- Title
- A model for cultivating resistance to social engineering attacks
- Creator
- Jansson, Kenny
- Subject
- Computer security
- Subject
- Data protection
- Subject
- Human-computer interaction
- Date Issued
- 2011
- Date
- 2011
- Type
- Thesis
- Type
- Masters
- Type
- MTech
- Identifier
- vital:9744
- Identifier
- http://hdl.handle.net/10948/1588
- Identifier
- Computer security
- Identifier
- Data protection
- Identifier
- Human-computer interaction
- Description
- The human being is commonly considered as being the weakest link in information security. Subsequently, as information is one of the most critical assets in an organization today, it is essential that the human element is considered in deployments of information security countermeasures. However, the human element is often neglected in this regard. Consequently, many criminals are now targeting the user directly to obtain sensitive information instead of spending days or even months trying to hack through systems. Some criminals are targeting users by utilizing various social engineering techniques to deceive the user into disclosing information. For this reason, the users of the Internet and ICT-related technologies are nowadays very vulnerable to various social engineering attacks. As a contribution to increase users’ social engineering awareness, a model – called SERUM – was devised. SERUM aims to cultivate social engineering resistance within a community through exposing the users of the community to ‘fake’ social engineering attacks. The users that react incorrectly to these attacks are instantly notified and requested to participate in an online social engineering awareness program. Thus, users are educated on-demand. The model was implemented as a software system and was utilized to conduct a phishing exercise on all the students of the Nelson Mandela Metropolitan University. The aim of the phishing exercise was to determine whether SERUM is effective in cultivating social engineering resistant behaviour within a community. This phishing exercise proved to be successful and positive results emanated. This indicated that a model like SERUM can indeed be used to educate users regarding phishing attacks.
- Format
- xi, 168 leaves
- Format
- Publisher
- Nelson Mandela Metropolitan University
- Publisher
- Faculty of Engineering, the Built Environment and Information Technology
- Language
- English
- Rights
- Nelson Mandela Metropolitan University
- Hits: 2099
- Visitors: 2621
- Downloads: 713
Thumbnail | File | Description | Size | Format | |||
---|---|---|---|---|---|---|---|
View Details Download | SOURCEPDF | 2 MB | Adobe Acrobat PDF | View Details Download |