Security Basics mailing list archives
Re: Social Engineering Data set
From: xun dong <xundong () cs york ac uk>
Date: Thu, 12 Oct 2006 23:51:55 +0100
I think what you said is correct, that's why I decide to research social engineering properly. It is no doubt that Phishing and pharming should belong to the family of social engineering attacks.
The most important thing for this data set is that: completeness (covers as wide range as possible). I feel that I must missed some thing and if more people contribute to it the more complete the data set will be. Thanks for all people gave me suggestions, I have so far got 32 different social engineering attacks. I am now process it and then I will publish them on Internet for the community to use. I will try to get it done ASAP.
Robinson, Sonja wrote:
Many attacks are of the social engineering type. In fact the most notable are or have obtained much of their information by those techniques- mitnick, poulsen etc. When doing audits and security reviews, I employ social engineering to see what people 'fess up. It is truly amazing.I would look at your search criteria. It is easier to have people give the keys then steal them yourself. Technically phishing is social engineering. It is a manipulation of a user or other party to "give up" pertinent information so that you can gain access. So there is plenty of info.------Original Message------ From: xun dong To: pen-test () securityfocus com To: security-basics () securityfocus com Sent: Oct 11, 2006 6:31 AM Subject: Social Engineering Data set Hello list; I am currently doing research on Social Engineering Attacks. Unlike the technical hack, I found that there is few useful and well documented SE attack examples on the Internet. So I decided to create a data set for SE attacks, and I am willing to publish it for free on the Internet. However, I think only my own experience would not be able to make this dataset as comprehensive as possible. So I would like to ask for help on this list. If you think you have SE attack examples, you can email me. Of course for confidential reason you should not use the real name in your example. If you don't mind I will also publish your name along with the example you provided. Thanks a lot in advance. I hope this could be a step forwards in protecting against SE attacks. -- Xun Dong Research Associate Department of Computer Science University of York --------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE The NSA has designated Norwich University a center of Academic Excellencein Information Security. Our program offers unparalleled Infosec managementeducation and the case study affords you unmatched consulting experience.Using interactive e-Learning technology, you can earn this esteemed degree,without disrupting your career or home life. http://www.msia.norwich.edu/secfocus --------------------------------------------------------------------------- Sent from my wireless Sonja Robinson Cell: 646-468-6518
--------------------------------------------------------------------------- This list is sponsored by: Norwich University EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINEThe NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus ---------------------------------------------------------------------------
Current thread:
- Social Engineering Data set xun dong (Oct 11)
- Re: Social Engineering Data set Frynge Customer Support (Oct 12)
- Re: Social Engineering Data set Lee Lawson (Oct 13)
- RE: Social Engineering Data set Mustafa YĆ¼celgen (Oct 13)
- Re[2]: Social Engineering Data set Matthew Leeds (Oct 13)
- <Possible follow-ups>
- RE: Social Engineering Data set Craig Wright (Oct 12)
- RE: Social Engineering Data set Thomas W Shinder (Oct 12)
- Re: Social Engineering Data set revnic (Oct 12)
- Re: Social Engineering Data set xun dong (Oct 13)
- Re: Social Engineering Data set Magdelin Tey (Oct 13)
- Re: Social Engineering Data set xun dong (Oct 13)
- Re: Social Engineering Data set qxlr (Oct 20)
- Re: Social Engineering Data set Kenton Smith (Oct 15)