Using machine learning algorithms to predict individuals’ tendency to be victim of social engineering attacks

In information security context, social engineering is defined as malicious activities caused by cybercriminals by means of human interactions. It is mainly a psychological manipulation technique which gets benefit of human error to reach private information. This study used machine learning algorit...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Information development 2024-06, Vol.40 (2), p.298-318
Hauptverfasser: Huseynov, Farid, Ozdenizci Kose, Busra
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page 318
container_issue 2
container_start_page 298
container_title Information development
container_volume 40
creator Huseynov, Farid
Ozdenizci Kose, Busra
description In information security context, social engineering is defined as malicious activities caused by cybercriminals by means of human interactions. It is mainly a psychological manipulation technique which gets benefit of human error to reach private information. This study used machine learning algorithms to predict individuals’ susceptibility to be tricked by social engineering attacks. Simulated scenarios were presented to study participants, and they were asked to identify whether each scenario was a social engineering attack or not. Different kinds of attacks related to various industries were integrated to social engineering simulations. For each participant, different types of social engineering scores were calculated according to their responses. Besides simulations, questionnaires related to demographics, technology usage, and personality traits were filled out by the participants. All of these collected data were used in building predictive classification and regression machine learning models. Through regression and classification models, it was aimed to proactively predict individuals’ social engineering risk levels and classify them into different risk groups in terms of different attack types. This research revealed that it is possible to predetermine the social engineering risk levels of individuals. This important finding means that possible attacks can be prevented by raising awareness before the attack occurs. Within the scope of this study, a social engineering risk detection mobile application has also been developed to give practitioners and policy makers an idea of what kind of systems can be developed in order to determine the risk levels of individuals and then to educate them about various attacks. The ones who need to take action against social engineering attacks will get benefit from findings of this research.
doi_str_mv 10.1177/02666669221116336
format Article
fullrecord <record><control><sourceid>proquest_cross</sourceid><recordid>TN_cdi_proquest_journals_3047101384</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sage_id>10.1177_02666669221116336</sage_id><sourcerecordid>3047101384</sourcerecordid><originalsourceid>FETCH-LOGICAL-c312t-ce0946fe1813d8b4075bbd8b52e8a448703cc34a82df1519867e5695d9fce4b03</originalsourceid><addsrcrecordid>eNp1kE1OwzAQhS0EEqVwAHaWWKd4YsdJlqjiT0JiQ9eR40xSl9QutlupO67B9TgJCUVigZjNjGa-90Z6hFwCmwHk-TVL5VhlmgKA5FwekQnkAhIpZHlMJuM9GYFTchbCirEUmOQT4hbB2I6ulV4ai7RH5e24UH3nvInLdaDR0Y3HxuhIjW3MzjRb1YfP9w8a0TZo9X5EaqS7ATFr6loanDaqp2i7wRT9t2GMSr-Gc3LSDmq8-OlTsri7fZk_JE_P94_zm6dEc0hjopGVQrYIBfCmqAXLs7oehizFQglR5IxrzYUq0qaFDMpC5pjJMmvKVqOoGZ-Sq4Pvxru3LYZYrdzW2-FlxZnIgQEvxEDBgdLeheCxrTberJXfV8CqMdfqT66DZnbQBNXhr-v_gi8g8Xnk</addsrcrecordid><sourcetype>Aggregation Database</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>3047101384</pqid></control><display><type>article</type><title>Using machine learning algorithms to predict individuals’ tendency to be victim of social engineering attacks</title><source>SAGE Complete A-Z List</source><creator>Huseynov, Farid ; Ozdenizci Kose, Busra</creator><creatorcontrib>Huseynov, Farid ; Ozdenizci Kose, Busra</creatorcontrib><description>In information security context, social engineering is defined as malicious activities caused by cybercriminals by means of human interactions. It is mainly a psychological manipulation technique which gets benefit of human error to reach private information. This study used machine learning algorithms to predict individuals’ susceptibility to be tricked by social engineering attacks. Simulated scenarios were presented to study participants, and they were asked to identify whether each scenario was a social engineering attack or not. Different kinds of attacks related to various industries were integrated to social engineering simulations. For each participant, different types of social engineering scores were calculated according to their responses. Besides simulations, questionnaires related to demographics, technology usage, and personality traits were filled out by the participants. All of these collected data were used in building predictive classification and regression machine learning models. Through regression and classification models, it was aimed to proactively predict individuals’ social engineering risk levels and classify them into different risk groups in terms of different attack types. This research revealed that it is possible to predetermine the social engineering risk levels of individuals. This important finding means that possible attacks can be prevented by raising awareness before the attack occurs. Within the scope of this study, a social engineering risk detection mobile application has also been developed to give practitioners and policy makers an idea of what kind of systems can be developed in order to determine the risk levels of individuals and then to educate them about various attacks. The ones who need to take action against social engineering attacks will get benefit from findings of this research.</description><identifier>ISSN: 0266-6669</identifier><identifier>EISSN: 1741-6469</identifier><identifier>DOI: 10.1177/02666669221116336</identifier><language>eng</language><publisher>London, England: SAGE Publications</publisher><subject>Algorithms ; Classification ; Cybercrime ; Demographics ; Machine learning ; Personality traits ; Regression analysis</subject><ispartof>Information development, 2024-06, Vol.40 (2), p.298-318</ispartof><rights>The Author(s) 2022</rights><lds50>peer_reviewed</lds50><woscitedreferencessubscribed>false</woscitedreferencessubscribed><citedby>FETCH-LOGICAL-c312t-ce0946fe1813d8b4075bbd8b52e8a448703cc34a82df1519867e5695d9fce4b03</citedby><cites>FETCH-LOGICAL-c312t-ce0946fe1813d8b4075bbd8b52e8a448703cc34a82df1519867e5695d9fce4b03</cites><orcidid>0000-0002-8414-5252 ; 0000-0002-9936-0596</orcidid></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><linktopdf>$$Uhttps://journals.sagepub.com/doi/pdf/10.1177/02666669221116336$$EPDF$$P50$$Gsage$$H</linktopdf><linktohtml>$$Uhttps://journals.sagepub.com/doi/10.1177/02666669221116336$$EHTML$$P50$$Gsage$$H</linktohtml><link.rule.ids>314,780,784,21810,27915,27916,43612,43613</link.rule.ids></links><search><creatorcontrib>Huseynov, Farid</creatorcontrib><creatorcontrib>Ozdenizci Kose, Busra</creatorcontrib><title>Using machine learning algorithms to predict individuals’ tendency to be victim of social engineering attacks</title><title>Information development</title><addtitle>Information Development</addtitle><description>In information security context, social engineering is defined as malicious activities caused by cybercriminals by means of human interactions. It is mainly a psychological manipulation technique which gets benefit of human error to reach private information. This study used machine learning algorithms to predict individuals’ susceptibility to be tricked by social engineering attacks. Simulated scenarios were presented to study participants, and they were asked to identify whether each scenario was a social engineering attack or not. Different kinds of attacks related to various industries were integrated to social engineering simulations. For each participant, different types of social engineering scores were calculated according to their responses. Besides simulations, questionnaires related to demographics, technology usage, and personality traits were filled out by the participants. All of these collected data were used in building predictive classification and regression machine learning models. Through regression and classification models, it was aimed to proactively predict individuals’ social engineering risk levels and classify them into different risk groups in terms of different attack types. This research revealed that it is possible to predetermine the social engineering risk levels of individuals. This important finding means that possible attacks can be prevented by raising awareness before the attack occurs. Within the scope of this study, a social engineering risk detection mobile application has also been developed to give practitioners and policy makers an idea of what kind of systems can be developed in order to determine the risk levels of individuals and then to educate them about various attacks. The ones who need to take action against social engineering attacks will get benefit from findings of this research.</description><subject>Algorithms</subject><subject>Classification</subject><subject>Cybercrime</subject><subject>Demographics</subject><subject>Machine learning</subject><subject>Personality traits</subject><subject>Regression analysis</subject><issn>0266-6669</issn><issn>1741-6469</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2024</creationdate><recordtype>article</recordtype><recordid>eNp1kE1OwzAQhS0EEqVwAHaWWKd4YsdJlqjiT0JiQ9eR40xSl9QutlupO67B9TgJCUVigZjNjGa-90Z6hFwCmwHk-TVL5VhlmgKA5FwekQnkAhIpZHlMJuM9GYFTchbCirEUmOQT4hbB2I6ulV4ai7RH5e24UH3nvInLdaDR0Y3HxuhIjW3MzjRb1YfP9w8a0TZo9X5EaqS7ATFr6loanDaqp2i7wRT9t2GMSr-Gc3LSDmq8-OlTsri7fZk_JE_P94_zm6dEc0hjopGVQrYIBfCmqAXLs7oehizFQglR5IxrzYUq0qaFDMpC5pjJMmvKVqOoGZ-Sq4Pvxru3LYZYrdzW2-FlxZnIgQEvxEDBgdLeheCxrTberJXfV8CqMdfqT66DZnbQBNXhr-v_gi8g8Xnk</recordid><startdate>202406</startdate><enddate>202406</enddate><creator>Huseynov, Farid</creator><creator>Ozdenizci Kose, Busra</creator><general>SAGE Publications</general><general>Sage Publications Ltd</general><scope>AAYXX</scope><scope>CITATION</scope><scope>E3H</scope><scope>F2A</scope><orcidid>https://orcid.org/0000-0002-8414-5252</orcidid><orcidid>https://orcid.org/0000-0002-9936-0596</orcidid></search><sort><creationdate>202406</creationdate><title>Using machine learning algorithms to predict individuals’ tendency to be victim of social engineering attacks</title><author>Huseynov, Farid ; Ozdenizci Kose, Busra</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-c312t-ce0946fe1813d8b4075bbd8b52e8a448703cc34a82df1519867e5695d9fce4b03</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2024</creationdate><topic>Algorithms</topic><topic>Classification</topic><topic>Cybercrime</topic><topic>Demographics</topic><topic>Machine learning</topic><topic>Personality traits</topic><topic>Regression analysis</topic><toplevel>peer_reviewed</toplevel><toplevel>online_resources</toplevel><creatorcontrib>Huseynov, Farid</creatorcontrib><creatorcontrib>Ozdenizci Kose, Busra</creatorcontrib><collection>CrossRef</collection><collection>Library &amp; Information Sciences Abstracts (LISA)</collection><collection>Library &amp; Information Science Abstracts (LISA)</collection><jtitle>Information development</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Huseynov, Farid</au><au>Ozdenizci Kose, Busra</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Using machine learning algorithms to predict individuals’ tendency to be victim of social engineering attacks</atitle><jtitle>Information development</jtitle><addtitle>Information Development</addtitle><date>2024-06</date><risdate>2024</risdate><volume>40</volume><issue>2</issue><spage>298</spage><epage>318</epage><pages>298-318</pages><issn>0266-6669</issn><eissn>1741-6469</eissn><abstract>In information security context, social engineering is defined as malicious activities caused by cybercriminals by means of human interactions. It is mainly a psychological manipulation technique which gets benefit of human error to reach private information. This study used machine learning algorithms to predict individuals’ susceptibility to be tricked by social engineering attacks. Simulated scenarios were presented to study participants, and they were asked to identify whether each scenario was a social engineering attack or not. Different kinds of attacks related to various industries were integrated to social engineering simulations. For each participant, different types of social engineering scores were calculated according to their responses. Besides simulations, questionnaires related to demographics, technology usage, and personality traits were filled out by the participants. All of these collected data were used in building predictive classification and regression machine learning models. Through regression and classification models, it was aimed to proactively predict individuals’ social engineering risk levels and classify them into different risk groups in terms of different attack types. This research revealed that it is possible to predetermine the social engineering risk levels of individuals. This important finding means that possible attacks can be prevented by raising awareness before the attack occurs. Within the scope of this study, a social engineering risk detection mobile application has also been developed to give practitioners and policy makers an idea of what kind of systems can be developed in order to determine the risk levels of individuals and then to educate them about various attacks. The ones who need to take action against social engineering attacks will get benefit from findings of this research.</abstract><cop>London, England</cop><pub>SAGE Publications</pub><doi>10.1177/02666669221116336</doi><tpages>21</tpages><orcidid>https://orcid.org/0000-0002-8414-5252</orcidid><orcidid>https://orcid.org/0000-0002-9936-0596</orcidid></addata></record>
fulltext fulltext
identifier ISSN: 0266-6669
ispartof Information development, 2024-06, Vol.40 (2), p.298-318
issn 0266-6669
1741-6469
language eng
recordid cdi_proquest_journals_3047101384
source SAGE Complete A-Z List
subjects Algorithms
Classification
Cybercrime
Demographics
Machine learning
Personality traits
Regression analysis
title Using machine learning algorithms to predict individuals’ tendency to be victim of social engineering attacks
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2025-01-15T04%3A41%3A08IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_cross&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Using%20machine%20learning%20algorithms%20to%20predict%20individuals%E2%80%99%20tendency%20to%20be%20victim%20of%20social%20engineering%20attacks&rft.jtitle=Information%20development&rft.au=Huseynov,%20Farid&rft.date=2024-06&rft.volume=40&rft.issue=2&rft.spage=298&rft.epage=318&rft.pages=298-318&rft.issn=0266-6669&rft.eissn=1741-6469&rft_id=info:doi/10.1177/02666669221116336&rft_dat=%3Cproquest_cross%3E3047101384%3C/proquest_cross%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=3047101384&rft_id=info:pmid/&rft_sage_id=10.1177_02666669221116336&rfr_iscdi=true