RTBTS: A Real-Time Behavioural Training System to Mitigate Psychological Vulnerabilities in Social Engineering Attacks
DOI:
https://doi.org/10.62146/ijecbe.v3i1.103Keywords:
Social Engineering, Psychological Vulnerability, Cybersecurity Training, Real-Time Behavioural Training System (RTBTS), Adaptive Learning, Behavioural Monitoring, Threat AnalysisAbstract
The aim of this research is to identify the psychological traits that make people susceptible to social engineering attacks and the effectiveness of current cybersecurity training. The study tries to identify how these factors can be better utilized to enhance the resilience of individuals in response to such an attack, due to a psychological or training deficiency. This involves data collection through structured surveying on internet platforms such as Google Forms. The analysis has been done by means of Python using statistical techniques, focusing on the descriptive analysis and regression analyses that set the links of psychological features and sensitivity to social engineering influenced by training programs. It followed from the research that certain psychological features of a person, like a high level of trust without its verification and readiness to conform with authority, raise his or her susceptibility to social engineering essentially. The training programs assessment had shown positive attitude to their helpfulness though deficiencies in adaptability and frequency of trainings reduce its potential to neutralize sophisticated social engineering techniques. These results reflect that, although the existing training is fairly successful, there is an urgent need for more flexible training methods that would consider individual psychological profiles and be updated regularly in combat with emerging social engineering strategies. Guided by these considerations above, this research supports the establishment of a Real-Time Behavioural Training System, RTBTS, continuous monitoring of dangers for dynamic adapted training modules.
References
N. Akyeşilmen and A. Alhosban, “Non-Technical Cyber-Attacks and International Cybersecurity: The Case of Social Engineering,” Gaziantep University Journal of Social Sciences, vol. 23, no. 1, pp. 342–360, 2024, doi: 10.21547/jss.1346291.
R. Montañez, E. Golob, and S. Xu, “Human Cognition Through the Lens of Social Engineering Cyberattacks,” Sep. 30, 2020, Frontiers Media S.A. doi: 10.3389/fpsyg.2020.01755.
M. Zaoui, B. Yousra, S. Yassine, M. Yassine, and O. Karim, “A Comprehensive Taxonomy of Social Engineering Attacks and Defense Mechanisms: Toward Effective Mitigation Strategies,” IEEE Access, vol. 12, pp. 72224–72241, 2024, doi: 10.1109/ACCESS.2024.3403197.
“A Look-Back on the First Half of the Year: Phishing and Scam Trends Surrounding the Election, the Technology Sector Spike, and Multi-Channel Threats.”
L. Iacono, K. Wojcieszek, and G. Glass, “Q3 2023 Threat Landscape Report: Social Engineering Takes Center Stage.”
Unicc, “UNICC Cyber Threat Landscape Report 2022,” 2023.
“60+ Social Engineering Statistics for 2023”.
Z. Wang, L. Sun, and H. Zhu, “Defining Social Engineering in Cybersecurity,” IEEE Access, vol. 8, pp. 85094–85115, 2020, doi: 10.1109/ACCESS.2020.2992807.
M. K. Mishra and K. D. Pandey, “Social Engineering Attacks and Counter Measures: A Comprehensive Analysis Social Engineering Attacks and Counter A Comprehensive Analysis,” Double International Journal of Advanced Research in Science, Communication and Technology Access, Double-Blind, Peer-Reviewed, Refereed, Multidisciplinary Online Journal, vol. 4, no. 7, 2024, doi: 10.48175/www.ijarsct.co.in.
A. Naz, M. Sarwar, M. Kaleem, M. A. Mushtaq, and S. Rashid, “A comprehensive survey on social engineering-based attacks on social networks,” International Journal of Advanced and Applied Sciences, vol. 11, no. 4, pp. 139–154, Apr. 2024, doi: 10.21833/ijaas.2024.04.016.
A. Moroz, “THE USE OF PSYCHOLOGICAL MANIPULATION BY A CRIMINAL WHEN INTERACTING WITH A CHILD IN CASES OF PROLONGED CORRUPTION OF MINORS,” Criminalistics and Forensics, no. 68, pp. 652–658, Jul. 2023, doi: 10.33994/kndise.2023.68.65.
D. Smith et al., “Psychological, social, and health-related factors predict risk for financial exploitation,” 2024.
R. Marmo and R. Marmo, “Social Engineering Using Social Networking Sites,” in Encyclopedia of Criminal Activities and the Deep Web, IGI Global, 2020, pp. 810–822. doi: 10.4018/978-1-5225-9715-5.ch054.
T. Mokoena, T. Zuva, and M. Appiah, “Analysis of Social Engineering Attacks Using Exploit Kits,” in Intelligent Algorithms in Software Engineering, R. Silhavy, Ed., Cham: Springer International Publishing, 2020, pp. 189–204.
A. A. Abubaker, D. Eleyan, A. Eleyan, T. Bejaoui, N. Katuk, and M. Al-Khalidi, “Social Engineering in Social Network: A Systematic Literature Review,” in 2023 International Symposium on Networks, Computers and Communications (ISNCC), 2023, pp. 1–7. doi: 10.1109/ISNCC58260.2023.10323826.
D. Steggles, “Social Engineering,” Jan. 2001. doi: 10.54254/2977-3903/2/2023016.
S. Priya, D. Gutema, and S. Singh, “A Comprehensive Survey of Recent Phishing Attacks Detection Techniques,” in 2024 5th International Conference on Innovative Trends in Information Technology (ICITIIT), 2024, pp. 1–6. doi: 10.1109/ICITIIT61487.2024.10580446.
I. Opirskyy, S. Vasylyshyn, and A. Piskozub, “ANALYSIS OF THE USE OF SOFTWARE BAITS (HONEYPOTS) AS A MEANS OF ENSURING INFORMATION SECURITY,” Cybersecurity: Education, Science, Technique, vol. 2, no. 10, pp. 88–97, 2020, doi: 10.28925/2663-4023.2020.10.8897.
N. Y. Conteh and P. J. Schmick, “Cybersecurity:risks, vulnerabilities and countermeasures to prevent social engineering attacks,” International Journal of Advanced Computer Research, vol. 6, no. 23, pp. 31–38, Feb. 2016, doi: 10.19101/ijacr.2016.623006.
S. Lohani, “Social Engineering: Hacking into Humans.” [Online]. Available: https://ssrn.com/abstract=3329391
S. M. R. Noval, S. Soecipto, A. Jamaludin, and E. Listiawati, “Dumpster Diving Threat in Personal Data Leakage Case In Indonesia,” International Journal of Ethno-Sciences and Education Research, vol. 3, no. 2, pp. 63–69, 2023.
M. Aldossari and A. Albalawi, “Role of Shoulder Surfing in Cyber Security (Experimental Study to the Comparative Framework),” American Journal of Computer Science and Technology, vol. 6, no. 3, pp. 102–108, Sep. 2023, doi: 10.11648/j.ajcst.20230603.12.
A. Kamruzzaman, K. Thakur, S. Ismat, M. L. Ali, K. Huang, and H. N. Thakur, “Social Engineering Incidents and Preventions,” in 2023 IEEE 13th Annual Computing and Communication Workshop and Conference (CCWC), 2023, pp. 494–498. doi: 10.1109/CCWC57344.2023.10099202.
H. Aldawood and G. Skinner, “An Advanced Taxonomy for Social Engineering Attacks,” Int J Comput Appl, vol. 177, pp. 975–8887, Jan. 2020, doi: 10.5120/ijca2020919744.
A. Sales, N. Torres, and P. Pinto, “An Overview of Threats Exploring the Confusion Between Top-Level Domains and File Type Extensions,” in CODASPY 2024 - Proceedings of the 14th ACM Conference on Data and Application Security and Privacy, Association for Computing Machinery, Inc, Jun. 2024, pp. 167–169. doi: 10.1145/3626232.3658641.
F. Femi-Oyewole, V. Osamor, and D. Okunbor, “A Systematic Review of Social Engineering Attacks & Techniques: The Past, Present, and Future,” in International Conference on Science, Engineering and Business for Driving Sustainable Development Goals, SEB4SDG 2024, Institute of Electrical and Electronics Engineers Inc., 2024. doi: 10.1109/SEB4SDG60871.2024.10629836.
D. Steggles, “Social Engineering,” Jan. 2001. doi: 10.54254/2977-3903/2/2023016.
Y. Choi, “Social Engineering Cyber Threats,” Journal of Global Awareness, vol. 4, no. 2, pp. 1–12, Dec. 2023, doi: 10.24073/jga/4/02/08.
S. A. Duman, R. Hayran, and I. Sogukpinar, “Impact Analysis and Performance Model of Social Engineering Techniques,” in ISDFS 2023 - 11th International Symposium on Digital Forensics and Security, Institute of Electrical and Electronics Engineers Inc., 2023. doi: 10.1109/ISDFS58141.2023.10131771.
Barry Coatesworth, “The psychology of social engineering,” Cyber Security: A Peer-Reviewed Journal, vol. 6, no. 3, Mar. 2023.
A. S. V Nair and R. Achary, “Social Engineering Defender (SE.Def): Human Emotion Factor Based Classification and Defense against Social Engineering Attacks,” in 2023 International Conference on Artificial Intelligence and Applications (ICAIA) Alliance Technology Conference (ATCON-1), 2023, pp. 1–5. doi: 10.1109/ICAIA57370.2023.10169678.
W. Keil, “Social Security,” in Enterprise Social for the Java Platform: Shares, Mashups, Likes, and Ways to Integrate Social Media into Your Cloud Native Enterprise Java Applications, W. Keil, Ed., Berkeley, CA: Apress, 2024, pp. 63–111. doi: 10.1007/978-1-4842-9571-7_4.
V. GREAVU SERBAN and O. SERBAN, “Social Engineering A General Approach,” Informatica Economica, vol. 18, no. 2/2014, pp. 5–14, Jun. 2014, doi: 10.12948/issn14531305/18.2.2014.01.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 International Journal of Electrical, Computer, and Biomedical Engineering
This work is licensed under a Creative Commons Attribution 4.0 International License.
