Open Access
Subscription Access
Open Access
Subscription Access
A Study of Social Engineering Based Attacks in Kathmandu University to Propose a Conceptual Framework
Subscribe/Renew Journal
Social engineering is a major issue affecting organizational security throughout the world. Educating the employees of every organization about social engineering attacks and the negative effects it brings to their organization is a very important step to be taken by every organization but is overlooked most of the times. The objective of this research is to evaluate the current awareness level of staffs of Kathmandu University towards very common social engineering attacks and propose a conceptual framework for prevention of these attacks. A questionnaire was created and a survey was conducted accordingly within teaching and non-teaching staffs of Kathmandu University. Based on the 51 responses achieved, the paper proposes a conceptual framework for the university to adapt to their information system for a more secure environment.
Keywords
Awareness, Passwords, Phishing, Social Engineering, Vishing, Vulnerability.
User
Subscription
Login to verify subscription
Font Size
Information
- D. Allan, “We all have too many online accounts - and can’t remember the passwords,” July 23, 2015. Available http://www.itproportal.com/2015/07/23/we-all-have-too-many-online-accounts-%20and-cant-remember-the-passwords./
- F. Amigorena, “Password sharing: How to stamp out a dangerous habit,” June 30, 2014. Available http://www.techradar.com/news/world-of-tech/management/password-sharing-how-to-stamp-out-a-dangerous-habit-1255348
- A. Chitrey, D. Singh, and V. Singh, “A comprehensive study of social engineering based attacks in India to develop a conceptual model,” International Journal of Information & Network Security, pp. 45-53, 2012. Available https://core.ac.uk/download/pdf/9428698.pdf
- O. Fink, “Vulnerability identification,” September 21, 2008. Available Hacking the Universe: http://www.hackingtheuniverse.com/infosec/nist-computer-security/risk-%20assessment/vulnerability-identification
- R. Gulati, “The threat of social engineering and your defense against it,” 2003. Available https://www.sans.org/reading-room/whitepapers/engineering/threat-social-engineering-defense-1232
- “How Password Sharing Destroys Companies,” July 21, 2013. Available Perfect Cloud: https://blog.perfect-cloud.io/how-password-sharing-destroys-companies/
- M. Huber, S. Kowalski, M. Nohlberg, and S. Tjoa, “Towards automating social engineering using social networking sites,” Computational Science and Engineering, pp. 117-124. 2009. Available //www.sba-research.org/wp-content/uploads/publications/2009%20-%20Huber%20-%20Towards%20Automating%20Social%20Engineering%20Using%20Social%20Networking%20Sites.pdf
- “Internet security threat report,” 2016. Available https://www.symantec.com/content/dam/symantec/docs/reports/istr-21-2016-en.pdf
- A. Kumar, and N. Kumar, “Social engineering: attack, prevention and framework,” 2016. International Journal for Research in Applied Science & Engineering Technology. Available http://www.ijraset.com/fileserve.php?FID=4026
- J. Long, “No tech hacking: A guide to social engineering, dumpster diving and shoulder surfing,” Burlington: Syngress Publishing, 2008.
- C. Peterson, “23 Social engineering attacks you need to shut down,” March 16, 2016. Available SmartFile: https://www.smartfile.com/blog/social-engineering-attacks/
- Social engineering leads the top 10 list of most popular hacking methods-Balabit survey results from black hat USA and EU shows”. Available Balabit: https://www.balabit.com/news/press/social-engineering-leads-the-top-10-list-of-most-popular-hacking-methods-balabit-survey-results-from-black-hat-usa
- S. Stahl, and K. A. Pease, “Seven Requirements for successfully implementing information security policies and standards: A guide for executives. Los Angeles: Citadel Information Group,” 2011. Available https://citadel-information.com/wp-content/uploads/2010/12/seven-requirements-for-successfully-implementing-information-security-policies-1108.pdf
- Why You Should Use Different Passwords. Available Privacy and Information Security https://security.illinois.edu/content/why-you-should-use-different-passwords
Abstract Views: 516
PDF Views: 0