소개글
소셜 엔지니어링 공격은 인터넷 기술의 발달로 인해 피할 수 없는 요소가 되었습니다. 이 때문에 방어 기술은 발전하고 있지만 공격 경로가 너무 다양해 완벽하게 방어할 수는 없습니다. 기술 기반 공격에서 인간 심리 기반 공격에 이르기까지 예측할 수 없는 새로운 공격 기법이 계속해서 성장하고 있습니다. 따라서 사회 공학 공격에 대한 개인 및 사회적 보호는 최소화되어야 합니다.
본 연구에서는 사회 공학적 공격의 이론적 내용과 실제 사례를 살펴보고 이를 기술 기반 공격과 인간심리공격으로 구분하여 해결 방안을 제시합니다.
목차
1. Abstract
2. Annotated bibliography
3. References
본문내용
Information security is rapidly growing field. In particular, information protection has become an important era for personal information as well as public institutions such as government and company. The government and company which can be incurable in the face of massive damage, are committed to develop technology to block illegal online access and build trust with customers and citizens. Vulnerabilities in government and company expose employees to potential risks, is not security technologies. Also, employees can reveal sensitive information without unintentionally. The most basic of social engineering attacks occur when an attacker tries to access a network of company and government. The attackers often construct trust and exploit trust in employees of organisations that attempt to attack. For this reason, employees easily hand over access authorisation to attackers (Mouton, F., et al. 2016).
참고 자료
Applegate, S. D. (2009). Social Engineering: Hacking the Wetware! Information Security Journal: A Global Perspective, 18(1), 40–46. https://doi.org/10.1080/*************3214
Lee, D., Choi, K., & Kim, K. (2007). Intelligence Report and the Analysis Against the Phishing Attack Which Uses a Social Engineering Technique. In Computational Science and Its Applications – ICCSA 2007: International Conference, Kuala Lumpur, Malaysia, August 26-29, 2007. Proceedings, Part II (Vol. 4706, Lecture Notes in Computer Science, pp. 185-194). Berlin, Heidelberg: Springer Berlin Heidelberg.
Mouton, F., Leenen, L., & Venter, H. S. (2016). Social engineering attack examples, templates and scenarios. Computers & Security, 59, 186–209. https://doi.org/10.1016/j.cose.2016.03.004
Parmar, B. (2012). Protecting against spear-phishing. Computer Fraud & Security, 2012(1), 8–11. https://doi.org/10.1016/s1361-3723(12)70007-6