Counterintelligence in Social Engineering: Enhancing Cyber Defense in Society
Abstract
Social engineering represents a significant challenge for advancing information security, especially when considering the human factor in information systems. The literature describes a framework for how social engineering works that addresses mechanisms of action and human emotions. On the other hand, this work proposes a counterintelligence framework with the objective of neutralizing attacks or mitigating damage caused by social engineering. The research in question is ongoing and requires more robust validations to comprehensively provide the validated and properly tested framework, following established ethical and legal parameters.References
Davis, N. and Grant, E. S. (2023). Simulated phishing training exercises versus gamified phishing education games. pages 1–8. Institute of Electrical and Electronics Engineers (IEEE).
Eftimie, S., Moinescu, R., and Racuciu, C. (2022). Spear-phishing susceptibility stemming from personality traits. IEEE Access, 10:73548–73561.
Gong, X. (2023). Asymmetric information dissemination in double-layer networks helps explain the emergence of cooperation. IEEE Access, 11:13202–13210.
Grbic, D. V. and Dujlovic, I. (2023). Social engineering with chatgpt. pages 1–5. IEEE.
Hossain, M. J., Rifat, R. H., Mugdho, M. H., Jahan, M., Rasel, A. A., and Rahman, M. A. (2022). Cyber threats and scams in fintech organizations: A brief overview of financial fraud cases, future challenges, and recommended solutions in bangladesh. pages 190–195. Institute of Electrical and Electronics Engineers Inc.
Hughes-Wilson, J. (2016). The secret state: A history of intelligence and espionage. Pegasus Books, Ltd.
Leitao, C. F. (2021). Jornadas de Atualização em Informática 2021, Cap. 7. A entrevista como instrumento de pesquisa científica: planejamento, execução e análise. Sociedade Brasileira de Computação SBC, Florianópolis/SC.
Leitao, C. F. and Prates, R. O. (2017). Jornadas de Atualização em Informática 2017, Cap. 2. A Aplicação de Métodos Qualitativos em Computação. Sociedade Brasileira de Computação SBC, Porto Alegre/RS.
Sanchez-Paniagua, M. and Fernandez, E. F. (2022). Phishing url detection: A real-case scenario through login urls. IEEE Access, 10:42949–42960.
Shpiro, S. (2023). Blinding the bear: Israeli double agents and russian intelligence. International journal of intelligence and counterintelligence, 36(1):1–19.
Tuinier, P., Zaalberg, T. B., and Rietjens, S. (2023). The social ties that bind: Unraveling the role of trust in international intelligence cooperation. International journal of intelligence and counterintelligence, 36(2):386–422.
Uplenchwar, S., Sawant, V., Surve, P., Deshpande, S., and Kelkar, S. (2022). Phishing attack detection on text messages using machine learning techniques. Institute of Electrical and Electronics Engineers Inc.
Wang, Z., Zhu, H., and Sun, L. (2021). Social engineering in cybersecurity: Effect mechanisms, human vulnerabilities and attack methods. IEEE Access, 9:11895–11910.
Eftimie, S., Moinescu, R., and Racuciu, C. (2022). Spear-phishing susceptibility stemming from personality traits. IEEE Access, 10:73548–73561.
Gong, X. (2023). Asymmetric information dissemination in double-layer networks helps explain the emergence of cooperation. IEEE Access, 11:13202–13210.
Grbic, D. V. and Dujlovic, I. (2023). Social engineering with chatgpt. pages 1–5. IEEE.
Hossain, M. J., Rifat, R. H., Mugdho, M. H., Jahan, M., Rasel, A. A., and Rahman, M. A. (2022). Cyber threats and scams in fintech organizations: A brief overview of financial fraud cases, future challenges, and recommended solutions in bangladesh. pages 190–195. Institute of Electrical and Electronics Engineers Inc.
Hughes-Wilson, J. (2016). The secret state: A history of intelligence and espionage. Pegasus Books, Ltd.
Leitao, C. F. (2021). Jornadas de Atualização em Informática 2021, Cap. 7. A entrevista como instrumento de pesquisa científica: planejamento, execução e análise. Sociedade Brasileira de Computação SBC, Florianópolis/SC.
Leitao, C. F. and Prates, R. O. (2017). Jornadas de Atualização em Informática 2017, Cap. 2. A Aplicação de Métodos Qualitativos em Computação. Sociedade Brasileira de Computação SBC, Porto Alegre/RS.
Sanchez-Paniagua, M. and Fernandez, E. F. (2022). Phishing url detection: A real-case scenario through login urls. IEEE Access, 10:42949–42960.
Shpiro, S. (2023). Blinding the bear: Israeli double agents and russian intelligence. International journal of intelligence and counterintelligence, 36(1):1–19.
Tuinier, P., Zaalberg, T. B., and Rietjens, S. (2023). The social ties that bind: Unraveling the role of trust in international intelligence cooperation. International journal of intelligence and counterintelligence, 36(2):386–422.
Uplenchwar, S., Sawant, V., Surve, P., Deshpande, S., and Kelkar, S. (2022). Phishing attack detection on text messages using machine learning techniques. Institute of Electrical and Electronics Engineers Inc.
Wang, Z., Zhu, H., and Sun, L. (2021). Social engineering in cybersecurity: Effect mechanisms, human vulnerabilities and attack methods. IEEE Access, 9:11895–11910.
Published
2024-07-21
How to Cite
GOMES, Demis D.; MOTTA, Gustavo H..
Counterintelligence in Social Engineering: Enhancing Cyber Defense in Society. In: WORKSHOP ON THE IMPLICATIONS OF COMPUTING IN SOCIETY (WICS), 5. , 2024, Brasília/DF.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2024
.
p. 125-131.
ISSN 2763-8707.
DOI: https://doi.org/10.5753/wics.2024.2685.
