Advertisement

Luring Conditions and Their Proof of Necessity through Mathematical Modelling

  • Anand Gupta
  • Prashant Khurana
  • Raveena Mathur
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7678)

Abstract

Luring is a social engineering technique used to capture individuals having malicious intent of breaching the information security defense of an organization. Certain conditions(Need, Environment, Masquerading Capability and Unawareness) are necessary for its effective implementation. To the best of our knowledge the necessity of these conditions is not yet proved so far. The proof is essential as it not only facilitates automation of the luring mechanism but also paves way for proof of the completeness of the conditions. The present paper attempts on this aspect by invoking three approaches namely probability, entropy and proof by contra positive. Also, the concept of cost effectiveness is introduced. Luring is acceptable if its cost works out less than cost of data theft.

Keywords

Social Engineering Luring Honeypot Contrapositive Entropy Bayesian Graphs Probability 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Check Point Software Technologies Survey on, The Risk of Social Engineering on Information Security: A survey of IT Professional Dimensional Research (September 2011), http://www.checkpoint.com/surveys/socialeng1509/socialeng.htm
  2. 2.
    Gupta, S.K., Gupta, A., Damor, R., Goyal, V.: Luring: A framework to induce a suspected user into Context Honeypot. In: Proceedings of the 2nd International Workshop on Digital Forensics and Incident Analysis (WDFIA 2007), Samos, Greece, August 27-28, pp. 55–64. IEEE Computer Society (2007)Google Scholar
  3. 3.
    Wikipedia; Information about Proof by Contrapositive, http://en.wikipedia.org/wiki/Proof_by_contrapositive
  4. 4.
    Flores, N.E.: Non-Paternalistic Altruism and Welfare Economics. Journal of Public Economics 83(2), 293–305 (2002)CrossRefGoogle Scholar
  5. 5.
    Nait Abdalla, M.A.: An Extended Framework for Default Reasoning. In: Csirik, J.A., Demetrovics, J. (eds.) FCT 1989. LNCS, vol. 380, pp. 339–348. Springer, Heidelberg (1989)CrossRefGoogle Scholar
  6. 6.
    Shannon, C.E.: Prediction and entropy of printed English. Bell Systems Technical Journal 30, 50–64 (1951)zbMATHGoogle Scholar
  7. 7.
    Maasoumi, E., Racine, J.: Entropy and predictability of stock market returns. Journal of Econometrics 107(1-2), 291–312 (2002)MathSciNetzbMATHCrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Anand Gupta
    • 1
  • Prashant Khurana
    • 1
  • Raveena Mathur
    • 1
  1. 1.Division of Information Technology Netaji Subhas Institute of TechnologyUniversity of DelhiNew DelhiIndia

Personalised recommendations