Creator of Knowledge
Information Resources Management Association
Advancing the Concepts & Practices of Information Resources Management in Modern Organizations

A System for Computing Human Deception

A System for Computing Human Deception
View Free PDF
Author(s): Najib Saylani (Hofstra University, USA)
Copyright: 2004
Pages: 3
Source title: Innovations Through Information Technology
Source Editor(s): Mehdi Khosrow-Pour, D.B.A. (Information Resources Management Association, USA)
DOI: 10.4018/978-1-59140-261-9.ch172
ISBN13: 9781616921255
EISBN13: 9781466665347


The book titled ‘The Art of Deception: Controlling the Human Element of Security’ by the now famous former hacker by the name of Kevin D. Mitnick and his coauthor William L.Simon presents a detailed study of how, despite all network security programs from firewalls to strong encryption, IT infrastructure are vulnerable to social engineering attacks that easily circumvent all walls and all type of encryption. Either an insider or some one external to the organization would pose as or impersonate a legitimate user of the system and have easy access to the authorized areas in the system. This process may take longer before intrusion and successive intrusions may take longer to be noticed. It is well known and widely practiced approach by organizations to log and record all users’ transactions for the purpose of network auditing but it is always late to prevent damages to the IT infrastructure. While it is impossible to fully prevent all these type of schemes, it may be possible to indirectly supervise and profile accesses to the system that may be authorized but illegal. We propose a research in this important area that will target as its goal building a system by which detection of illegitimate attempt at accessing a system or detection of authorized but illegal use of the system can be explored in an automated way.

Body Bottom