Uebelacker, S. and Quiel, S.
The Social Engineering Personality Framework.
In: 4th Workshop on Socio-Technical Aspects in Security and Trust (STAST), 18 July 2014, Vienna, Austria.
Full text available as:
PDF - Univ. of Twente only
Official URL: http://dx.doi.org/10.1109/STAST.2014.12
We explore ICT security in a socio-technical world and focus
in particular on the susceptibility to social engineering attacks. We pursue the question if and how personality traits influence this susceptibility. This allows us to research human factors and their potential impact on the physical and digital security domains. We show how Cialdini's principles of influence can be used to explain why most social engineering attacks succeed and that these attacks mainly rely on peripheral route persuasion.
A comprehensive literature review reveals that individual values of a victim's personality traits relate to social engineering susceptibility. Furthermore, we construct suggestions for plausible relations between personality traits of the Five-Factor Model (Big 5) and the principles of influence.
Based on these arguments, we propose our "Social Engineering Personality Framework" (SEPF). It supports and guides security researchers in developing holistic detection, mitigation, and prevention strategies while dealing with human factors.
|Item Type:||Conference or Workshop Paper (Full Paper, Talk)|
|Research Project:||TREsPASS: Technology-supported Risk Estimation By Predictive Assessment Of Socio-technical Security|
|Additional Information:||Foreground = 100%; Type of activity = workshop;Main leader = TUHH;Type of audience = scientific community;Size of audience = 20;Countries addressed = international;|
|Deposited On:||01 November 2014|
Export this item as:
To request a copy of the PDF please email us request copy
To correct this item please ask your editor
Repository Staff Only: edit this item