Kevin Lwakatare

Work place: Department of Computer Science, TUT Centre for Digital Forensics and Cyber Security Tallinn University of Technology, Tallinn, Estonia

E-mail: kevinlwaks@gmail.com

Website:

Research Interests: Hardware Security, Information Security, Network Security, Information-Theoretic Security

Biography

Kevin Lwakatare received his Bachelor of engineering in Information technology from Helsinki Metropolitan University of Applied Science (HMUAS) in 2011 in Finland, After working for two years as software developer, he obtained a scholarship to study in Estonia and then received a Master of Science degree in cyber security from Tallinn university of technology in 2016. Currently he works as cyber security analyst and independent cyber security researcher.

Author Articles
Social Engineering: I-E based Model of Human Weakness for Attack and Defense Investigations

By Wenjun Fan Kevin Lwakatare Rong Rong

DOI: https://doi.org/10.5815/ijcnis.2017.01.01, Pub. Date: 8 Jan. 2017

Social engineering is the attack aimed to manipulate dupe to divulge sensitive information or take actions to help the adversary bypass the secure perimeter in front of the information-related resources so that the attacking goals can be completed. Though there are a number of security tools, such as firewalls and intrusion detection systems which are used to protect machines from being attacked, widely accepted mechanism to prevent dupe from fraud is lacking. However, the human element is often the weakest link of an information security chain, especially, in a human-centered environment. In this paper, we reveal that the human psychological weaknesses result in the main vulnerabilities that can be exploited by social engineering attacks. Also, we capture two essential levels, internal characteristics of human nature and external circumstance influences, to explore the root cause of the human weaknesses. We unveil that the internal characteristics of human nature can be converted into weaknesses by external circumstance influences. So, we propose the I-E based model of human weakness for social engineering investigation. Based on this model, we analyzed the vulnerabilities exploited by different techniques of social engineering, and also, we conclude several defense approaches to fix the human weaknesses. This work can help the security researchers to gain insights into social engineering from a different perspective, and in particular, enhance the current and future research on social engineering defense mechanisms.

[...] Read more.
Other Articles