A multi-layered security model to counter social engineering attacks: a learning-based approach

Research output: Contribution to journalArticlepeer-review

Abstract

Social engineering is a malicious technique that leverages deception and manipulation to exploit the cognitive biases and heuristics of human behaviour, causing severe threats to businesses, as it can result in data breaches, reputational damage, as well as legal and regulatory consequences. This paper explores the historical development of social engineering techniques, from traditional methods like impersonation or persuasion to sophisticated tactics leveraging digital platforms and psychological profiling, especially the security model/framework to mitigate social engineering attacks. The model adopts a multi-layered approach, addressing technological vulnerabilities and human factors. It uses learning modules to serve as the central component of the model to ensure an interactive and engaging platform that suits the needs of any organisation. First, it expresses the need for robust cyber-security measures, effective network security, encryption protocols, and access controls. Secondly, the model emphasises employee education and awareness training, promoting a vigilant and security-conscious workforce. Thirdly, the proposed framework emphasises the integration of behavioural analytical data or even AI-driven/-based systems to detect and mitigate social engineering attempts in real-time.
Original languageEnglish
Pages (from-to)313–336
JournalInternational Cybersecurity Law Review
Volume5
DOIs
Publication statusPublished - 18 Apr 2024

Fingerprint

Dive into the research topics of 'A multi-layered security model to counter social engineering attacks: a learning-based approach'. Together they form a unique fingerprint.

Cite this