| 浅析社会工程入侵与防御 |
| |
| 引用本文: | 赵宇轩.浅析社会工程入侵与防御[J].信息安全与通信保密,2009(11):88-90. |
| |
| 作者姓名: | 赵宇轩 |
| |
| 作者单位: | 泰山医学院,山东,泰安,271000 |
| |
| 摘 要: | 随着计算机技术的发展,及网络安全技术的完善,入侵变得越来越困难和易被发现,一种古老的入侵手段——社会工程入侵以其灵活及隐蔽的特点逐渐被重视。Gartner集团信息安全与风险研究主任Rich Mogull认为“社会工程学是未来10年最大的安全风险,许多破坏力最大的行为是由于社会工程学而不是黑客或破解行为造成的。”文中从社会心理学的角度结合社会工程入侵实例进行分析,得出社会工程入侵的常用技术手段,并针对这些手段提供了一套相对有效的措施抵御该类入侵。
|
| 关 键 词: | 社会工程 身份验证 权限验证 |
Analysis on Intrusion and Defense of Social Engineering |
| |
| ZHAO Yu-xuan.Analysis on Intrusion and Defense of Social Engineering[J].China Information Security,2009(11):88-90. |
| |
| Authors: | ZHAO Yu-xuan |
| |
| Institution: | ZHAO Yu-xuan (Taishan Medical University, Taian Shandong 271000, China) |
| |
| Abstract: | With the development of computer technology, hacker attack becomes more difficult and easily detected. Social engineering, an old intrusion method, gradually attracts much attention for its flexibility and elusiveness. Rich Moguls, the director of Information Security department of Gartner Corporation once pointed out:“Social engineering would be the biggest security risk and might cause many disastrous security risks.”This paper, based on the analysis of social psychology and the example of social engineering attack, describes the common methods of social engineering attack, and provides a series of effective methods for resisting the attack. |
| |
| Keywords: | social engineering identity authentication authority verification |
| 本文献已被 维普 万方数据 等数据库收录! |
|
