An Overview of Social Engineering
Social engineering preys on the fact that humans are the weakest link in information security. This article explains the social engineering model, outlines the two categories of social engineering attacks, and discusses techniques for preventing and mitigating social engineering.
6. Comparison
Social engineering attacks target individuals and even the most complex and secure organizations. Countermeasures and defense strategies aim at protecting them against the social engineering attacks. These techniques can be considered as the minimum an organization or a company should have to defend themselves from the most common social engineering attacks. A company can have one or more mechanisms installed in the company’s system. Table 1 compares the human-based and computer-based techniques while Table 2 compares the computer-based countermeasures and mitigation techniques.
Table 1. Human-based versus computer-based countermeasures comparison.
| Techniques | Description | Advantages | Limitations |
|---|---|---|---|
| Human Based | Education Training Awareness |
- Easy to train humans what to do - Low number of victims |
- Humans can be influenced emotionally - Tendency to o trust - Greed - Relative human decisions |
| Computer Based | Software, systems, and tools | - Efficient - Accurate |
- Expensive products - Limited by the human unawareness - Very specific |
Table 2. Computer-based countermeasures and mitigation techniques comparison.
| Techniques | Description | Advantages | Limitations |
|---|---|---|---|
| Filtering tools | Anti-phishing tools (McAfee filter, Microsoft filter, and Web sense) | - Can block phishing emails and websites | - Not efficient - Attackers can send internally emails - Limited by human unawareness - Expensive tools |
| Alerting and scanning software | Anti-virus, anti-spams, anti-scams | - Efficient in alerting - Efficient in scanning - Strong products with security measures |
- Expensive products - Alerts ignored by Humans |
| Biometric solutions | Based on biological traits | - Distinguish real profiles from fake profiles through their biological traits - Efficient |
- Can be mimicked |
| Artificial intelligence-based | Based on adaptive learning systems | - Efficient - Adaptive |
- Complex |
| Machine learning-based | Learning-based | - Achieve very good results - Effective -Online learning |
- Complex |
| Anti-social engineering framework | Social Engineering Centered Risk Assessment (SERA) | - Efficient - High probability of attacks’ detection |
- Very expensive |
| Threshold-based | Use threshold to detect attacks | - Easy | - Not efficient - Limited by the threshold value |
| Phone-based | Use phones | - Easy | - Phone companies are still not able to stop Robocalls |
| Flow whitelisting | Identifying legitimate traffic from malicious traffic coming to the company’s network | - Efficient - Learning-based - Able to distinguish between legitimate traffic from malicious traffic |
- Limited by the human awareness - Ignoring alarms |
| IDS-based | Intrusion detection system | - Able to detect suspicious activities | High false alarm rates |
Through analyzing and comparing these techniques, one can conclude that artificial intelligence-based defense mechanisms are the most effective techniques to reduce the risk of social engineering attacks. In addition, combining two or more defense
techniques can ensure better protection. In addition, the level of preparation determines the ability to prevent, detect, mitigate, and contain any suspicious activity.