Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Towards automating social engineering using social networking sites
KTH, School of Information and Communication Technology (ICT), Computer and Systems Sciences, DSV.
2009 (English)In: Proceedings - 12th IEEE International Conference on Computational Science and Engineering, CSE 2009, 2009, 117-124 p.Conference paper, Published paper (Refereed)
Abstract [en]

A growing number of people use social networking sites to foster social relationships among each other. While the advantages of the provided services are obvious, drawbacks on a users' privacy and arising implications are often neglected. In this paper we introduce a novel attack called automated social engineering which illustrates how social networking sites can be used for social engineering. Our approach takes classical social engineering one step further by automating tasks which formerly were very time-intensive. In order to evaluate our proposed attack cycle and our prototypical implementation (ASE bot), we conducted two experiments. Within the first experiment we examine the information gathering capabilities of our bot. The second evaluation of our prototype performs a Turing test. The promising results of the evaluation highlight the possibility to efficiently and effectively perform social engineering attacks by applying automated social engineering bots.

Place, publisher, year, edition, pages
2009. 117-124 p.
Keyword [en]
Automated social engineering, Deception, Security, Social engineering, Social networking sites
National Category
Other Computer and Information Science
Identifiers
URN: urn:nbn:se:kth:diva-153511DOI: 10.1109/CSE.2009.205Scopus ID: 2-s2.0-70849122971ISBN: 978-076953823-5 (print)OAI: oai:DiVA.org:kth-153511DiVA: diva2:753834
Conference
2009 IEEE International Conference on Privacy, Security, Risk, and Trust, PASSAT 2009, 29 August 2009 through 31 August 2009, Vancouver, BC, Canada
Note

QC 20141009

Available from: 2014-10-09 Created: 2014-10-06 Last updated: 2014-10-09Bibliographically approved

Open Access in DiVA

No full text

Other links

Publisher's full textScopus

Search in DiVA

By author/editor
Kowalski, Stewart
By organisation
Computer and Systems Sciences, DSV
Other Computer and Information Science

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 73 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf