Abstract
Social networking sites often witness various types of social engineering (SE) attacks. Yet, limited research has addressed the most severe types of social engineering in social networks (SNs). The present study investigates the extent to which people respond differently to different types of attack in a social network context and how we can segment users based on their vulnerability. In turn, this leads to the prospect of a personalised security advisory system. 316 participants have completed an online-questionnaire that includes a scenario-based experiment. The study result reveals that people respond to cyber-attacks differently based on their demographics. Furthermore, people’s competence, social network experience, and their limited connections with strangers in social networks can decrease their likelihood of falling victim to some types of attacks more than others.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Gupta, B.B., Arachchilage, N.A.G., Psannis, K.E.: Defending against phishing attacks: taxonomy of methods, current issues and future directions. Telecommun. Syst. 67(2), 247–267 (2018)
Albladi, S.M., Weir, G.R.S.: User characteristics that influence judgment of social engineering attacks in social networks. Hum. Centric Comput. Inf. Sci. 8(1), 5 (2018)
Williams, E.J., Beardmore, A., Joinson, A.N.: Individual differences in susceptibility to online influence: a theoretical review. Comput. Hum. Behav. 72, 412–421 (2017)
Andaleeb, S.S.: Market segmentation, targeting and positioning. In: Strategic Marketing Management in Asia, pp. 179–207. Emerald Group Publishing Limited (2016)
Krombholz, K., Hobel, H., Huber, M., Weippl, E.: Advanced social engineering attacks. J. Inf. Secur. Appl. 22, 113–122 (2015)
Bullee, J.-W., Montoya, L., Junger, M., Hartel, P.: Spear phishing in organisations explained. Inf. Comput. Secur. 25(5), 593–613 (2017)
Rathore, S., Sharma, P.K., Park, J.H.: XSSClassifier: an efficient XSS attack detection approach based on machine learning classifier on SNSs. J. Inf. Process. Syst. 13(4), 1014–1028 (2017)
Vishwanath, A.: Habitual Facebook use and its impact on getting deceived on social media. J. Comput. Commun. 20(1), 83–98 (2015)
Saridakis, G., Benson, V., Ezingeard, J.N., Tennakoon, H.: Individual information security, user behaviour and cyber victimisation: an empirical study of social networking users. Technol. Forecast. Soc. Change 102, 320–330 (2016)
Buglass, S.L., Binder, J.F., Betts, L.R., Underwood, J.D.M.: When ‘friends’ collide: social heterogeneity and user vulnerability on social network sites. Comput. Hum. Behav. 54, 62–72 (2016)
Alseadoon, I., Othman, M.F.I., Chan, T.: What is the influence of users’ characteristics on their ability to detect phishing emails? In: Sulaiman, H.A., Othman, M.A., Othman, M.F.I., Rahim, Y.A., Pee, N.C. (eds.) Advanced Computer and Communication Engineering Technology. LNEE, vol. 315, pp. 949–962. Springer, Cham (2015). https://doi.org/10.1007/978-3-319-07674-4_89
Vishwanath, A., Harrison, B., Ng, Y.J.: Suspicion, cognition, and automaticity model of phishing susceptibility. Commun. Res. (2016)
Iuga, C., Nurse, J.R.C., Erola, A.: Baiting the hook: factors impacting susceptibility to phishing attacks. Hum. Centric Comput. Inf. Sci. 6(1), 8 (2016)
Sheng, S., Holbrook, M., Kumaraguru, P., Cranor, L.F., Downs, J.: Who falls for phish? A demographic analysis of phishing susceptibility and effectiveness of interventions. In: Proceedings of the 28th International Conference on Human Factors in Computing Systems, CHI 2010, pp. 373–382 (2010)
Algarni, A., Xu, Y., Chan, T.: An empirical study on the susceptibility to social engineering in social networking sites: the case of Facebook. Eur. J. Inf. Syst. 26(6), 661–687 (2017)
Albladi, S., Weir, G.R.S.: Vulnerability to social engineering in social networks: a proposed user-centric framework. In: IEEE International Conference on Cybercrime and Computer Forensic (ICCCF), pp. 1–6 (2016)
Albladi, S.M., Weir, G.R.S.: Competence measure in social networks. In: IEEE International Carnahan Conference on Security Technology (ICCST), pp. 1–6 (2017)
Gao, H., Hu, J., Huang, T., Wang, J., Chen, Y.: Security issues in online social networks. IEEE Internet Comput. 15(4), 56–63 (2011)
Kumaraguru, P., Cranshaw, J., Acquisti, A., Cranor, L., Hong, J., Blair, M.A., Pham, T.: School of phish: a real-world evaluation of anti-phishing training. In: Proceedings of the 5th Symposium on Usable Privacy and Security, SOUPS 2009, p. 1 (2009)
Flores, W., Holm, H., Svensson, G., Ericsson, G.: Using phishing experiments and scenario-based surveys to understand security behaviours in practice. Inf. Manag. Comput. Secur. 22(4), 393–406 (2014)
Mohebzada, J., El Zarka, A., Bhojani, A., Darwish, A.: Phishing in a university community: two large scale phishing experiments. In: International Conference on Innovations in Information Technology (IIT), pp. 249–254 (2012)
Benson, V., Saridakis, G., Tennakoon, H.: Purpose of social networking use and victimisation: are there any differences between university students and those not in HE? Comput. Hum. Behav. 51, 867–872 (2015)
Goel, S., Williams, K., Dincelli, E.: Got phished: internet security and human vulnerability. J. Assoc. Inf. Syst. 18(1), 22–44 (2017)
Jordan, M.I., Mitchell, T.M.: Machine learning: trends, perspectives, and prospects. Science 349(6245), 255–260 (2015)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2018 Springer Nature Switzerland AG
About this paper
Cite this paper
Albladi, S.M., Weir, G.R.S. (2018). A Semi-automated Security Advisory System to Resist Cyber-Attack in Social Networks. In: Nguyen, N., Pimenidis, E., Khan, Z., Trawiński, B. (eds) Computational Collective Intelligence. ICCCI 2018. Lecture Notes in Computer Science(), vol 11055. Springer, Cham. https://doi.org/10.1007/978-3-319-98443-8_14
Download citation
DOI: https://doi.org/10.1007/978-3-319-98443-8_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-98442-1
Online ISBN: 978-3-319-98443-8
eBook Packages: Computer ScienceComputer Science (R0)