Social engineering: psychology applied to Information Security

Psychology and computer science are two scientific disciplines that focus on identifying the particular characteristics of information processing. The first in the human being and the second in the construction of a technical tool that seeks to emulate the brain: the computer. That is why psychology...

Full description

Autores:
Del Pozo Falconí, Iván Mauricio
Tipo de recurso:
Fecha de publicación:
2018
Institución:
Universidad Nacional de Colombia
Repositorio:
Universidad Nacional de Colombia
Idioma:
spa
OAI Identifier:
oai:repositorio.unal.edu.co:unal/64771
Acceso en línea:
https://repositorio.unal.edu.co/handle/unal/64771
http://bdigital.unal.edu.co/65771/
Palabra clave:
0 Generalidades / Computer science, information and general works
51 Matemáticas / Mathematics
62 Ingeniería y operaciones afines / Engineering
Psychology,
Social Engineering
Social networks
Information security
Passwords
Deceptive advertising
Rights
openAccess
License
Atribución-NoComercial 4.0 Internacional
Description
Summary:Psychology and computer science are two scientific disciplines that focus on identifying the particular characteristics of information processing. The first in the human being and the second in the construction of a technical tool that seeks to emulate the brain: the computer. That is why psychology is strongly tied to the moment for people to choose their passwords. Deceptive advertising often compensates (through money, products and free services or other self-esteem tests) to influence a product or service to appear on your social network. In order to increase its consumption among its followers and also to take personal information without your consent. Due to the increase of the use of social networks, our social engineering strategy can efficiently and effectively show that security is subjective and that a significant percentage of users are vulnerable to deceptive advertisement through the internet. This project is based on the need to prevent attacks of information subtraction by obtaining/decrypting the keys of access or in the worst case obtain directly their passwords to the different web services, bank accounts, credit cards of individuals, based on the information that people exposed or share on their social networks. This paper also examines how attackers could obtain/decipher their passwords based on personal information obtained from deceptive advertisements implemented through a social network. The advantage of this approach also shows the user password composition providing a better vision of how hackers use the psychology applied to information security.

Publicaciones similares