Title: Conceptualising social engineering attacks through system archetypes

Authors: Jose M. Sarriegi, Jose J. Gonzalez

Addresses: Tecnun (University of Navarra), Manuel de Lardizabal 13, San Sebastian 20018, Spain. ' Security and Quality and Organizations, University of Agder, Serviceboks 509, Grimstad 4884, Norway; Gjovik University College, NISlab, Gjovik 2802, Norway

Abstract: At the highest abstraction level, an attempt by a social engineer to exploit a victim organisation either attempts to achieve some specific target (denial of service, steal an asset, tap some particular information) or it wishes to maximise an outcome, such as to disable the organisation by a terrorist attack or establish a permanent parasitic relationship (long-term espionage). Seen as dynamic processes, the first kind of exploit is a controlling (|balancing|) feedback loop, while the second kind is a reinforcing feedback loop. Each type of exploit meets a first line of defence in control processes or in escalating (|reinforcing|) processes of resistance. The possible combinations of the two modes of attack and the two modes of defence yield four archetypes of exploit and natural defence. Predictably, the social engineer would seek to outsmart the first line of defence; it is shown that each archetype implies a particular strategy to do so. Anticipation of these modes of attack must be the starting point for an effective multilayered defence against social engineering attacks.

Keywords: social engineering; critical infrastructures; pattern recognition; system archetypes; system dynamics; information security; attacks; multilayered defence; critical information infrastructures.

DOI: 10.1504/IJSSE.2008.018134

International Journal of System of Systems Engineering, 2008 Vol.1 No.1/2, pp.111 - 127

Published online: 02 May 2008 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article