and Defense Mechanisms: Toward Effective Mitigation Strategies

Contact Info

Product

Resources

About