会议专题

Social engineering and Insider threats

  This paper describes our research on the insider threats of Social engineering.Social engineering is a method using interaction between humans to get the access of a system in an illegal way.Due to staffs lack of confidentiality,the confidentiality of records is compromised,data is stolen or financial damage is done.This is insider threat.Social engineering and insider threat are two of the most relevant subjects in cyber security today.This research summarizes and seeks solution for the drawback of Social engineering through analyzing the Insider Threat cases.The first stage is to introduce the importance of using social engineering to reduce internet crime by analyzing the past loss created by insider threats.The second test illustrates insider threats hazards to network security are ongoing.The third part covers the situation of insider threats with the emphasis on the security side.The topic of security aspect is extended to the rest of internal control of system,data exchange,and management of employees and their communication content.Actually,by the time of this abstract,insider threats are still not being taken as seriously as it should be.Many companies and organizations have given little thought to the insider threat but have concentrated on keeping attackers outside the network.This research will directly focus on the insider threats of organizations and the ways hackers use social engineering with the latest analysis of technology involved and examples that are close to common cybercrime.We aim to reveal the importance of reducing insider threats in organizations.The further research will be focused on a group consisted of managers and engineers within a company and the communication means of staff to the outside world.The analysis of the related crime cases will help prevent similar tragedy and seek possible approaches.

Social engineering Insider threat Cyber Crime Cyber security Organization Hackers

LiuXiangyu LiQiuyang Sonali Chandel

Computer Science,New York Institute of Technology,Nanjing,China

国际会议

第九届网络分布式计算与知识发现国际会议( 2017 International Conference on Cyber-enabled distributed computing and knowledge discovery)

南京

英文

25-34

2017-10-12(万方平台首次上网日期,不代表论文的发表时间)