Mouton, FrancoisNottingham, Alastair TLeenen, LouiseVenter, HS2018-01-042018-01-042017-08Mouton, F. et al. 2017. Underlying finite state machine for the social engineering attack detection model. Information Security for South Africa Conference (ISSA2017), 16-17 August 2017, Sandton, Johannesburg, South Africa, pp. 98-105978-1-5386-0544-8http://www.infosecsa.co.za/Programmehttp://hdl.handle.net/10204/9913Copyright: 2017 IEEE. Due to copyright restrictions, the attached PDF file only contains the abstract of the full text item. For access to the full text item, please consult the publisher's website.Information security is a fast-growing discipline, and relies on continued improvement of security measures to protect sensitive information. In general, human operators are often highly susceptible to manipulation, and tend to be one of the weakest links in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy with respect to formal definitions, attack frameworks, examples of attacks and detection models. In order to formally address social engineering in a broad context, this paper proposes the underlying finite state machine of the Social Engineering Attack Detection Model (SEADM). The model has been proven to successfully thwart social engineering attacks utilising either bidirectional communication, unidirectional communication or indirect communication. Proposing and exploring the underlying finite state machine of the model allows one to have a clearer overview of the mental processing performed within the model. While the current model provides a general procedural template for implementing detection mechanisms for social engineering attacks, the finite state machine provides a more abstract and extensible model that highlights the interconnections between task categories associated with different scenarios. The finite state machine is intended to help facilitate the incorporation of organisation specific extensions by grouping similar activities into distinct categories, subdivided into one or more states. In addition, it facilitates additional analysis on state transitions that are difficult to extract from the original flowchart based model.enBidirectional communicationFinite state machineIndirect communicationSocial engineeringSocial engineering attack examplesSocial engineering attack detection modelSocial engineering attack frameworkUnidirectional communicationConference PresentationMouton, F., Nottingham, A. T., Leenen, L., & Venter, H. (2017). Underlying finite state machine for the social engineering attack detection model. IEEE. http://hdl.handle.net/10204/9913Mouton, Francois, Alastair T Nottingham, Louise Leenen, and HS Venter. "Underlying finite state machine for the social engineering attack detection model." (2017): http://hdl.handle.net/10204/9913Mouton F, Nottingham AT, Leenen L, Venter H, Underlying finite state machine for the social engineering attack detection model; IEEE; 2017. http://hdl.handle.net/10204/9913 .TY - Conference Presentation AU - Mouton, Francois AU - Nottingham, Alastair T AU - Leenen, Louise AU - Venter, HS AB - Information security is a fast-growing discipline, and relies on continued improvement of security measures to protect sensitive information. In general, human operators are often highly susceptible to manipulation, and tend to be one of the weakest links in the security chain. A social engineering attack targets this weakness by using various manipulation techniques to elicit individuals to perform sensitive requests. The field of social engineering is still in its infancy with respect to formal definitions, attack frameworks, examples of attacks and detection models. In order to formally address social engineering in a broad context, this paper proposes the underlying finite state machine of the Social Engineering Attack Detection Model (SEADM). The model has been proven to successfully thwart social engineering attacks utilising either bidirectional communication, unidirectional communication or indirect communication. Proposing and exploring the underlying finite state machine of the model allows one to have a clearer overview of the mental processing performed within the model. While the current model provides a general procedural template for implementing detection mechanisms for social engineering attacks, the finite state machine provides a more abstract and extensible model that highlights the interconnections between task categories associated with different scenarios. The finite state machine is intended to help facilitate the incorporation of organisation specific extensions by grouping similar activities into distinct categories, subdivided into one or more states. In addition, it facilitates additional analysis on state transitions that are difficult to extract from the original flowchart based model. DA - 2017-08 DB - ResearchSpace DP - CSIR KW - Bidirectional communication KW - Finite state machine KW - Indirect communication KW - Social engineering KW - Social engineering attack examples KW - Social engineering attack detection model KW - Social engineering attack framework KW - Unidirectional communication LK - https://researchspace.csir.co.za PY - 2017 SM - 978-1-5386-0544-8 T1 - Underlying finite state machine for the social engineering attack detection model TI - Underlying finite state machine for the social engineering attack detection model UR - http://hdl.handle.net/10204/9913 ER -