An approach for classifying sociotechnical attacks
The primary research goal is to develop a method for constructing a classification model of modern approaches to implementing sociotechnical attacks, to systematize and integrate existing classifications of relevant approaches, with the possibility of expanding with new characteristic features. The...
Saved in:
| Main Authors: | , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
National Aerospace University «Kharkiv Aviation Institute»
2025-05-01
|
| Series: | Радіоелектронні і комп'ютерні системи |
| Subjects: | |
| Online Access: | http://nti.khai.edu/ojs/index.php/reks/article/view/2982 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | The primary research goal is to develop a method for constructing a classification model of modern approaches to implementing sociotechnical attacks, to systematize and integrate existing classifications of relevant approaches, with the possibility of expanding with new characteristic features. The development of information technology and data exchange creates new threats to cyber security, including cyber attacks and frauds. Social networks and artificial intelligence contribute to the improvement of sociotechnical methods. Analyzing the data of leading studies, certain methods are identified that social engineers use most often, but these publications do not form a set of signs that characterize the approaches to implementation of the corresponding attacks, which will make it possible to formalize the process of their classification from a systemic standpoint. The research is aimed at solving the following tasks: toconstruct a model for classifying sociotechnical attacks in which it is possible to develop a generalized hierarchical model; to form a generalized set of features, criteria, and sub-criteria, which allows us to select and develop appropriate means of countering sociotechnical attacks from a systemic perspective; and to carry out the modelling of a corresponding cyberattack for a systematic understanding of actions and countermeasures. Given this, the analysis and classification of modern approaches to the implementation of sociotechnical attacks is an important component of a cyber security strategy to ensure protection against ever-growing threats and is an urgent scientific task. Results and conclusions. Based on the multi-theoretical approach, a method is proposed, in which, due to the stages of determining the set: identifiers of signs, criteria, and sub-criteria, it is possible to develop a generalized hierarchical model for classifying socio-technical attacks according to the characteristic principle. Based on the proposed model and the analyzed literature, a generalized set of features, criteria, and sub-criteria has been formed, such as: time aspect, industry affiliation, interaction with security policy, remoteness, initialization, tools, manipulation, violation of characteristics, relational signs, severity level, type of attacked source, type of access, type of appeal, type of sociotechnical technique, and scale, which allows us to select and develop appropriate means of countering sociotechnical attacks from a systemic perspective. The example of conducting a sociotechnical attack is considered, in which, taking into account the MAISA classification model and such steps of their implementation as: target research, preparation of a sociotechnical attack, performing of the attack, exploitation of the information received, hiding traces, made it possible to approach the understanding of the actions of a sociotechnician when implementing a phishing attack from a systemic perspective for the further development of appropriate countermeasures. In addition, based on the obtained criteria, it is possible to develop a method for assessing personnel readiness to counter various classes of sociotechnical attacks. |
|---|---|
| ISSN: | 1814-4225 2663-2012 |