E-Social Engineering

advertisement
SOCIAL ENGINEERING IN
A DIGITAL ENVIRONMENT
A. Martin Zeus-Brown
Angus M Marshall
University of Teesside
Intro
• About me
– My background
– Research area’s
• Remote covert investigations
• Cyber crime
• Social engineering
– This area is a new area that I’m
interested in exploring and linking in
with my other areas
Idea
• Looking at social engineering
– Its move to the e-environment
– The Technologies used
– Avatars (e-presence)
– Victims
Pre-Contact Social
Engineering model
Victim
identification
Stage 1
Desires
identification
Weakness
identification
Victim identification
• Victims can be:
– A single target selection
– A group selection
– A localisation target
• Feed from intelligence
– Selected to for fill a reward need
– Selected due to a weakness
– Random selection
Pre-Contact Social
Engineering model
Attack type
identification
Stage 2
Attack type Vs.
Victim Desires (Stage 1)
Reward
Attack type identification
•
The attack type identification will affected by:
– Previous attacks carried out (knowledge)
– Ingenuity of the attacker (originality of attacks)
Attackers ability (technical level of the attacks)
– Attackers e- environment security
– The common e-environment ie the game or forum
– Victims expected knowledge (to evade/ignore the attack) Victims
expected e-environment security
Attack type identification
•
The attack (A) type identification will affected by:
–
–
–
–
–
–
–
Previous attacks carried out (knowledge)
Ingenuity of the attacker (originality of attacks)
Attackers ability (technical level of the attacks)
Attackers e- environment security
The common e-environment ie the game or forum
Victims expected knowledge (to evade/ignore the attack)
Victims expected e-environment security
(Ce)
(Ce)
(Ce)
(Cxg)
(Cf )
(Ve)
(Vg)
This can be mapped successfully to the cyber profiling formula
proposed by Marshall Moore and Tompsett [ 2006]
L=(Ce x Cf x A)/(Ve x Vg x C
x
g)
This could help us predict possible social engineering attacks
as it seem to be the criminal is using this logic unwittingly
already to select the best type of attack
Pre-Contact Social
Engineering model
Stage 1
knowledge
Stage 2
knowledge
Reward Vs. Risk Stage 3
Risk > reward
Move back
to stage 1
Risk < reward
Proceed to 1st
contact
How can Pre-contact
information be obtained
• In the meat space environment
–
–
–
–
–
Dumpsters diving
Freedom of information
Public records
Word of mouth
Observation of activity
• The e-environment hold many
similarities
e-Data sources
• Social network sites
– Myspace
– Facebook
– etc
• Online games
– World Of Warcraft
“researchers have claimed that WoW (and other MMOGs) can be
used as a laboratory for studying human behaviour.”
– Age Of Conan
– Dark Ages Of Camelot
(J Bohannon 2008)
The e-garbage Can
• While many people think a deleted web
page has gone.
– We know its not true
•
•
•
•
Wayback Machine
Archive-It Collections
WebCite
Even Google
– cached:URL
– Many more place’s as well such as
• proxy servers
• User’s webhistory
• etc
Social network sites
• You can gather huge amounts of
information such as:
–
–
–
–
–
–
–
–
Name
Address
DOB
Phone number
Employer
School
Friends names
Likes and dislikes (possible password list)
Physical Network Data
Collection
• The Physical network
– WIFI sniffing
• This type of collection requires a
medium to high level of technical
knowledge and would suggest that the
attacker has some prior knowledge
– Man in the middle/Re-play attacks
• Again this requires a high level of
technical knowledge
The uses
• The information + a little social
engineering can result in:
– Grooming.
• Leading child exploitation.
– Fraud.
• including affects on e-economics and virtual economics
[Castronova 2007] [ Castronova 2005]
– Money laundering.
– Terrorism.
– Other linked crimes/acts
1st contact Comparison
•e-environment
–Social compliance
• meat space
– Social compliance
Me,
my virtual self
and Avatar
What is it
The e-presence
• Made up of 3 parts
– The Avatar
– The Persona
– The e-self
What can be considered an
avatar
• Still image.
• 3D model.
– IP law starting to impact on avatar
[Onishi H 2008]
What can be considered an
Persona
• User name
• Nick name
• Any collection of data that the
users want to represents them (or
in some case’s how users feel’s
at a given time)
What can be considered
The e-self
• This is the actions that the
operator or operators of the epresence take:
– Interacting with a playing in a game.
– The wording of the post they make.
• Negatively or Positively
– The good they purchase
– Website’s they visit
– Ect…
Victim Perceptions
• Victim ability to identify fraud in
meat space vs. e-environment.
– Victim’s see a lower threat to their
avatar, due to:
• Little to no tactile ownership
• The removal of physical stimulus
Avatar ownership
• However the owners of avatars
can build a very strong link to the
avatar.
– With arguments, fights and even
death spilling over to meat space
– “Feelings such as love, like, dislike, fear, hate or
indifference drive the agents movements and
affect an agent's reaction to an Inhabitant when
in its vicinity” [Allen, R, 1998]
Further studies
• Furthers studies are needed to
better understand
– The link between meat space a eenvironment susceptibility to social
engineering
– Avatar ownership
– The link between e-self actions and
choices and meat space action and
choices
References
•
•
•
Allen, R (1998) 'The Bush soul: Travelling consciousness in an unreal world', Digital Creativity, 9:1, 7 — 10
Castronova, E, "On Virtual Economies" July 2002. CESifo Working Paper Series No. 752. Available at SSRN:
Castronova, E, Synthetic Worlds: The Business and Culture of Online Games 2005
•
•
Bower J M, "The Scientific Research Potential of Virtual Worlds" 27 July 2007, p. 472
Bohannon J, A TASTE OF THE GONZO SCIENTIST: Scientists Invade Azeroth , 20 June 2008
Science 320 (5883), 1592. [DOI: 10.1126/science.1161351]
Kingsley, M (1899) West African Studies. London: Macmillan and Co., pp. 199-209.
Criminalization of the internet an examination of illegal activity online, Proc EAFS 2006 , Marshall M. Moore G.
Tompsett B, 2006
MacKay M, World of Warcraft, could it be killing our teens. online:http://searchwarp.com/swa26182.htm last
seen: 06/07/2008
Meier, C.A. (1986) Soul and Body. San Francisco: The Lapis Press, pp. 268-277.
Onishi H, Who am I talking to?, Bileta 2008
•
•
•
•
•
Download