Aligning social concerns with information system security: A fundamental ontology for social engineering

作者:

Highlights:

• A review of existing social engineering ontologies.

• A proposal of a unified set of concepts of social engineering.

• A proposal of ontological definitions of social engineering based on Situation Calculus.

• A presentation of fine-grained classification of social engineering techniques, incorporating psychology and sociology knowledge into social engineering analysis.

• A formalization of social engineering ontology using Description Logic.

摘要

•A review of existing social engineering ontologies.•A proposal of a unified set of concepts of social engineering.•A proposal of ontological definitions of social engineering based on Situation Calculus.•A presentation of fine-grained classification of social engineering techniques, incorporating psychology and sociology knowledge into social engineering analysis.•A formalization of social engineering ontology using Description Logic.

论文关键词:Social engineering,Ontology,Information system security,Psychology,Attacks

论文评审过程:Received 9 December 2019, Revised 4 August 2020, Accepted 30 November 2020, Available online 7 December 2020, Version of Record 23 November 2021.

论文官网地址:https://doi.org/10.1016/j.is.2020.101699