Options
The social engineering personality framework
Citation Link: https://doi.org/10.15480/882.1212
Publikationstyp
Conference Paper
Publikationsdatum
2014
Sprache
English
Citation
2014 Workshop on Socio-Technical Aspects in Security and Trust (STAST), Vienna, IEEE, pp. 24 - 30
Publisher DOI
Scopus ID
We explore Information and Communication Technology (ICT) security in a socio-technical world and focus in particular on the susceptibility to social engineering attacks. We pursue the question if and how personality traits influence this susceptibility. We use Cialdini's principles of influence to categorise social engineering attacks. First we show with a comprehensive literature review how existent research approaches social engineering susceptibility. Based on this review we construct suggestions for plausible relations between personality traits of the Five-Factor Model (Big 5) and the principles of influence. We propose our -- at this stage theory-based -- "Social Engineering Personality Framework" (SEPF) which we will evaluate in future empiric research. The characteristics of victims' personality traits in the SEPF will support and guide security researchers and practitioners in developing detection, mitigation, and prevention strategies while dealing with human factors in social engineering attacks.
Schlagworte
social engineering
socio-technical security
human factors
insider threat
personality traits
DDC Class
620: Ingenieurwissenschaften
Loading...
Name
2014.STAST.Uebelacker_Quiel_The_Social_Engineering_Personality_Framework.accepted_version.pdf
Size
123.36 KB
Format
Adobe PDF