【打印本页】      【下载PDF全文】   View/Add Comment  Download reader   Close
←前一篇|后一篇→ 过刊浏览    高级检索
本文已被:浏览 7840次   下载 6204 本文二维码信息
码上扫一扫!
社工概念演化分析
王作广,朱红松,孙利民
分享到: 微信 更多
(中国科学院大学 网络空间安全学院 北京 中国 100049;中国科学院信息工程研究所 物联网信息安全技术北京市重点实验室 北京 中国 100093)
摘要:
社工是黑客社区一种非常流行的攻击方法,对网络空间安全造成了严重的危害。然而,社工的概念定义作为理解社工威胁、开展社工研究的基础,却并不一致、明晰,而且随着概念的演化逐渐显现模糊、泛化、消解的趋势,影响社工安全研究与防护工作的开展。本文对社工概念演化进行了体系化的研究,同时也分析了社工攻击威胁的特性及态势,梳理了社工实现方式/技术的发展和趋势,总结了社工概念定义存在的问题及面临的挑战,并对社工概念重新定义问题进行了讨论,以期为社工安全研究提供参考、促进社工安全防护研究。
关键词:  社会工程学  社交工程  社工  概念  演化  定义  安全  威胁  攻击  防护
DOI:10.19363/J.cnki.cn10-1380/tn.2021.03.02
Received:March 19, 2019
基金项目:本课题得到国家重点研发计划(No.2017YFB0802804);自然基金青年项目(No.61702503)资助。
The Concept Evolution Analysis of Social Engineering
WANG Zuoguang,ZHU Hongsong,SUN Limin
School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100049, China;Beijing Key Laboratory of IoT Information Security Technology, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100093, Chinas
Abstract:
Social engineering is a very popular attack in the hacker community, and has brought severe damage to cyber security. However, the concept of social engineering is not consistent and clear, despite its fundamental role in social engineering research. Furthermore, there is a tendency to be obscure, overgeneralize and decompose in the concept evolution of the social engineering. These phenomena impede the security research and defense on social engineering. This paper studies the concept evolution of social engineering, and analyzes the problems and challenges faced by the concept. It ends with a discussion on the concept redefinition, to promote the future research on social engineering.
Key words:  social engineering  concept  evolution  definition  security  threat  attack  defense