CyberCorps: Capacity Building In Social Engineering Penetration Testing
CyberCorps:社会工程渗透测试的能力建设
基本信息
- 批准号:1723765
- 负责人:
- 金额:$ 50万
- 依托单位:
- 依托单位国家:美国
- 项目类别:Standard Grant
- 财政年份:2017
- 资助国家:美国
- 起止时间:2017-09-01 至 2023-08-31
- 项目状态:已结题
- 来源:
- 关键词:
项目摘要
Social engineering is the act of using methods of deception to manipulate victims into revealing personal information. Social engineering attacks can be launched through different methods, such as targeted phishing/scam emails, fraudulent text messages, or by observation of a person's computer activity over their shoulder, i.e., "shoulder surfing." The project from Texas Tech University will identify the social skillsets that professional and ethical hackers need for launching deceptive social engineering attacks. This project proposes to: carry-out experiments to understand factors at play during social engineering attacks; develop of educational materials that incorporate lessons learned from these experiments; and offer opportunities for students and educators to practice social engineering attack-tactics with one another. Through these approaches, the project will increase the number of cybersecurity-capable professionals and enable them to conduct better and more effective tests of security of systems. Through the project, human-factor experiments will be conducted to understand the factors at play on three major social engineering attack methods: i) the characteristics of emails that enable launching successful phishing attacks, ii) the behavior and manner of attackers when deceiving victims through phone calls with the purpose of divulging the victims' personal information, and iii) the behavior and manner of attackers when physically approaching victims with the goal of obtaining sensitive information. In addition, project personnel will develop a set of instructional modules for a course on Social Engineering. Those modules will a) reflect the results of the human-factor experiments, b) include penetration testing attack toolkits that allow students to gain hands-on experience with such attacks, and c) include lesson plans to help cybersecurity professionals learn social engineering content and become better penetration testers. To build a capacity in social engineering, the project will offer professional development workshops for students and educators from across the nation where the results of this research will be showcased. These workshops will provide an opportunity for students and educators to gain hands-on experience with social engineering skills so that they may better understand the nature and efficacy of these approaches, and be better equipped to address them.
社会工程是使用欺骗方法操纵受害者透露个人信息的行为。社会工程攻击可以通过不同的方法发起,例如有针对性的网络钓鱼/诈骗电子邮件,欺诈性短信,或通过观察一个人的计算机活动,即,“肩膀冲浪。德克萨斯理工大学的这个项目将确定专业和道德黑客发动欺骗性社会工程攻击所需的社会技能。该项目建议:开展实验,以了解社会工程攻击过程中起作用的因素;开发教育材料,将从这些实验中吸取的教训纳入其中;并为学生和教育工作者提供相互练习社会工程攻击战术的机会。通过这些方法,该项目将增加具有网络安全能力的专业人员的数量,使他们能够对系统安全进行更好和更有效的测试。通过该项目,将进行人为因素实验,以了解三种主要社会工程攻击方法的影响因素:i)能够成功发起网络钓鱼攻击的电子邮件的特征,ii)攻击者通过电话欺骗受害者以泄露受害者个人信息时的行为和方式,以及iii)攻击者以获取敏感信息为目的接近受害者时的行为和方式。此外,项目人员将为社会工程学课程编制一套教学单元。这些模块将a)反映人为因素实验的结果,B)包括渗透测试攻击工具包,使学生能够获得此类攻击的实践经验,以及c)包括课程计划,以帮助网络安全专业人员学习社会工程内容并成为更好的渗透测试人员。为了建立社会工程的能力,该项目将为来自全国各地的学生和教育工作者提供专业发展研讨会,展示这项研究的成果。这些讲习班将为学生和教育工作者提供一个机会,使他们能够获得社会工程技能的实践经验,以便他们能够更好地了解这些方法的性质和功效,并更好地解决这些问题。
项目成果
期刊论文数量(23)
专著数量(0)
科研奖励数量(0)
会议论文数量(0)
专利数量(0)
An autoencoder-based deep learning approach for clustering time series data
- DOI:10.1007/s42452-020-2584-8
- 发表时间:2020-04
- 期刊:
- 影响因子:2.6
- 作者:Neda Tavakoli;Sima Siami‐Namini;Mahdi Adl Khanghah;Fahimeh Mirza Soltani;Akbar Siami Namin
- 通讯作者:Neda Tavakoli;Sima Siami‐Namini;Mahdi Adl Khanghah;Fahimeh Mirza Soltani;Akbar Siami Namin
Email Embeddings for Phishing Detection
用于网络钓鱼检测的电子邮件嵌入
- DOI:10.1109/bigdata50022.2020.9377821
- 发表时间:2020
- 期刊:
- 影响因子:0
- 作者:Gutierrez, Luis Felipe;Abri, Faranak;Armstrong, Miriam;Namin, Akbar Siami;Jones, Keith S.
- 通讯作者:Jones, Keith S.
A Concern Analysis of Federal Reserve Statements: The Great Recession vs. The COVID-19 Pandemic
- DOI:10.1109/bigdata50022.2020.9377828
- 发表时间:2020-12
- 期刊:
- 影响因子:0
- 作者:Luis Felipe Gutiérrez;Sima Siami‐Namini;Neda Tavakoli;A. Namin
- 通讯作者:Luis Felipe Gutiérrez;Sima Siami‐Namini;Neda Tavakoli;A. Namin
Cloud: A Platform to Launch Stealth Attacks
云:发起隐形攻击的平台
- DOI:10.1109/compsac48688.2020.00-33
- 发表时间:2020
- 期刊:
- 影响因子:0
- 作者:Chatterjee, Moitrayee;Datta, Prerit;Abri, Faranak;Siami Namin, Akbar;Jones, Keith S.
- 通讯作者:Jones, Keith S.
Abuse of the Cloud as an Attack Platform
滥用云作为攻击平台
- DOI:10.1109/compsac48688.2020.0-125
- 发表时间:2020
- 期刊:
- 影响因子:0
- 作者:Chatterjee, Moitrayee;Datta, Prerit;Abri, Faranak;Siami Namin, Akbar;Jones, Keith S.
- 通讯作者:Jones, Keith S.
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
数据更新时间:{{ journalArticles.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ monograph.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ sciAawards.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ conferencePapers.updateTime }}
{{ item.title }}
- 作者:
{{ item.author }}
数据更新时间:{{ patent.updateTime }}
Akbar Siami Namin其他文献
Akbar Siami Namin的其他文献
{{
item.title }}
{{ item.translation_title }}
- DOI:
{{ item.doi }} - 发表时间:
{{ item.publish_year }} - 期刊:
- 影响因子:{{ item.factor }}
- 作者:
{{ item.authors }} - 通讯作者:
{{ item.author }}
{{ truncateString('Akbar Siami Namin', 18)}}的其他基金
Collaborative Research: SaTC: CORE: Small: Analytical Models for Conversational Social Engineering Attacks
协作研究:SaTC:核心:小型:对话式社会工程攻击的分析模型
- 批准号:
2319802 - 财政年份:2023
- 资助金额:
$ 50万 - 项目类别:
Continuing Grant
I-Corps: A Platform to Automatically Measure Users Susceptibility to Social Engineering Attacks
I-Corps:自动测量用户对社会工程攻击敏感度的平台
- 批准号:
2227704 - 财政年份:2022
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
SaTC: EDU: Improving Student Learning and Engagement in Digital Forensics through Collaborative Investigation of Cyber Security Incidents and Simulated Capture-the-Flag Exercises
SaTC:EDU:通过网络安全事件的协作调查和模拟夺旗练习来提高学生对数字取证的学习和参与
- 批准号:
1821560 - 财政年份:2018
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
SBE: Medium: User-Centric Design of a Sonification System for Automatically Alarming Security Threats and Impact
SBE:中:以用户为中心的声音化系统设计,用于自动警报安全威胁和影响
- 批准号:
1564293 - 财政年份:2016
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
Building Cybersecurity Workforce and Capacity through Enhancing Defending Skill Sets
通过增强防御技能来建设网络安全劳动力和能力
- 批准号:
1516636 - 财政年份:2015
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
I-Corps: CyberExercises, Instructional Modules Development for Exercise-based Teaching of CyberSecurity Concepts
I-Corps:网络练习、网络安全概念基于练习的教学的教学模块开发
- 批准号:
1514603 - 财政年份:2015
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
EAGER: Sonifying Cyber-Security Cues for Internet Users Who Are Visually Impaired
EAGER:为视障互联网用户提供清晰的网络安全提示
- 批准号:
1347521 - 财政年份:2013
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
SFS: Capacity Building: Collaborative Project: Cyber-Security Education for Community College Faculty in Texas
SFS:能力建设:合作项目:德克萨斯州社区学院教师的网络安全教育
- 批准号:
1241756 - 财政年份:2012
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
相似海外基金
Expanding syphilis screening among pregnant women in Indonesia using the rapid dual test for syphilis & HIV with capacity building: The DUALIS Study
使用梅毒快速双重检测扩大印度尼西亚孕妇梅毒筛查
- 批准号:
MR/Y004825/1 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Research Grant
Capacity Assessment, Tracking, & Enhancement through Network Analysis: Developing a Tool to Inform Capacity Building Efforts in Complex STEM Education Systems
能力评估、跟踪、
- 批准号:
2315532 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
Planning: FIRE-PLAN: Building Wildland Fire Science Capacity in Alaska Through The University of Alaska Fairbanks Rural Campuses
规划:FIRE-PLAN:通过阿拉斯加大学费尔班克斯乡村校区建设阿拉斯加荒地火灾科学能力
- 批准号:
2333423 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
EMBRACE-AGS-Seed: Decadal Trends of Atmospheric Ethane - Building Capacity for Trace Gas Analysis and Modeling at Portland State University
EMBRACE-AGS-Seed:大气乙烷的十年趋势 - 波特兰州立大学痕量气体分析和建模能力建设
- 批准号:
2409413 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
Building Capacity through Professional Learning Communities to Advance Identity Integration in STEM Pre-Service Teacher Preparation
通过专业学习社区进行能力建设,促进 STEM 职前教师准备中的身份整合
- 批准号:
2345042 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
ART: Research to Solutions, Building Translational Capacity in the Central Florida Innovation Ecosystem
ART:从研究到解决方案,在佛罗里达州中部创新生态系统中建设转化能力
- 批准号:
2331319 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Cooperative Agreement
Building capacity, fostering community, and supporting champions to implement meaningful family engagement in child health research and practice: Development and evaluation of the Family Engagement in Research Champions Community of Practice (FER Champion
建设能力、培育社区并支持倡导者在儿童健康研究和实践中实施有意义的家庭参与:制定和评估家庭参与研究倡导者实践社区(FER Champion
- 批准号:
484903 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Salary Programs
Creating and Sustaining Noyce Mentors en la Frontera: a HSI Collaborative Capacity Building Grant
在拉弗龙特拉创建和维持诺伊斯导师:HSI 协作能力建设补助金
- 批准号:
2345011 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Standard Grant
Approaches to building patient-oriented research capacity and their applications to the transformation of healthcare services and interventions
建立以患者为中心的研究能力的方法及其在医疗保健服务和干预措施转型中的应用
- 批准号:
477895 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Salary Programs
Evaluating antimicrobial stewardship strategies and capacity building through participatory action research and a network approach in Vietnam
通过越南的参与行动研究和网络方法评估抗菌药物管理策略和能力建设
- 批准号:
MR/Y004701/1 - 财政年份:2024
- 资助金额:
$ 50万 - 项目类别:
Research Grant