Use of Interpersonal Deception Theory in Counter Social Engineering

Social engineering attacks exploit human vulnerabilities rather than computer vulnerabilities. Ranging from straightforward spam emails to sophisticated context-aware social engineering, social engineering has demonstrated rich varieties. Surprisingly, even the simplest type of attacks are able to fool numerous innocent people. The more sophisticated ones are even more “successful” in achieving their malicious purposes. In order to mitigate and combat these attacks, we need better automated counter social engineering algorithms and tools. In this position paper, we propose a reinforcement learning framework that incorporates interpersonal deception theory to fight against social engineering attacks on social media sites.

[1]  S. L. Sporer,et al.  Are Computers Effective Lie Detectors? A Meta-Analysis of Linguistic Cues to Deception , 2015, Personality and social psychology review : an official journal of the Society for Personality and Social Psychology, Inc.

[2]  J. Burgoon,et al.  Interpersonal Deception Theory , 1996 .

[3]  Grace Hui Yang,et al.  Helping Users Understand Their Web Footprints , 2015, WWW.

[4]  Grace Hui Yang,et al.  Public information exposure detection: Helping users understand their web footprints , 2015, 2015 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM).

[5]  Dongsong Zhang,et al.  A Statistical Language Modeling Approach to Online Deception Detection , 2008, IEEE Transactions on Knowledge and Data Engineering.

[6]  RYAN HEARTFIELD,et al.  A Taxonomy of Attacks and a Survey of Defence Mechanisms for Semantic Social Engineering Attacks , 2015, ACM Comput. Surv..

[7]  Bikramjit Banerjee,et al.  Countering Deception in Multiagent Reinforcement Learning , 2003 .

[8]  Lina Zhou,et al.  Phishing environments, techniques, and countermeasures: A survey , 2017, Comput. Secur..

[9]  Antesar M. Shabut,et al.  A literature review on phishing crime, prevention review and investigation of gaps , 2016, 2016 10th International Conference on Software, Knowledge, Information Management & Applications (SKIMA).

[10]  Marti A. Hearst,et al.  Why phishing works , 2006, CHI.