Recently, targeted attacks are drastically increasing in both indivduals and companies. For technical countermeasure against such a targeted attack, various methods such as email/web contents analysis etc., are developed and realized. However, as it is often said, attackers precisely exploit the most vulnerable part in order to achieve their goals.Therefore, spear phishing against human user is employed for such attacks in a large propotion. Moreover, in order to increase success probability of such attacks, attackers often adopt social engineering technique.In this paper, we present a current effort of our research group on combating targeted attacks employing spear phishing with using social engineering, through user education.Specifically, at first we present relationship between human psychological characteristics and vulnerability against social engineering. The result can be used for testing whether a user has vulnerability on some social engineering technique, and the testing result can be utilized for countermeasure or user’s training.Secondly, we present development of a web-based self learning material for countermeasure against social engineering which employs interactive motion picture contents.
[1]
E. Stotland,et al.
An experimental investigation of need for cognition.
,
1955,
Journal of abnormal psychology.
[2]
Andrea Gregg,et al.
Learning From Doing: Lessons Learned From Designing and Developing an Educational Software Within a Heterogeneous Group
,
2021,
Int. J. Web Based Learn. Teach. Technol..
[3]
Steven L. Neuberg,et al.
Personal Need for Structure: Individual Differences in the Desire for Simple Structure
,
1993
.
[4]
P. Williams,et al.
Learning by Doing
,
2004
.
[5]
Christopher Hadnagy,et al.
Social Engineering: The Art of Human Hacking
,
2010
.