Attacks on systems and organisations increasingly exploit human actors, for example through social engineering. This non-technical aspect of attacks complicates their formal treatment and automatic identification. Formalisation of human behaviour is difficult at best, and attacks on socio-technical systems are still mostly identified through brainstorming of experts. In this work we discuss several approaches to formalising socio-technical systems and their analysis. Starting from a flow logic-based analysis of the insider threat, we discuss how to include the socio aspects explicitly, and show a formalisation that proves properties of this formalisation. On the formal side, our work closes the gap between formal and informal approaches to ...
Attacks on systems and organisations increasingly exploit human actors, for example through social e...
The aim of this study was to explore the extent to which persuasion principles are used in successfu...
Part 3: Peace, War, Cyber-Security and ICTInternational audienceThe human is often the weak link in ...
Attacks on systems and organisations increasingly exploit human actors, for example through social e...
Attacks on a system often exploit vulnerabilities that arise from human behaviour or other human act...
Identification of threats to organisations and risk assessment often take into consideration the pur...
Modern organisations are complex, socio-technical systems consisting of a mixture of physical infras...
The purpose of this paper is to establish a terminological framework in order to explain social engi...
Attacks on systems and organisations increasingly exploit human actors, for example through social e...
Part 7: Social Networks and Social EngineeringInternational audienceA security ceremony expands a se...
This paper examines the social in information security. We argue that there is always a social aspec...
Social engineering attacks have drawn more and more attention from both academia and industry, due t...
Social engineering is used as an umbrella term for a broad spectrum of computer exploitations that e...
In this paper, we approach the problem of modeling the human component in technical systems with a v...
In this paper, we combine formal modeling and analysis of infrastructures of organizations with soci...
Attacks on systems and organisations increasingly exploit human actors, for example through social e...
The aim of this study was to explore the extent to which persuasion principles are used in successfu...
Part 3: Peace, War, Cyber-Security and ICTInternational audienceThe human is often the weak link in ...
Attacks on systems and organisations increasingly exploit human actors, for example through social e...
Attacks on a system often exploit vulnerabilities that arise from human behaviour or other human act...
Identification of threats to organisations and risk assessment often take into consideration the pur...
Modern organisations are complex, socio-technical systems consisting of a mixture of physical infras...
The purpose of this paper is to establish a terminological framework in order to explain social engi...
Attacks on systems and organisations increasingly exploit human actors, for example through social e...
Part 7: Social Networks and Social EngineeringInternational audienceA security ceremony expands a se...
This paper examines the social in information security. We argue that there is always a social aspec...
Social engineering attacks have drawn more and more attention from both academia and industry, due t...
Social engineering is used as an umbrella term for a broad spectrum of computer exploitations that e...
In this paper, we approach the problem of modeling the human component in technical systems with a v...
In this paper, we combine formal modeling and analysis of infrastructures of organizations with soci...
Attacks on systems and organisations increasingly exploit human actors, for example through social e...
The aim of this study was to explore the extent to which persuasion principles are used in successfu...
Part 3: Peace, War, Cyber-Security and ICTInternational audienceThe human is often the weak link in ...