A Framework Based on Personality Traits to Identify Vulnerabilities to Social Engineering Attacks

Eduardo Benavides-Astudillo; Néstor Tipan-Guerrero; Gema Castillo-Zambrano; Walter Fuertes Díaz; German Eduardo Rodríguez E.R. Galán; María Fernanda Cazáres; Daniel Nuñez-Agurto

doi:10.1007/978-3-031-03884-6_28

A Framework Based on Personality Traits to Identify Vulnerabilities to Social Engineering Attacks

Eduardo Benavides-Astudillo, Néstor Tipan-Guerrero, Gema Castillo-Zambrano, Walter Fuertes Díaz, German Eduardo Rodríguez E.R. Galán, María Fernanda Cazáres, Daniel Nuñez-Agurto

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

Currently, all users massively use digital devices connected to the Internet. Because of this overcrowding, the number of cybercriminals who use Social Engineering techniques to extract sensitive information from users also increased. The attackers take advantage of the personality traits of their victims, such as friendliness, ignorance of basic security measures, naivety, or overconfidence. To combat this type of attack, we have developed a Framework based on personality traits, allowing us to know which people are more vulnerable than others are. Faced with this scenario, the main aim of this study is to develop a tool that allows determining which people are most vulnerable to Social Engineering attacks. The methodological process consisted of first determining the most common traits of users related to vulnerability. Then, the personality traits of a surveyed group were determined. Finally, the most vulnerable traits were matched with the personality traits of the respondents. The personality traits in which our research was framed is known as the Five-Factor Model of personality. The results show that this framework can be used to detect the most vulnerable user or groups and focus training and awareness on it or these groups.

Original language	English
Title of host publication	Applied Technologies - 3rd International Conference, ICAT 2021, Proceedings
Editors	Miguel Botto-Tobar, Sergio Montes León, Pablo Torres-Carrión, Marcelo Zambrano Vizuete, Benjamin Durakovic
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	381-394
Number of pages	14
ISBN (Print)	9783031038839
DOIs	https://doi.org/10.1007/978-3-031-03884-6_28
State	Published - 2022
Event	3rd International Conference on Applied Technologies, ICAT 2021 - Quito, Ecuador Duration: 27 Oct 2021 → 29 Oct 2021

Publication series

Name	Communications in Computer and Information Science
Volume	1535 CCIS
ISSN (Print)	1865-0929
ISSN (Electronic)	1865-0937

Conference

Conference	3rd International Conference on Applied Technologies, ICAT 2021
Country/Territory	Ecuador
City	Quito
Period	27/10/21 → 29/10/21

Bibliographical note

Publisher Copyright:
© 2022, Springer Nature Switzerland AG.

Keywords

Cybersecurity
Five-Factor Model
Framework
Personal trait
Social Engineering

Access to Document

10.1007/978-3-031-03884-6_28

Cite this

Benavides-Astudillo, E., Tipan-Guerrero, N., Castillo-Zambrano, G., Díaz, W. F., Galán, GER. E. R., Cazáres, M. F., & Nuñez-Agurto, D. (2022). A Framework Based on Personality Traits to Identify Vulnerabilities to Social Engineering Attacks. In M. Botto-Tobar, S. Montes León, P. Torres-Carrión, M. Zambrano Vizuete, & B. Durakovic (Eds.), Applied Technologies - 3rd International Conference, ICAT 2021, Proceedings (pp. 381-394). (Communications in Computer and Information Science; Vol. 1535 CCIS). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-3-031-03884-6_28

Benavides-Astudillo, Eduardo ; Tipan-Guerrero, Néstor ; Castillo-Zambrano, Gema et al. / A Framework Based on Personality Traits to Identify Vulnerabilities to Social Engineering Attacks. Applied Technologies - 3rd International Conference, ICAT 2021, Proceedings. editor / Miguel Botto-Tobar ; Sergio Montes León ; Pablo Torres-Carrión ; Marcelo Zambrano Vizuete ; Benjamin Durakovic. Springer Science and Business Media Deutschland GmbH, 2022. pp. 381-394 (Communications in Computer and Information Science).

@inproceedings{7be6f0ed364e4f66bc8d33155dcefe7d,

title = "A Framework Based on Personality Traits to Identify Vulnerabilities to Social Engineering Attacks",

abstract = "Currently, all users massively use digital devices connected to the Internet. Because of this overcrowding, the number of cybercriminals who use Social Engineering techniques to extract sensitive information from users also increased. The attackers take advantage of the personality traits of their victims, such as friendliness, ignorance of basic security measures, naivety, or overconfidence. To combat this type of attack, we have developed a Framework based on personality traits, allowing us to know which people are more vulnerable than others are. Faced with this scenario, the main aim of this study is to develop a tool that allows determining which people are most vulnerable to Social Engineering attacks. The methodological process consisted of first determining the most common traits of users related to vulnerability. Then, the personality traits of a surveyed group were determined. Finally, the most vulnerable traits were matched with the personality traits of the respondents. The personality traits in which our research was framed is known as the Five-Factor Model of personality. The results show that this framework can be used to detect the most vulnerable user or groups and focus training and awareness on it or these groups.",

keywords = "Cybersecurity, Five-Factor Model, Framework, Personal trait, Social Engineering",

author = "Eduardo Benavides-Astudillo and N{\'e}stor Tipan-Guerrero and Gema Castillo-Zambrano and D{\'i}az, {Walter Fuertes} and Gal{\'a}n, {German Eduardo Rodr{\'i}guez E.R.} and Caz{\'a}res, {Mar{\'i}a Fernanda} and Daniel Nu{\~n}ez-Agurto",

note = "Publisher Copyright: {\textcopyright} 2022, Springer Nature Switzerland AG.; null ; Conference date: 27-10-2021 Through 29-10-2021",

year = "2022",

doi = "10.1007/978-3-031-03884-6_28",

language = "English",

isbn = "9783031038839",

series = "Communications in Computer and Information Science",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "381--394",

editor = "Miguel Botto-Tobar and {Montes Le{\'o}n}, Sergio and Pablo Torres-Carri{\'o}n and {Zambrano Vizuete}, Marcelo and Benjamin Durakovic",

booktitle = "Applied Technologies - 3rd International Conference, ICAT 2021, Proceedings",

address = "Germany",

}

Benavides-Astudillo, E, Tipan-Guerrero, N, Castillo-Zambrano, G, Díaz, WF, Galán, GERER, Cazáres, MF & Nuñez-Agurto, D 2022, A Framework Based on Personality Traits to Identify Vulnerabilities to Social Engineering Attacks. in M Botto-Tobar, S Montes León, P Torres-Carrión, M Zambrano Vizuete & B Durakovic (eds), Applied Technologies - 3rd International Conference, ICAT 2021, Proceedings. Communications in Computer and Information Science, vol. 1535 CCIS, Springer Science and Business Media Deutschland GmbH, pp. 381-394, 3rd International Conference on Applied Technologies, ICAT 2021, Quito, Ecuador, 27/10/21. https://doi.org/10.1007/978-3-031-03884-6_28

A Framework Based on Personality Traits to Identify Vulnerabilities to Social Engineering Attacks. / Benavides-Astudillo, Eduardo; Tipan-Guerrero, Néstor; Castillo-Zambrano, Gema et al.

Applied Technologies - 3rd International Conference, ICAT 2021, Proceedings. ed. / Miguel Botto-Tobar; Sergio Montes León; Pablo Torres-Carrión; Marcelo Zambrano Vizuete; Benjamin Durakovic. Springer Science and Business Media Deutschland GmbH, 2022. p. 381-394 (Communications in Computer and Information Science; Vol. 1535 CCIS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - A Framework Based on Personality Traits to Identify Vulnerabilities to Social Engineering Attacks

AU - Benavides-Astudillo, Eduardo

AU - Tipan-Guerrero, Néstor

AU - Castillo-Zambrano, Gema

AU - Díaz, Walter Fuertes

AU - Galán, German Eduardo Rodríguez E.R.

AU - Cazáres, María Fernanda

AU - Nuñez-Agurto, Daniel

PY - 2022

Y1 - 2022

N2 - Currently, all users massively use digital devices connected to the Internet. Because of this overcrowding, the number of cybercriminals who use Social Engineering techniques to extract sensitive information from users also increased. The attackers take advantage of the personality traits of their victims, such as friendliness, ignorance of basic security measures, naivety, or overconfidence. To combat this type of attack, we have developed a Framework based on personality traits, allowing us to know which people are more vulnerable than others are. Faced with this scenario, the main aim of this study is to develop a tool that allows determining which people are most vulnerable to Social Engineering attacks. The methodological process consisted of first determining the most common traits of users related to vulnerability. Then, the personality traits of a surveyed group were determined. Finally, the most vulnerable traits were matched with the personality traits of the respondents. The personality traits in which our research was framed is known as the Five-Factor Model of personality. The results show that this framework can be used to detect the most vulnerable user or groups and focus training and awareness on it or these groups.

AB - Currently, all users massively use digital devices connected to the Internet. Because of this overcrowding, the number of cybercriminals who use Social Engineering techniques to extract sensitive information from users also increased. The attackers take advantage of the personality traits of their victims, such as friendliness, ignorance of basic security measures, naivety, or overconfidence. To combat this type of attack, we have developed a Framework based on personality traits, allowing us to know which people are more vulnerable than others are. Faced with this scenario, the main aim of this study is to develop a tool that allows determining which people are most vulnerable to Social Engineering attacks. The methodological process consisted of first determining the most common traits of users related to vulnerability. Then, the personality traits of a surveyed group were determined. Finally, the most vulnerable traits were matched with the personality traits of the respondents. The personality traits in which our research was framed is known as the Five-Factor Model of personality. The results show that this framework can be used to detect the most vulnerable user or groups and focus training and awareness on it or these groups.

KW - Cybersecurity

KW - Five-Factor Model

KW - Framework

KW - Personal trait

KW - Social Engineering

UR - http://www.scopus.com/inward/record.url?scp=85128490368&partnerID=8YFLogxK

U2 - 10.1007/978-3-031-03884-6_28

DO - 10.1007/978-3-031-03884-6_28

M3 - Conference contribution

AN - SCOPUS:85128490368

SN - 9783031038839

T3 - Communications in Computer and Information Science

SP - 381

EP - 394

BT - Applied Technologies - 3rd International Conference, ICAT 2021, Proceedings

A2 - Botto-Tobar, Miguel

A2 - Montes León, Sergio

A2 - Torres-Carrión, Pablo

A2 - Zambrano Vizuete, Marcelo

A2 - Durakovic, Benjamin

PB - Springer Science and Business Media Deutschland GmbH

Y2 - 27 October 2021 through 29 October 2021

ER -

Benavides-Astudillo E, Tipan-Guerrero N, Castillo-Zambrano G, Díaz WF, Galán GERER, Cazáres MF et al. A Framework Based on Personality Traits to Identify Vulnerabilities to Social Engineering Attacks. In Botto-Tobar M, Montes León S, Torres-Carrión P, Zambrano Vizuete M, Durakovic B, editors, Applied Technologies - 3rd International Conference, ICAT 2021, Proceedings. Springer Science and Business Media Deutschland GmbH. 2022. p. 381-394. (Communications in Computer and Information Science). doi: 10.1007/978-3-031-03884-6_28

A Framework Based on Personality Traits to Identify Vulnerabilities to Social Engineering Attacks

Abstract

Publication series

Conference

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this