Högskolan i Skövde

his.sePublikationer
Ändra sökning
Avgränsa sökresultatet
1 - 8 av 8
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf
Träffar per sida
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sortering
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
  • Standard (Relevans)
  • Författare A-Ö
  • Författare Ö-A
  • Titel A-Ö
  • Titel Ö-A
  • Publikationstyp A-Ö
  • Publikationstyp Ö-A
  • Äldst först
  • Nyast först
  • Skapad (Äldst först)
  • Skapad (Nyast först)
  • Senast uppdaterad (Äldst först)
  • Senast uppdaterad (Nyast först)
  • Disputationsdatum (tidigaste först)
  • Disputationsdatum (senaste först)
Markera
Maxantalet träffar du kan exportera från sökgränssnittet är 250. Vid större uttag använd dig av utsökningar.
  • 1. Huber, Markus
    et al.
    Kowalski, Stewart
    Nohlberg, Marcus
    Högskolan i Skövde, Institutionen för kommunikation och information. Högskolan i Skövde, Forskningscentrum för Informationsteknologi.
    Tjoa, Simon
    Towards Automating Social Engineering Using Social Networking Sites2009Ingår i: 2009 International Conference on Computational Science and Engineering, IEEE Computer Society , 2009, s. 117-124Konferensbidrag (Refereegranskat)
    Abstract [en]

    A growing number of people use social networking sites to foster social relationships among each other. While the advantages of the provided services are obvious, drawbacks on a users’ privacy and arising implications are often neglected. In this paper we introduce a novel attack called automated social engineering which illustrates how social networking sites can be used for social engineering. Our approach takes classical social engineering one step further by automating tasks which formerly were very time-intensive. In order to evaluate our proposed attack cycle and our prototypical implementation (ASE bot), we conducted two experiments. Within the first experiment we examine the information gathering capabilities of our bot. The second evaluation of our prototype performs a Turing test. The promising results of the evaluation highlightthe possibility to efficiently and effectively perform social engineering attacks by applying automated social engineering bots.

  • 2.
    Kävrestad, Joakim
    et al.
    Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningsmiljön Informationsteknologi.
    Åhlfeldt, Rose-Mharie
    Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningsmiljön Informationsteknologi.
    Nohlberg, Marcus
    Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningsmiljön Informationsteknologi.
    Karonen, Johani
    Högskolan i Skövde.
    Kowalski, Stewart
    Högskolan i Skövde, Institutionen för informationsteknologi. Högskolan i Skövde, Forskningsmiljön Informationsteknologi.
    Spiraling out in control: A Video Cartesian Dialectic on a Socio-technical Approach to Teaching Privacy, Information- and Cyber Security (PICS)2019Ingår i: Socio-Technical Perspective in IS Development 2019: Proceedings of the 5th International Workshop on Socio-Technical Perspective in IS Development (STPIS 2019) co-located with 27th European Conference on Information Systems (ECIS 2019) / [ed] Stewart Kowalski; Peter Bednar; Alexander Nolte; Ilia Bider, CEUR-WS , 2019, Vol. 2398, s. 153-155Konferensbidrag (Refereegranskat)
    Ladda ner fulltext (pdf)
    fulltext
  • 3.
    Nohlberg, Marcus
    et al.
    Högskolan i Skövde, Institutionen för kommunikation och information. Högskolan i Skövde, Forskningscentrum för Informationsteknologi.
    Kowalski, Stewart
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap.
    The cycle of deception: a model of social engineering attacks, defenses and victims2008Ingår i: Proceedings of the Second International Symposium on Human Aspects of Information Security and Assurance (HAISA 2008) / [ed] Nathan Clarke, Steven Furnell, University of Plymouth , 2008, s. 1-11Konferensbidrag (Refereegranskat)
    Abstract [en]

    In this paper we propose a model for describing deceptive crimes in general and social engineering in particular. Our research approach was naïve inductivist and the methods used were literature study and interviews with the lead investigator in a grooming case, as we see many similarities between the techniques used in grooming, and those used in social engineering. From this we create cycles describing attacker, defender, and the victim and merge them into a model describing the cycle of deception. The model is then extended into a possible deception sphere. The resulting models can be used to educate about social engineering, to create automated social engineering attacks, to facilitate better incident reporting, and to understand the impact and economical aspects of defenses.

  • 4.
    Nohlberg, Marcus
    et al.
    Högskolan i Skövde, Institutionen för kommunikation och information. Högskolan i Skövde, Forskningscentrum för Informationsteknologi.
    Kowalski, Stewart
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap (Säkerhetsinformatik).
    Huber, Markus
    Stockholms universitet, Samhällsvetenskapliga fakulteten, Institutionen för data- och systemvetenskap (Säkerhetsinformatik).
    Measuring Readiness for Automated Social Engineering2008Ingår i: Proceedings of the 7th Annual Security Conference, Las Vegas, USA, June 2-3, 2008 [CD-ROM], 2008, s. 20.1-20.13Konferensbidrag (Refereegranskat)
    Abstract [en]

    This paper presents the result of a case study of the readiness of four large Swedish multinational corporations to deal with automated social engineering attacks. A preliminary study to review how the security policy of a large corporation deals with social engineering attacks was performed. The results from this study were combined with a conceptual model of social engineering when constructing a new interview protocol and a grading scale. This interview protocol was designed to measure the readiness of an organization to deal with social engineering attacks in general, and in this case with automated social engineering in particular. Four interviews were conducted with senior security managers and senior employees. Results indicate that no organization was over 60% on the readiness scale and thus all are considered at risk of attack.

  • 5.
    Nohlberg, Marcus
    et al.
    Högskolan i Skövde, Institutionen för kommunikation och information.
    Kowalski, Stewart
    Department of Computer and Systems Sciences, Stockholm University/Royal Institute of Technology, Stockholm, Sweden.
    Karlsson, Kerstin
    Högskolan i Skövde, Institutionen för kommunikation och information.
    Ask and you shall know: using interviews and the SBC model for social-engineering penetration testing2008Ingår i: Proceedings of the 1st International Multi-Conference on Engineering and Technological Innovation; IMETI 2008: Volume I / [ed] Chu Hsing-Wei, Estrems Manuel, Ferrer José, Franco Patricio, Savoie Michael, Orlando: International Institute of Informatics and Systemics, 2008, s. 121-128Konferensbidrag (Refereegranskat)
    Abstract [en]

    This paper presents the result of a case study where the SBC model was used as a foundation to perform semi-structured interviews to test the security in a medical establishment. The answers were analyzed and presented in an uncomplicated graph. The purpose was to study the feasibility of letting the users participate, instead of exploiting their weaknesses. It was found that the approach of interviewing the subjects rendered interesting, and relevant, results, making it an approach that should be studied further due to its apparent gains: less ethically troublesome penetration testing, increased awareness, improved coverage and novel information as added bonuses.

  • 6.
    Nohlberg, Marcus
    et al.
    Högskolan i Skövde, Institutionen för kommunikation och information. Högskolan i Skövde, Forskningscentrum för Informationsteknologi.
    Kowalski, Stewart
    Karlsson, Kerstin
    Högskolan i Skövde.
    Non-Invasive Social Engineering Penetration Testing in a Medical Environment2008Ingår i: Proceedings of the 7th Annual Security Conference [CD-ROM], 2008, s. 22.1-22.13Konferensbidrag (Refereegranskat)
    Abstract [en]

    This paper proposes a soft approach for social engineering penetration testing. By using the SBC model as a foundation, questions related to the social element of security were asked in semi-structured interviews to a group of subjects. The answers were analyzed and presented in an uncomplicated graph. The purpose was to study the feasibility of letting the users participate, instead of exploiting their weaknesses. It was found that the approach of interviewing the subjects rendered interesting, and relevant, results, making it an approach that should be studied further due to its apparent gains: less ethically troublesome penetration testing, increased awareness, improved coverage and novel information as added bonuses.

  • 7.
    Nohlberg, Marcus
    et al.
    Högskolan i Skövde, Institutionen för kommunikation och information.
    Wangler, Benkt
    Högskolan i Skövde, Institutionen för kommunikation och information.
    Kowalski, Stewart
    Stockholm University, Sweden.
    A Conceptual Model of Social Engineering2010Konferensbidrag (Refereegranskat)
  • 8.
    Nohlberg, Marcus
    et al.
    Högskolan i Skövde, Institutionen för kommunikation och information. Högskolan i Skövde, Forskningscentrum för Informationsteknologi.
    Wangler, Benkt
    Högskolan i Skövde, Institutionen för kommunikation och information. Högskolan i Skövde, Forskningscentrum för Informationsteknologi.
    Kowalski, Stewart
    Stockholm University, Sweden.
    A Conceptual Model of Social Engineering2011Ingår i: Journal of Information System Security, ISSN 1551-0123, E-ISSN 1551-0808, Vol. 7, nr 2, s. 3-13Artikel i tidskrift (Refereegranskat)
    Abstract [en]

    Social engineering is a term used for techniques to trick, or con, users into giving out information to someone that should not have it. In this paper we discuss and model various notions related to social engineering. By using a broad, cross disciplinary approach, we present a conceptual model of the different kinds of social engineering attacks, and their preparation, the victim and the perpetrator, as well as the cultural aspects. By using this approach a better general understanding of social engineering can be reached. The model is also a good tool for teaching about and protecting against social engineering attacks.

1 - 8 av 8
RefereraExporteraLänk till träfflistan
Permanent länk
Referera
Referensformat
  • apa
  • apa-cv
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Annat format
Fler format
Språk
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Annat språk
Fler språk
Utmatningsformat
  • html
  • text
  • asciidoc
  • rtf