seminar session 2 - Report on Seminar of Social Engineering...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Report on Seminar of Social Engineering Written By: Zahra Sadat Shams Dolatabadi Matric Number : MC111132 Introduction The discussion on securing machines mostly deals with questions such as how to secure software, how to secure OS, how to secure applications and etc. (7 layers). But the focus of this report is on layer 8 which deals with the human being who uses the application and the factors that control human being, such as politics, money, policies and many other factors. This report focuses on social engineering and three missions regarding it. First mission provides a definition and introduction to social engineering and reverse social engineering. Second mission focus is on information gathering and how it should be done and the tools that can be used to gather information. Since social engineer plays with information to make an attack, amount and accuracy of gathered information has a direct effect on the success of social
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
engineer. Also this is important to keep in mind that Social engineering is not pure IT but it is a combination of social studies, psychological studies and IT. Third mission objective is to discuss how people do “next generation social engineering”. How to use technology to deceive people even without being in face to face position with people? And also discuss about some of the related technologies. Summary of the seminar First mission: introduction to social engineering Social engineering can be defined as the practice of obtaining confidential information by manipulating users. It also can be convincing the target to do something that he/she doesn’t normally do. 1. Concept of human engineering As humans are social creatures they have vulnerabilities and nature makes human vulnerable to each other. Some of these vulnerabilities are listed: Trust: when some people are in the circle of trust of a person, that person reveals much confidential information to them. Ignorance: sometimes people ignore the important security points. For example people write their passwords on sticky notes and stick it under their desks although they are told not to do so. Greed: Phishing can be successful because of the greed of human being. An example of it is the occasion when people receive emails about winning an amount of money if they do something, and greed makes them to behave as that email says. Desire to help: Mostly Asian people have a desire of helping people and not to say “NO”. That can put them in attack troubles. Desire to be liked (this is the area that IT people fall in to) fear and hate of confrontation History of social engineering goes way back before anyone could give a name to it. An example of using social engineering for defeating is the Trojan horse that shows the condition that humans let something inside and within themselves while they don’t even know its great danger. There are many notable social engineers such as Kevin D.Mitnick considered the father of SE.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 01/13/2012 for the course AIS MCS2070 taught by Professor Drmuslem during the Spring '11 term at Universiti Teknologi Malaysia.

Page1 / 8

seminar session 2 - Report on Seminar of Social Engineering...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online