CFP last date
20 January 2025
Reseach Article

Study of Automated Social Engineering, its Vulnerabilities, Threats and Suggested Countermeasures

by Priya Kaul, Deepak Sharma
International Journal of Computer Applications
Foundation of Computer Science (FCS), NY, USA
Volume 67 - Number 7
Year of Publication: 2013
Authors: Priya Kaul, Deepak Sharma
10.5120/11406-6726

Priya Kaul, Deepak Sharma . Study of Automated Social Engineering, its Vulnerabilities, Threats and Suggested Countermeasures. International Journal of Computer Applications. 67, 7 ( April 2013), 13-16. DOI=10.5120/11406-6726

@article{ 10.5120/11406-6726,
author = { Priya Kaul, Deepak Sharma },
title = { Study of Automated Social Engineering, its Vulnerabilities, Threats and Suggested Countermeasures },
journal = { International Journal of Computer Applications },
issue_date = { April 2013 },
volume = { 67 },
number = { 7 },
month = { April },
year = { 2013 },
issn = { 0975-8887 },
pages = { 13-16 },
numpages = {9},
url = { https://ijcaonline.org/archives/volume67/number7/11406-6726/ },
doi = { 10.5120/11406-6726 },
publisher = {Foundation of Computer Science (FCS), NY, USA},
address = {New York, USA}
}
%0 Journal Article
%1 2024-02-06T21:24:02.852328+05:30
%A Priya Kaul
%A Deepak Sharma
%T Study of Automated Social Engineering, its Vulnerabilities, Threats and Suggested Countermeasures
%J International Journal of Computer Applications
%@ 0975-8887
%V 67
%N 7
%P 13-16
%D 2013
%I Foundation of Computer Science (FCS), NY, USA
Abstract

Automated Social Engineering (ASE) is how social networking sites (SNSs) are exploited for Social Engineering by automated bots. Classical social engineering is an attack on the security of systems, based on exploiting human factors. ASE is an automated form of traditional social engineering which makes use of bots to attack SNS. One such bot is KOOBFACE [1] that infected Facebook for a long time until it was detected in mid of 2011 by Sophos lab. ASE bots can be developed easily using open source web automation and web scrapping tools. These tools combined with appropriate chat logic with enhanced intelligence pose a great threat to the security of SNSs. Countermeasures like Captchas have proved ineffective in preventing bots from infiltrating SNS's. New techniques like Multi Modal Captchas (MMC), and Fast Flux Network (FFN) detection are the future of the ASE prevention. In this paper we present a survey of vulnerabilities, threats and propose some countermeasures for Automated Social Engineering.

References
  1. Jonell Baltazar, Joey Costoya, and Ryan Flores, "The real face of KOOBFACE: The largest Web 2. 0 botnet explained", Trend Micro Threat Research, unpublished.
  2. M. Huber, S. Kowalski, M. Nohlberg, and S. Tjoa, "Towards automating social engineering using social networking sites", In CSE (3), p. 117–124. IEEE Comp. Soc. , 2009.
  3. M. Nohlberg and S. Kowalski, "The Cycle of Deception- A Model of Social Engineering Attacks, Defences and Victims," in Proceedings of the Second International Symposium on Human Aspects of Information Security & Assurance (HAISA 2008), Jul. 2008.
  4. M. Huber, "Towards automating social engineering using social networking sites" theses work 2009.
  5. Tobias Lauinger, Veikko Pankakoski, Davide Balzarotti, Engin Kirda, "Honeybot, Your Man in the Middle for Automated Social Engineering", IEEE, 2008.
  6. Amit Kumar Tyagi, G. Aghila, "Detection of fast flux network based social bot using analysis based techniques", IEEE, 2012.
  7. Abdulaziz S Almazyad, Yasir Ahmad, Shouket Ahmad Kouchay, "Multi-Modal CAPTCHA: A User Verification Scheme", IEEE, 2011.
  8. The Koobface malware gang - exposed! , An investigation by Jan Drömer, independent researcher, and Dirk Kollberg, SophosLabs, http://nakedsecurity. sophos. com/koobface/.
  9. Hongyu Gao, Jun Hu, Christo Wilson, Zhichun Li, Yan Chen, Ben Y. Zhao, "Detecting and Characterizing Social Spam Campaigns", IMC'10, November 1–3, 2010, Melbourne, Australia. Copyright 2010 ACM 978-1-4503-0057-5/10/11.
  10. Catherine Dwyer, Starr Roxanne Hiltz, "Proceedings of the Thirteenth Americas Conference on Information Systems, Keystone, Colorado August 09 - 12 2007".
Index Terms

Computer Science
Information Sciences

Keywords

Social Networking Sites(SNSs) Fast-Flux Networks(FFNs) Multi-Modal Captcha(MMC) bot Automated Social Engineering(ASE) botnet