Date of Award
5-2022
Document Type
Project
Degree Name
Master of Science in Information Systems and Technology
Department
College of Business and Public Administration
First Reader/Committee Chair
Canelon, Jesus.
Abstract
Organizations fall victim to costly attacks every year. This has created a need for more successful layers of defense. To aid in this need for additional defense, this study researches a way to bolster an underused defense style called deceptive defense. Researchers agree that deceptive defense could be the future of cybersecurity, and they call for more research in the deceptive category. The unresolved question from these researchers is what attack style could be used with a deception-based defense against an attacker. From this unresolved question, it was also determined that social engineering should be used in this culminating experience project as the attack style in question. This led to the question: “How can cyber defensive deception borrow concepts from social engineering to aid in bolstering a deception-based defense?” This project focused on researching concepts from both deceptive defense and social engineering, and to apply concepts from a popular attack style to a less popular defense style. This was done through a path of research into techniques, influence concepts, and two popular frameworks. It takes a 4-phased approach: researching deceptive defense techniques, researching social engineering concepts, researching two popular frameworks, and then applying one to the other. The findings are that: (1) there are similar concepts from both attack and defense styles; (2) there are techniques with similar applications but applied to the opposite parties (attackers or defenders); (3) and that it was possible to pull concepts from the social engineering framework to plan a deception-based defense. Further research would be desirable in an applied approach of how an attacker reacts to each persuasion principle. More research would also be recommended in the honeypot technique as an alerting and profiling technique.
Recommended Citation
Oedekerk, Jacob Glenn, "A STUDY OF SOCIAL ENGINEERING CONCEPTS WITHIN A DECEPTIVE DEFENSE" (2022). Electronic Theses, Projects, and Dissertations. 1483.
https://scholarworks.lib.csusb.edu/etd/1483
Included in
Management Information Systems Commons, Other Business Commons, Social Psychology Commons, Technology and Innovation Commons