Study of Automated Social Engineering, its Vulnerabilities, Threats and Suggested Countermeasures

Priya Kaul; Deepak Sharma

Call for Paper

January Edition

IJCA solicits high quality original research papers for the upcoming January edition of the journal. The last date of research paper submission is 20 December 2024

Submit your paper

Know more

The week's pick

Improved Shuffled Frog Leaping Algorithm with Self-Adaptive Shuffling for Fuzzy Logic PD+G Controller Optimization in Robotic Manipulators

Duc Hoang Nguyen

Random Articles

Learning Rates in Generalized Neuron Model for Short Term Load Forecasting

May

2012

A Simulink Modeling to Develop a Control System of Stirred Tank Heater with Multifarious Operating Conditions

November

2012

Monte Carlo Method and Brownian Movement Applied to Future Stock Market Analysis

Dec

2020

A New Algorithm to Model Highly Nonlinear System based Coactive Neuro Fuzzy Inference System

May

2014

Reseach Article

Study of Automated Social Engineering, its Vulnerabilities, Threats and Suggested Countermeasures

by Priya Kaul, Deepak Sharma

International Journal of Computer Applications

Foundation of Computer Science (FCS), NY, USA

Volume 67 - Number 7

Year of Publication: 2013

Authors: Priya Kaul, Deepak Sharma

10.5120/11406-6726

Priya Kaul, Deepak Sharma . Study of Automated Social Engineering, its Vulnerabilities, Threats and Suggested Countermeasures. International Journal of Computer Applications. 67, 7 ( April 2013), 13-16. DOI=10.5120/11406-6726

@article{ 10.5120/11406-6726,

author = { Priya Kaul, Deepak Sharma },

title = { Study of Automated Social Engineering, its Vulnerabilities, Threats and Suggested Countermeasures },

journal = { International Journal of Computer Applications },

issue_date = { April 2013 },

volume = { 67 },

number = { 7 },

month = { April },

year = { 2013 },

issn = { 0975-8887 },

pages = { 13-16 },

numpages = {9},

url = { https://ijcaonline.org/archives/volume67/number7/11406-6726/ },

doi = { 10.5120/11406-6726 },

publisher = {Foundation of Computer Science (FCS), NY, USA},

address = {New York, USA}

}

%0 Journal Article

%1 2024-02-06T21:24:02.852328+05:30

%A Priya Kaul

%A Deepak Sharma

%T Study of Automated Social Engineering, its Vulnerabilities, Threats and Suggested Countermeasures

%J International Journal of Computer Applications

%@ 0975-8887

%V 67

%N 7

%P 13-16

%D 2013

%I Foundation of Computer Science (FCS), NY, USA

Abstract

Automated Social Engineering (ASE) is how social networking sites (SNSs) are exploited for Social Engineering by automated bots. Classical social engineering is an attack on the security of systems, based on exploiting human factors. ASE is an automated form of traditional social engineering which makes use of bots to attack SNS. One such bot is KOOBFACE [1] that infected Facebook for a long time until it was detected in mid of 2011 by Sophos lab. ASE bots can be developed easily using open source web automation and web scrapping tools. These tools combined with appropriate chat logic with enhanced intelligence pose a great threat to the security of SNSs. Countermeasures like Captchas have proved ineffective in preventing bots from infiltrating SNS's. New techniques like Multi Modal Captchas (MMC), and Fast Flux Network (FFN) detection are the future of the ASE prevention. In this paper we present a survey of vulnerabilities, threats and propose some countermeasures for Automated Social Engineering.

References

Jonell Baltazar, Joey Costoya, and Ryan Flores, "The real face of KOOBFACE: The largest Web 2. 0 botnet explained", Trend Micro Threat Research, unpublished.
M. Huber, S. Kowalski, M. Nohlberg, and S. Tjoa, "Towards automating social engineering using social networking sites", In CSE (3), p. 117–124. IEEE Comp. Soc. , 2009.
M. Nohlberg and S. Kowalski, "The Cycle of Deception- A Model of Social Engineering Attacks, Defences and Victims," in Proceedings of the Second International Symposium on Human Aspects of Information Security & Assurance (HAISA 2008), Jul. 2008.
M. Huber, "Towards automating social engineering using social networking sites" theses work 2009.
Tobias Lauinger, Veikko Pankakoski, Davide Balzarotti, Engin Kirda, "Honeybot, Your Man in the Middle for Automated Social Engineering", IEEE, 2008.
Amit Kumar Tyagi, G. Aghila, "Detection of fast flux network based social bot using analysis based techniques", IEEE, 2012.
Abdulaziz S Almazyad, Yasir Ahmad, Shouket Ahmad Kouchay, "Multi-Modal CAPTCHA: A User Verification Scheme", IEEE, 2011.
The Koobface malware gang - exposed! , An investigation by Jan Drömer, independent researcher, and Dirk Kollberg, SophosLabs, http://nakedsecurity. sophos. com/koobface/.
Hongyu Gao, Jun Hu, Christo Wilson, Zhichun Li, Yan Chen, Ben Y. Zhao, "Detecting and Characterizing Social Spam Campaigns", IMC'10, November 1–3, 2010, Melbourne, Australia. Copyright 2010 ACM 978-1-4503-0057-5/10/11.
Catherine Dwyer, Starr Roxanne Hiltz, "Proceedings of the Thirteenth Americas Conference on Information Systems, Keystone, Colorado August 09 - 12 2007".

Index Terms

Computer Science

Information Sciences

Keywords

Social Networking Sites(SNSs) Fast-Flux Networks(FFNs) Multi-Modal Captcha(MMC) bot Automated Social Engineering(ASE) botnet