The Social Engineering Personality Framework

Sven Uebelacker, Susanne Quiel

    Research output: Chapter in Book/Report/Conference proceedingConference contributionAcademicpeer-review

    38 Citations (Scopus)

    Abstract

    We explore ICT security in a socio-technical world and focus in particular on the susceptibility to social engineering attacks. We pursue the question if and how personality traits influence this susceptibility. This allows us to research human factors and their potential impact on the physical and digital security domains. We show how Cialdini's principles of influence can be used to explain why most social engineering attacks succeed and that these attacks mainly rely on peripheral route persuasion. A comprehensive literature review reveals that individual values of a victim's personality traits relate to social engineering susceptibility. Furthermore, we construct suggestions for plausible relations between personality traits of the Five-Factor Model (Big 5) and the principles of influence. Based on these arguments, we propose our "Social Engineering Personality Framework" (SEPF). It supports and guides security researchers in developing holistic detection, mitigation, and prevention strategies while dealing with human factors.
    Original languageEnglish
    Title of host publication2014 Workshop on Socio-Technical Aspects in Security and Trust (STAST)
    Place of PublicationPiscataway, NJ, USA
    PublisherIEEE
    Pages24-30
    Number of pages7
    ISBN (Print)978-1-4799-7901-1
    DOIs
    Publication statusPublished - Jul 2014
    Event4th Workshop on Socio-Technical Aspects in Security and Trust, STAST 2014 - Vienna, Austria
    Duration: 18 Jul 201418 Jul 2014
    Conference number: 4
    http://stast2014.uni.lu/

    Workshop

    Workshop4th Workshop on Socio-Technical Aspects in Security and Trust, STAST 2014
    Abbreviated titleSTAST
    CountryAustria
    CityVienna
    Period18/07/1418/07/14
    Internet address

    Keywords

    • EC Grant Agreement nr.: FP7/318003
    • METIS-306054
    • IR-101939
    • EWI-25128
    • EC Grant Agreement nr.: FP7/2007-2013

    Fingerprint

    Dive into the research topics of 'The Social Engineering Personality Framework'. Together they form a unique fingerprint.

    Cite this