Skip to main content
SpringerLink
Log in

Aggregate Estimates for Probability of Social Engineering Attack Success: Sustainability of the Structure of Access Policies

  • Conference paper
  • First Online:
Advances in Intelligent Systems, Computer Science and Digital Economics (CSDEIS 2019)

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 1127))

  • 444 Accesses

Abstract

The article is devoted to the development of a method for analyzing the sustainability of the structure of access policies to the social engineering attack actions of the malefactor. The analysis of sustainability in this case is the calculation of aggregated probabilistic estimates of success of a social engineering attack actions of the malefactor to certain confidential data that is stored in the information system. The approach is based on data on the user’s vulnerabilities profile, the calculation of probability estimates of this profile, as well as the formation of a structure of access policies that is more stable to social engineering attacks, and is built on the basis of genetic algorithms. This approach makes it possible to determine the configuration of users of the information system that is the most stable to the malefactor’s social engineering attacks. The report describes the general principles of the proposed approach and presents the results of computational experiments.

The results were partially supported by RFBR, project No. 18-37-00340, and Governmental contract (SPIIRAS) No. 0073-2019-0003.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Abramov, M., Azarov, A., Tulupyeva, T., Tulupyev, A.: Model of malefactor competencies profile for analyzing information system personnel security from social engineering attacks. Inf. Control Syst. 4, 77–84 (2016)

    Google Scholar 

  2. Azarov, A., Tulupyev, A., Solovtsov, N., Tulupyeva, T.: SQL representation of relational and probabilistic models of socio-engineering attacks in problems of calculation of the aggregated estimates of information system’s personnel security taking into account scales of communications between users. SPIIRAS Proc. 24, 41–53 (2013)

    Google Scholar 

  3. Azarov, A., Tulupyeva, T., Suvorova, A., Tulupyev, A., Abramov, M., Yusupov, R.: Social Engineering Attacks. The Problems of Analysis. St. Petersburg, 352 p. (2016)

    Google Scholar 

  4. Azarov, A., Abramov, M., Tulupyeva, T., Tulupyev, A.: Users’ of information system protection analysis from malefactor’s social engineering attacks taking into account malefactor’s competence profile. In: Biologically Inspired Cognitive Architectures (BICA) for Young Scientists, pp. 25–30 (2016)

    Google Scholar 

  5. Aysun, B., Birgul, K.: Current state and future trends in location recommender systems. Int. J. Inf. Technol. Comput. Sci. (IJITCS) 9(6), 1–8 (2017)

    Google Scholar 

  6. Gupta, B.B., Tewari, A., Jain, A.K., Agrawal, D.P.: Fighting against phishing attacks: state of the art and future challenges. Neural Comput. Appl. 28(12), 3629–3654 (2017). https://doi.org/10.1007/s00521-016-2275-y

    Article  Google Scholar 

  7. Huda, A., Živanović, R.: Accelerated distribution systems reliability evaluation by multilevel Monte Carlo simulation: implementation of two discretisation schemes. IET Gener. Transm. Distrib. 11(13), 3397–3405 (2017)

    Article  Google Scholar 

  8. Kammogne, S.T.A., Fotsin, H.B.: A secure communication scheme using generalized modified projective synchronization of coupled colpitts oscillators. Int. J. Math. Sci. Comput. (IJMSC) 4(1), 56–70 (2018)

    Google Scholar 

  9. Liu, J., Lyu, Q., Wang, Q., Yu, X.: A digital memories based user authentication scheme with privacy preservation. PLoS ONE 12(11), 0186925 (2017)

    Google Scholar 

  10. R Core Team. R: A language and environment for statistical computing. R Foundation for Statistical Computing, Vienna, Austria. https://www.R-project.org/. Accessed 08 May 2019

  11. Schaik, P., Jeske, D., Onibokun, J., Coventry, L., Jansen, J., Kusev, P.: Risk perceptions of cyber-security and precautionary behavior. Comput. Hum. Behav. 62(11), 5678–5693 (2017)

    Google Scholar 

  12. Struharik, R., Vukobratović, B.: A system for hardware aided decision tree ensemble evolution. J. Parallel Distrib. Comput. 112, 67–83 (2018)

    Article  Google Scholar 

  13. Terlizzi, M., Meirelles, F., Viegas Cortez da Cunha, M.: Behavior of Brazilian banks employees on Facebook and the cybersecurity governance. J. Appl. Secur. Res. 12(2), 224–252 (2017)

    Article  Google Scholar 

  14. Willighagen, E., Ballings, M.: R Based Genetic Algorithm. R package version 0.2.0 (2015). https://CRAN.R-project.org/package=genalg. Accessed 08 May 2019

  15. Zhou, S., Han, J., Tang, H.: Research on trusted industrial control ethernet network. Int. J. Comput. Netw. Inf. Secur. (IJCNIS) 2(2), 40–46 (2010)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. St. Petersburg Institute for Informatics and Automation of the Russian Academy of Sciences, 39 14-th line V.O., Saint-Petersburg, Russia

    Artur Azarov

  2. National Research University Higher School of Economics, 16 Soyuza Pechatnikov, Saint-Petersburg, Russia

    Alena Suvorova

  3. BMSTU, ul. Baumanskaya 2-ya, 5/1, Moscow, Russia

    Maria Koroleva

  4. Saint Petersburg State University, St. Petersburg, Russia

    Olga Vasileva

Authors
  1. Artur Azarov
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Alena Suvorova
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Maria Koroleva
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Olga Vasileva
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Artur Azarov .

Editor information

Editors and Affiliations

  1. School of Educational Information Technology, Central China Normal University, Wuhan, Hubei, China

    Zhengbing Hu

  2. Mechanical Engineering Research Institute, Russian Academy of Sciences, Moscow, Russia

    Sergey Petoukhov

  3. Halmos College of Natural Sciences and Oceanography, Nova Southeastern University, Davie, FL, USA

    Matthew He

Rights and permissions

Reprints and permissions

Copyright information

© 2020 The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Azarov, A., Suvorova, A., Koroleva, M., Vasileva, O. (2020). Aggregate Estimates for Probability of Social Engineering Attack Success: Sustainability of the Structure of Access Policies. In: Hu, Z., Petoukhov, S., He, M. (eds) Advances in Intelligent Systems, Computer Science and Digital Economics. CSDEIS 2019. Advances in Intelligent Systems and Computing, vol 1127. Springer, Cham. https://doi.org/10.1007/978-3-030-39216-1_26

Download citation

Publish with us

Policies and ethics

Search

Navigation