Benchmarking a Mobile Implementation of the Social Engineering Prevention Training Tool

Mouton, Francois and Teixeira, Marcel and Meyer, Thomas (2017) Benchmarking a Mobile Implementation of the Social Engineering Prevention Training Tool, Proceedings of 16th International Information Security South Africa Conference, 16-17 August, Johannesburg, South Africa.

[img] PDF
paper_38.pdf

Download (576kB)

Abstract

As the nature of information stored digitally be- comes more important and confidential, the security of the systems put in place to protect this information needs to be increased. The human element, however, remains a vulnerability of the system and it is this vulnerability that social engineers attempt to exploit. The Social Engineering Attack Detection Model version 2 (SEADMv2) has been proposed to help people identify malicious social engineering attacks. Prior to this study, the SEADMv2 had not been implemented as a user friendly application or tested with real subjects. This paper describes how the SEADMv2 was implemented as an Android application. This Android application was tested on 20 subjects, to determine whether it reduces the probability of a subject falling victim to a social engineering attack or not. The results indicated that the Android implementation of the SEADMv2 significantly reduced the number of subjects that fell victim to social engineering attacks. The Android application also significantly reduced the number of subjects that fell victim to malicious social engineering attacks, bidirectional communication social engineering attacks and indirect communication social engineering attacks. The Android application did not have a statistically significant effect on harmless scenarios and unidirectional communication social engineering attacks.

Item Type: Conference paper
Subjects: Information systems > Data management systems
Date Deposited: 23 Nov 2017
Last Modified: 10 Oct 2019 15:31
URI: http://pubs.cs.uct.ac.za/id/eprint/1202

Actions (login required)

View Item View Item