Social engineering attacks capitalize on the human mental vulnerability and not technical vulnerability and thus it is not easily spotted by traditional cybersecurity controls. Traditional security mechanisms like authentication system, phishing system, and intrusion system detection systems are largely centered on infrastructure based threats and in most cases fail when genuine users are compromised on authenticated systems. This paper will suggest a real-time behavioural monitoring model to be used in identifying possible manipulation of social engineering during web-form communications. The solution will combine behavioral biometrics and contextual form-usage analysis to detect any interaction anomalies that can suggest cognitive manipulation. Lightweight client-side monitoring captures behavioral information such as the timing of keystroke, the behavior of mouse movements, pauses, and patterns of corrections, and contextual information such as dwell time, field-entry sequence deviation, and frequency of re-edits are derived out of form interaction behavior. The features are converted to session-level vectors and tested based on machine learning models. Experimental assessment of 50 subjects demonstrates that Multi-Layer Perceptron model finds 94.1% percentage with an AUC of 0.96 with less than 1-second inference delay.
P et al. (Thu,) studied this question.
Synapse has enriched 5 closely related papers on similar clinical questions. Consider them for comparative context: