A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks-Reference-Cited by-同舟云学术

A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks

Published:2016-02-08 Issue:3 Volume:48 Page:1-39
ISSN:0360-0300
Container-title:ACM Computing Surveys
language:en
Short-container-title:ACM Comput. Surv.

Author:

Heartfield Ryan¹,Loukas George¹

Affiliation:

1. University of Greenwich, UK

Abstract

Social engineering is used as an umbrella term for a broad spectrum of computer exploitations that employ a variety of attack vectors and strategies to psychologically manipulate a user. Semantic attacks are the specific type of social engineering attacks that bypass technical defences by actively manipulating object characteristics, such as platform or system applications, to deceive rather than directly attack the user. Commonly observed examples include obfuscated URLs, phishing emails, drive-by downloads, spoofed websites and scareware to name a few. This article presents a taxonomy of semantic attacks, as well as a survey of applicable defences. By contrasting the threat landscape and the associated mitigation techniques in a single comparative matrix, we identify the areas where further research can be particularly beneficial.

Publisher

Association for Computing Machinery (ACM)

Subject

General Computer Science,Theoretical Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/2835375

Reference185 articles.

1. Towards a dynamic file integrity monitor through a security classification;Abdullah Z. H.;Internal Journal of New Computer Architectures and Their Applications (IJNCAA),2011

2. S. Abraham and C. S. UnduShobha. 2010. An overview of social engineering malware: Trends tactics and implications. Technology in Society 3 32 3 183--196. S. Abraham and C. S. UnduShobha. 2010. An overview of social engineering malware: Trends tactics and implications. Technology in Society 3 32 3 183--196.

3. S. Abu-Nimeh and S. Nair. 2006. Phishing attacks in a mobile environment. In SMU HACNet Lab Southern Methodist University Dallas. S. Abu-Nimeh and S. Nair. 2006. Phishing attacks in a mobile environment. In SMU HACNet Lab Southern Methodist University Dallas.

4. A. Adelsbach S. Gajek and J. Schwenk. 2005. Visual spoofing of SSL protected web sites and effective countermeasures. In Information Security Practice and Experience. Springer Berlin 204--216. 10.1007/978-3-540-31979-5_18 A. Adelsbach S. Gajek and J. Schwenk. 2005. Visual spoofing of SSL protected web sites and effective countermeasures. In Information Security Practice and Experience. Springer Berlin 204--216. 10.1007/978-3-540-31979-5_18

Cited by 109 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. “Hey Players, there is a problem…”: On Attribute Inference Attacks against Videogamers;2024 IEEE Conference on Games (CoG);2024-08-05

2. Advancing Email Spam Classification using Machine Learning and Deep Learning Techniques;Engineering, Technology & Applied Science Research;2024-08-02

3. Combating Phishing in the Age of Fake News: A Novel Approach with Text-to-Text Transfer Transformer;Proceedings of the 1st Workshop on Security-Centric Strategies for Combating Information Disorder;2024-07

4. Reconstructing images with attention generative adversarial network against adversarial attacks;Journal of Electronic Imaging;2024-06-17

5. A Systematic Deconstruction of Human-Centric Privacy & Security Threats on Mobile Phones;International Journal of Human–Computer Interaction;2024-06-12