Управленческое консультирование (Oct 2021)
Model of Social Influence in Analysis of Socio-engineering Attacks
Abstract
The purpose of this study is to study the modernization of the model of an attacker’s social engineering attack on a user, taking into account a wider range of factors influencing the success of a social engineering attack associated with the principles of social influence. Methods. To achieve this goal, the approaches to social influence and the components of social influence were analyzed. An integrated circuit of social influence is built, grounding in the context of socio-engineering attacks. Results. A model of social influence is proposed, built in the context of an attacker’s social engineering attack on a user. A new interpretation of the term user vulnerability in the context of information security has been proposed. Conclusion. The result obtained forms the potential of filling the user and attacker models with specific vulnerabilities and competencies, which will lead to a more accurate assessment of the success of the attacker’s social engineering attack on the user, due to the aggregation of information from incidents that have occurred.
Keywords