{"title":"获取访问与社会工程:威胁的实证研究","authors":"M. Workman","doi":"10.1080/10658980701788165","DOIUrl":null,"url":null,"abstract":"ABSTRACT Recently, research on information security has expanded from its purely technological orientation into striving to understand and explain the role of human behavior in security breaches. However, an area that has been lacking theory-grounded empirical study is in social engineering attacks. While there exists an extensive body of anecdotal literature, factors that account for attack success remains largely speculative. To better understand this increasing phenomenon, we developed a theoretical framework and conducted an empirical field study to investigate social engineering attacks, and from these results, we make recommendations for practice and further research.","PeriodicalId":36738,"journal":{"name":"Journal of Information Systems Security","volume":null,"pages":null},"PeriodicalIF":0.0000,"publicationDate":"2007-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"149","resultStr":"{\"title\":\"Gaining Access with Social Engineering: An Empirical Study of the Threat\",\"authors\":\"M. Workman\",\"doi\":\"10.1080/10658980701788165\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"ABSTRACT Recently, research on information security has expanded from its purely technological orientation into striving to understand and explain the role of human behavior in security breaches. However, an area that has been lacking theory-grounded empirical study is in social engineering attacks. While there exists an extensive body of anecdotal literature, factors that account for attack success remains largely speculative. To better understand this increasing phenomenon, we developed a theoretical framework and conducted an empirical field study to investigate social engineering attacks, and from these results, we make recommendations for practice and further research.\",\"PeriodicalId\":36738,\"journal\":{\"name\":\"Journal of Information Systems Security\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-11-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"149\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Information Systems Security\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1080/10658980701788165\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q4\",\"JCRName\":\"Social Sciences\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Information Systems Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1080/10658980701788165","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q4","JCRName":"Social Sciences","Score":null,"Total":0}
Gaining Access with Social Engineering: An Empirical Study of the Threat
ABSTRACT Recently, research on information security has expanded from its purely technological orientation into striving to understand and explain the role of human behavior in security breaches. However, an area that has been lacking theory-grounded empirical study is in social engineering attacks. While there exists an extensive body of anecdotal literature, factors that account for attack success remains largely speculative. To better understand this increasing phenomenon, we developed a theoretical framework and conducted an empirical field study to investigate social engineering attacks, and from these results, we make recommendations for practice and further research.