A comprehensive survey on social engineering attacks, countermeasures, case study, and research challenges

【Author】 Rathod, Tejal; Jadav, Nilesh Kumar; Tanwar, Sudeep; Alabdulatif, Abdulatif; Garg, Deepak; Singh, Anupam

【Source】INFORMATION PROCESSING & MANAGEMENT

【影响因子】7.466

【Abstract】Social engineering attacks are inevitable and imperil the integrity, security, and confidentiality of the information used on social media platforms. Prominent technologies, such as blockchain, artificial intelligence (AI), and proactive access controls, were adopted in the literature to confront the social engineering attacks on social media. Nevertheless, a comprehensive survey on this topic is notably absent from the current body of research. Inspired by that, we propose an exhaustive survey comprising an in-depth analysis of 10 distinct social engineering attacks with their real-time scenarios. Furthermore, a detailed solution taxonomy is presented, offering valuable insights (e.g., objective, methodology, and results) to tackle social engineering attacks effectively. Based on the solution taxonomy, we propose an AI and blockchain-based malicious uniform resource locator (URL) detection framework (as a case study) to confront social engineering attacks on the Meta platform. For that, a standard dataset is utilized, which comprises 12 different datasets containing 3980870 malicious and non-malicious URLs. To classify URLs, a binary classification problem is formulated and solved by using different AI classifiers, such as Naive Bayes (NB), decision tree (DT), support vector machine (SVM), and boosted tree (BT). The non-malicious URLs are forwarded to the blockchain network to ensure secure storage, strengthening the effectiveness of the malicious URL detection framework. The proposed framework is evaluated with baseline approaches, wherein the NB achieves noteworthy training accuracy, i.e., 76.87% and training time of (8.23 (s)). Additionally, interplanetary file system (IPFS)-based blockchain achieves a remarkable response time, i.e., (0.245 (ms)) compared to the conventional blockchain technology. We also used execution cost and smart contract vulnerability assessment using Slither to showcase the outperformance of blockchain technology. Lastly, we shed light on the open issues and research challenges of social engineering attacks where research gaps still exist and require further investigation.

【Keywords】Social engineering attack; Cybersecurity; Phishing; Artificial intelligence; Machine learning; Blockchain

【发表时间】2025 JAN

【收录时间】2024-11-16

【文献类型】综述

【主题类别】

区块链治理-技术治理-治理逻辑