MODEL OF VULNERABILITIES ANALYSIS OF SOCIO-TECHNICAL SYSTEMS TO THE SOCIAL ENGINEERING INFLUENCES
Open Access
- 1 January 2020
- journal article
- Published by Borys Grinchenko Kyiv University in Cybersecurity: Education, Science, Technique
- Vol. 4 (8), 165-173
- https://doi.org/10.28925/2663-4023.2020.8.165173
Abstract
Socio-technical systems as education with technical and social subsystems are considered. The directions for ensuring their safety have been established and among them the use of technical capabilities has been singled out, taking into account user behavior. Attention is paid to their vulnerabilities to the realisability of sociotechnical threats, in particular, the influence of social engineering. The orientation of such an influence on the manipulation of weaknesses, needs, mania (passions), user hobbies is shown. This leads to the insolvency of socio-technical systems to counteract the influence of social engineering. This can be prevented by analyzing the user's vulnerabilities regarding the forms of manipulation of their consciousness. The approaches to counteracting the use of social engineering are compared. For each of them, the application features, advantages, and disadvantages are analyzed. Given this, it is proposed to use fuzzy directed social graphs to set a model for analyzing the vulnerabilities of socio-technical systems. This was preceded by the definition of the concepts of the social network, actor, relationships. This view allows us to take into account the characteristics of the social engineering influence. In particular, the numbers of input and output arcs distinguish varieties of actors from the social engineer, user, manipulative form, vulnerability. While the importance of each of them is determined using the characteristics of centrality and prestige. At the same time, the levels of the actor, dyad, and the triad of vulnerabilities analysis of socio-technical systems to the effects of social engineering are highlighted. This will make it possible to determine the ways of such impacts taking into account the peculiarities of their realizability through user vulnerabilities and, as a result, to counteract them. In further research, it is planned to develop a method for analyzing the vulnerability of socio-technical systems to the impacts of social engineering based on the proposed model.Keywords
This publication has 11 references indexed in Scilit:
- Presentation the interaction of the subject and the object of socio-engineering influence with a social graphPublished by Kharkiv National University of Radioelectronics ,2020
- Methods of counteracting social engineeringCollection "Information technology and security", 2019
- The Security of Socio-Technical SystemsNBI Technologies, 2018
- The Social Engineering Optimizer (SEO)Engineering Applications of Artificial Intelligence, 2018
- Social engineering attack examples, templates and scenariosComputers & Security, 2016
- The method of socio-technical systems informational stability evaluation at the informational war conditionsEastern-European Journal of Enterprise Technologies, 2016
- Extended classification of methods of social engineeringUkrainian Scientific Journal of Information Security, 2014
- Information model of the user, who may be under the threat of socioengineering attackSPIIRAS Proceedings, 2014
- Social engineering as a method of information and telecommunication systems intelligenceUkrainian Information Security Research Journal, 2012
- Social Network AnalysisPublished by Cambridge University Press (CUP) ,1994