You are here: Home / Research / projects / ongoing / DOGANA



PROJECT TITLE : aDvanced sOcial enGineering And vulNerability Assesment Framework

Keywords: Security risk management, risk assessment tools, social engineering


Latest insights into security breaches reveal that most of the security incidents include the human element as a major component of their attacks: about 90% of the attacks include several enabling steps in the attack belonging to the area of Social Engineering (SE) [Ref.26].

Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. The term "social engineering" as an act of psychological manipulation is also associated with the social sciences, but its usage has caught on among computer and information security professionals. (Source: Wikipedia – “Social Engineering”).

Current approaches to IT security and risk management tend to underestimate, or even ignore, the human element in their calculation due to a lack of assessment models, tools, processes and legal backing.

DOGANA will change that situation by pursing three main goals:

1. Raise end-user awareness for social engineering attacks by providing adequate techniques
2. Provide comprehensive risk assessment for companies (including the tool chain needed)
3. Create a legal reference framework to allow compliant risk assessment


For more information on the project, you can consult:

Time span: 2015-09-01 - 2018-08-31
Assigned by: European Commission - H2020, DS-06-2014
Promoter: Anton VEDDER
Staff: Anton VEDDER
Partner(s): AIT Austrian Institute of Technology GmbH
CiTiP-KU Leuven
CiTiP-KU Leuven
Consorzio Nazionale Interuniversitario per la Telecommunicazioni
DBI - Dansk Brand-og sikringsteknisk Institut
ELTA Systems Ltd.
Engineering International Belgium S.A. => Coordinator
Gabinete Nacional de Seguranca
Hewlett Packard Italiana SRL
Ministry of National Defence Greece
National Center for Scientific Research Demokritos
Regia Autonoma de Transport Bucuresti
Scuola Universitaria Professionale Della Svizerra Italiana (SUPSI)
Thales Communications & Security SAS
Thales Services SAS
Visionware - Sistemas de Informacao