Abstract
This research paper is a brief study on social engineering that explores the internet awareness among males and females of different age groups. In our study, we have researched on how an individual shares his/her identity and sensitive information which directly or indirectly affects them on social networking sites. This information can be user’s personal identification traits, their photos, visited places, etc. The parameters chosen for influence of social engineering in social networking sites are passwords, share ability, and awareness. This research briefly explains how people between age group of 13–40 years share their information over the web and their awareness of netiquettes. This information is then conclusively used to calculate average amount of sensitive information which can be extracted through social engineering for different age groups of males and females.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
Irani, Danesh, Marco Balduzzi, Davide Balzarotti, Engin Kirda, and Calton Pu. “Reverse social engineering attacks in online social networks.” In Detection of intrusions and malware, and vulnerability assessment, pp. 55–74, Springer Berlin Heidelberg (2011).
Mitnick, Kevin D., and William L. Simon.: The art of deception: Controlling the human element of security. John Wiley & Sons (2011).
Huber, Markus, Stewart Kowalski, Marcus Nohlberg, and Simon Tjoa.: Towards automating social engineering using social networking sites. In: Computational Science and Engineering, vol. 3, pp. 117–124. IEEE (2009).
Algarni, Abdulmohsen, Yue Xu, and Thomas Chan.: Social Engineering in Social Networking Sites: The Art of Impersonation. In: Services Computing, pp. 797–804. IEEE. (2014).
Hadnagy, Christopher.: Social engineering: The art of human hacking. John Wiley & Sons (2010).
Thakral A., Rakesh N. and Gupta A.: Area Prone to Cyber Attacks., vol. 39, pp 40. CSI Communications (2015).
Sharma, S., & Sodhi., J. S.: Social Network Analysis & Information Disclosure: A Case Study. International Journal of Computer, Electrical, Automation, Control and Information Engineering vol: 9, pp. 567–575. WASET (2015).
Long, J. No tech hacking: A guide to social engineering, dumpster diving, and shoulder surfing. Syngress. (2011).
Graves, K. CEH: Official Certified Ethical Hacker Review Guide: Exam 312–50. John Wiley & Sons. (2007).
Uebelacker, S., & Quiel, S. The social engineering personality framework. In: Socio-Technical Aspects in Security and Trust (STAST), pp. 24–30. IEEE. (2014).
Greitzer, Frank L., Jeremy R. Strozer, Sholom Cohen, Andrew P. Moore, David Mundie, and Jennifer Cowley.: Analysis of Unintentional Insider Threats Deriving from Social Engineering Exploits. In: Security and Privacy Workshops (SPW), pp. 236–250. IEEE. (2014).
Stringhini, G., Kruegel, C., & Vigna, G.: Detecting spammers on social networks. In: 26th Annual Computer Security Applications Conference pp. 1–9. ACM. (2010).
Webb, S., Caverlee, J., & Pu, C.: Social Honeypots: Making Friends With A Spammer Near You. In: CEAS. (2008).
Kumar, N.: Password in practice: An usability survey. Journal of Global Research in Computer Science, vol. 2(5), pp.107–112. (2011).
Medlin, B. D., & Cazier, J. A.: An empirical investigation: Health care employee passwords and their crack times in relationship to hipaa security standards. International Journal of Healthcare Information Systems and Informatics (IJHISI), vol. 2(3), pp. 39–48. (2007).
Meadows, D. Thinking in Systems: A Primer, Chelsea Green Publishing, (2008).
Parrish Jr, J. L., Bailey, J. L., & Courtney, J. F. A Personality Based Model for Determining Susceptibility to Phishing Attacks. Little Rock: University of Arkansas. (2009).
Cappelli, D. M., Moore, A. P., & Trzeciak, R. F.: The CERT Guide to Insider Threats: How to Prevent, Detect, and Respond to Information Technology Crimes, Addison-Wesley. (2012).
Kuo, C., Romanosky, S., & Cranor, L. F.: Human selection of mnemonic phrase-based passwords. In: 2nd symposium on Usable privacy and security, pp. 67–78. ACM. (2006).
Sterman, J. D.: Business dynamics: systems thinking and modeling for a complex world, vol. 19. Boston: Irwin/McGraw-Hill. (2000).
Algarni, A., Xu, Y., Chan, T., & Tian, Y. C.: Toward understanding social engineering. In: 8th International Conference on Legal, Security and Privacy Issues in IT Law, (Critical Analysis and Legal Reasoning, pp. 279–300, The International Association of IT Lawyers (IAITL). (2013).
Medlin, B. D., Cazier, J. A., & Foulk, D. P.: Analyzing the vulnerability of US hospitals to social engineering attacks: how many of your employees would share their password? International Journal of Information Security and Privacy (IJISP), 2(3), pp. 71–83. (2008).
Sheng, S., Holbrook, M., Kumaraguru, P., Cranor, L. F., & Downs, J.: Who falls for phish?: a demographic analysis of phishing susceptibility and effectiveness of interventions. In: SIGCHI Conference on Human Factors in Computing Systems, pp. 373–382. ACM. (2010).
Workman, M. Wisecrackers.: A theory‐grounded investigation of phishing and pretext social engineering threats to information security. Journal of the American Society for Information Science and Technology, vol. 59(4), pp. 662–674. (2008).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2016 Springer Science+Business Media Singapore
About this paper
Cite this paper
Shilpi Sharma, Sodhi, J.S., Saksham Gulati (2016). Bang of Social Engineering in Social Networking Sites. In: Satapathy, S., Bhatt, Y., Joshi, A., Mishra, D. (eds) Proceedings of the International Congress on Information and Communication Technology. Advances in Intelligent Systems and Computing, vol 438. Springer, Singapore. https://doi.org/10.1007/978-981-10-0767-5_36
Download citation
DOI: https://doi.org/10.1007/978-981-10-0767-5_36
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-10-0766-8
Online ISBN: 978-981-10-0767-5
eBook Packages: EngineeringEngineering (R0)