Skip to main content

Expert Systems in Information Security: A Comprehensive Exploration of Awareness Strategies Against Social Engineering Attacks

  • Conference paper
  • First Online:
Good Practices and New Perspectives in Information Systems and Technologies (WorldCIST 2024)

Abstract

This article delves into the pivotal role of expert systems in bolstering information security, with a specific emphasis on their effectiveness in awareness and training programs aimed at thwarting social engineering attacks. Employing a snowball methodology, the research expands upon seminal works, highlighting the intersection between expert systems and cybersecurity. The study identifies a gap in current understanding and aims to contribute valuable insights to the field. By analyzing five key articles as seeds, the research explores the landscape of expert systems in information security, emphasizing their potential impact on cultivating robust defenses against evolving cyber threats.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. Hijji, M., Alam, G.: Cybersecurity Awareness and Training (CAT) framework for remote working employees. Sensors (Basel). 22(22), 8663 (2022). https://www.mdpi.com/1424-8220/22/22/8663

  2. Mitnick, K.D., Simon, W.L.: The Art of Deception: Controlling the Human Element of Security. John Wiley & Sons, New Jersey (2003)

    Google Scholar 

  3. Hadnagy, C.: Social Engineering: The Art of Human Hacking. John Wiley & Sons, New Jersey (2010)

    Google Scholar 

  4. Coelho, C.F., Rasma, E.T., Morales, G.: Social engineering: a threat to the information society. Exatas & Engenharias. Higher Education Institutes of Censa. 3(05) (2013)

    Google Scholar 

  5. Aramuni, J.P.C., Maia, L.C.: The impact of social engineering on information security: a management-oriented approach. AtoZ: New Pract. Inf. Knowl. 7(1), 31–37 (2020)

    Google Scholar 

  6. Silva, N.B.X., Araújo, W.J.d., Azevedo, P.M.d.: Social engineering in online social networks: a case study on the exposure of personal information and the need for information security strategies. Ibero-American J. Inf. Sci. 6(2) (2013)

    Google Scholar 

  7. Pinzón, J.J.S. et al.: Social engineering, the before and now of a global problem. National Open and Distance University UNAD (2015)

    Google Scholar 

  8. Honório, T.J.: The use of cyberattacks in elections and international relations. Mural Internacional 9(1), 85–98 (2018)

    Google Scholar 

  9. Júnior, J.V.C.: Threat analysis environment for threat intelligence generation using open sources (2018)

    Google Scholar 

  10. Paschoal, D.A.C., Pereira, G.F.: Information security in Industry 4.0: NIST framework. Faculdade de Tecnologia de Americana (2019)

    Google Scholar 

  11. Dantas, A.R.P.: CYRM: Cyber Range to support the teaching of defense for students in the Information Security discipline (2022)

    Google Scholar 

  12. Nair, A.S.V., Achary, R.: Social Engineering Defender (SE.Def): human emotion factor based classification and defense against social engineering attacks. In: 2023 International Conference on Artificial Intelligence and Applications (ICAIA) Alliance Technology Conference (ATCON-1), Bangalore, India, pp. 1–5 (2023). https://doi.org/10.1109/ICAIA57370.2023.10169678.

  13. Bickman, L., Rog, D.J.: The SAGE Handbook of Applied Social Research Methods. Sage publications, California (2008)

    Google Scholar 

  14. Vinuto, J.: A amostragem em bola de neve na pesquisa qualitativa: um debate em aberto. Temáticas, 22(44), 203–220 (2014)

    Google Scholar 

  15. Rani, C., Goel, S.: CSAAES: an expert system for cyber security attack awareness. In: International Conference on Computing, Communication Automation, pp. 242–245 (2015). https://doi.org/10.1109/CCAA.2015.7148381

  16. Obuhuma, J., Zivuku, S.: Social engineering based cyber-attacks in Kenya. In: 2020 IST-Africa Conference (IST-Africa), pp. 1–9 (2020)

    Google Scholar 

  17. Adane, K.: Development of advisory knowledge-based expert system to identify and mitigate unintentional insider threats in financial institutions of Ethiopia. IUP J. Comput. Sci. 14(3), 7–23 (2020). IUP Publications

    Google Scholar 

  18. Dash, B., Ansari, M.F.: An Effective Cybersecurity Awareness Training Model: First Defense of an Organizational Security Strategy (2022)

    Google Scholar 

  19. Normatov, S., Rakhmatullaev, M.: Expert system with fuzzy logic for protecting scientific information resources. In: 2020 International Conference on Information Science and Communications Technologies (ICISCT), 1–4 (2020). https://doi.org/10.1109/ICISCT50599.2020.9351498

Download references

Acknowledgments

Grateful for our supervisor’s invaluable assistance, we extend heartfelt thanks to the Federal University of Sergipe, Brazil, and CAPES (PDPG - Strategic Partnerships in States III) for their unwavering support in completing this research. We also appreciate the contributions of the seed article authors and acknowledge the researchers and practitioners whose work forms the foundation of this snowball review.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Waldson Rodrigues Cardoso .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Cardoso, W.R., Ribeiro, A.d.R.L., Silva, J.M.C.d. (2024). Expert Systems in Information Security: A Comprehensive Exploration of Awareness Strategies Against Social Engineering Attacks. In: Rocha, Á., Adeli, H., Dzemyda, G., Moreira, F., Poniszewska-Marańda, A. (eds) Good Practices and New Perspectives in Information Systems and Technologies. WorldCIST 2024. Lecture Notes in Networks and Systems, vol 986. Springer, Cham. https://doi.org/10.1007/978-3-031-60218-4_4

Download citation

Publish with us

Policies and ethics