You are here: Home / Research / projects / ongoing / DOGANA

DOGANA

 

PROJECT TITLE : aDvanced sOcial enGineering And vulNerability Assesment Framework


Keywords: Security risk management, risk assessment tools, social engineering

 

Latest insights into security breaches reveal that most of the security incidents include the human element as a major component of their attacks: about 90% of the attacks include several enabling steps in the attack belonging to the area of Social Engineering (SE) [Ref.26].

Social engineering, in the context of information security, refers to psychological manipulation of people into performing actions or divulging confidential information. A type of confidence trick for the purpose of information gathering, fraud, or system access, it differs from a traditional "con" in that it is often one of many steps in a more complex fraud scheme. The term "social engineering" as an act of psychological manipulation is also associated with the social sciences, but its usage has caught on among computer and information security professionals. (Source: Wikipedia – “Social Engineering”).

Current approaches to IT security and risk management tend to underestimate, or even ignore, the human element in their calculation due to a lack of assessment models, tools, processes and legal backing.

DOGANA will change that situation by pursing three main goals:

1. Raise end-user awareness for social engineering attacks by providing adequate techniques
2. Provide comprehensive risk assessment for companies (including the tool chain needed)
3. Create a legal reference framework to allow compliant risk assessment

 

For more information on the project, you can consult:

Time span: 2015-09-01 - 2018-08-31
Assigned by: European Commission - H2020, DS-06-2014
Promoter: Anton VEDDER
Co-promoter:  
Staff: Anton VEDDER
Erik KAMANJASEVIC
Contact:  
Partner(s): AIT Austrian Institute of Technology GmbH
CEFRIEL 
CiTiP-KU Leuven
CiTiP-KU Leuven
Consorzio Nazionale Interuniversitario per la Telecommunicazioni
DBI - Dansk Brand-og sikringsteknisk Institut
ELTA Systems Ltd.
Engineering International Belgium S.A. => Coordinator
Gabinete Nacional de Seguranca
Hewlett Packard Italiana SRL
INOV INESC Inovacao
Ministry of National Defence Greece
National Center for Scientific Research Demokritos
PROPRS
Regia Autonoma de Transport Bucuresti
Scuola Universitaria Professionale Della Svizerra Italiana (SUPSI)
Thales Communications & Security SAS
Thales Services SAS
Visionware - Sistemas de Informacao