Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Social Engineering and Influence: A Study that Examines Kevin Mitnick’s Attacks through Robert Cialdini’s Influence Principles
2013 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

As technology matures, new threats rise and take the place of the “traditional” issues (insecure infrastructure, insecurely developed software, etc.), threats that revolve around exploiting human vulnerabilities instead of technical vulnerabilities. One of the most famous threats that have risen in the area of Information Security is Social Engineering.The goal of this study is to take an interpretive approach on Social Engineering, by using Cialdini’s principles of influence. In order to be able to interpret the attacks, the study examines documented attacks (by Kevin Mitnick), abstracts them, categorizes them into four main categories (Gain Physical Access, Install Malware, Information Extraction, Perform an Action), models them by graphically depicting the execution path of the attack and finally interprets how the victims were influenced (or manipulated) to assist the attacker(s).This study is executed using the Literature Review methodology, following the eight steps proposed by Okoli. During the execution of the study the author examines the principles of Influence, Social Engineering models and additional psychological principles used in Social Engineering. The author, based on the findings in the literature, creates Social Engineering attack models and interprets the findings.The importance of the study is that it explains how the well-known principles of Influence are used in Social Engineering attacks. The psychological findings and the models created lead the author to believe that there is a possibility for them to be used as a framework for solving Social Engineering attacks

Place, publisher, year, edition, pages
2013. , 159 p.
Keyword [en]
Social Behaviour Law, Social Engineering, Influence, Persuasion
Keyword [sv]
Samhälls-, beteendevetenskap, juridik
Identifiers
URN: urn:nbn:se:ltu:diva-42878Local ID: 0d61b8aa-30ad-4cb0-9039-e04832f250a7OAI: oai:DiVA.org:ltu-42878DiVA: diva2:1016104
External cooperation
Subject / course
Student thesis, at least 30 credits
Educational program
Information Security, master's level
Supervisors
Note
Validerat; 20130812 (global_studentproject_submitter)Available from: 2016-10-04 Created: 2016-10-04Bibliographically approved

Open Access in DiVA

fulltext(2679 kB)855 downloads
File information
File name FULLTEXT02.pdfFile size 2679 kBChecksum SHA-512
1a9579c1771f132e87d04813eae16bcd783560d27f65d83e4c9ccced87682165622d41889ae34e5aaa8e808125b14d9f333af51856e5a676d0291b697534dbec
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Stergiou, Dimitrios

Search outside of DiVA

GoogleGoogle Scholar
Total: 855 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 10465 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf