A new threat to systems’ cybersecurity is a type of attack style known as social engineering. Social engineering involves the manipulation of human resources in order to gain an advantage over a target’s cyber security infrastructure. But “social engineering” has an inherently vague-sounding definition, and thus the aim of this paper is to add specificity and scope to this term. Specifically, researchers behind this paper wanted to know what specifically constitutes social engineering, to what extent we can categorize these qualifying factors, and if by using a graph to relate these different concepts, categories, and examples of social engineering, we can gain an enhanced ability to identify social engineering attacks and therefore be able to respond to them with more tailored defenses.
Author:
Zuoguang Wang, Hongsong Zhu, Peipei Liu & Limin Sun
