Luring Conditions and Their Proof of Necessity through Mathematical Modelling
Luring is a social engineering technique used to capture individuals having malicious intent of breaching the information security defense of an organization. Certain conditions(Need, Environment, Masquerading Capability and Unawareness) are necessary for its effective implementation. To the best of our knowledge the necessity of these conditions is not yet proved so far. The proof is essential as it not only facilitates automation of the luring mechanism but also paves way for proof of the completeness of the conditions. The present paper attempts on this aspect by invoking three approaches namely probability, entropy and proof by contra positive. Also, the concept of cost effectiveness is introduced. Luring is acceptable if its cost works out less than cost of data theft.
KeywordsSocial Engineering Luring Honeypot Contrapositive Entropy Bayesian Graphs Probability
Unable to display preview. Download preview PDF.
- 1.Check Point Software Technologies Survey on, The Risk of Social Engineering on Information Security: A survey of IT Professional Dimensional Research (September 2011), http://www.checkpoint.com/surveys/socialeng1509/socialeng.htm
- 2.Gupta, S.K., Gupta, A., Damor, R., Goyal, V.: Luring: A framework to induce a suspected user into Context Honeypot. In: Proceedings of the 2nd International Workshop on Digital Forensics and Incident Analysis (WDFIA 2007), Samos, Greece, August 27-28, pp. 55–64. IEEE Computer Society (2007)Google Scholar
- 3.Wikipedia; Information about Proof by Contrapositive, http://en.wikipedia.org/wiki/Proof_by_contrapositive