信息安全中社会工程入侵的受骗行为模式与防范措施研究

The widespread utilization of information systems has made information security an increasingly prevalent topic in the society. With the advancement in security technologies, users of information systems, the human, is becoming the weakest link in information security. Social engineering intrusions, such as online phishing, exploit human cognitive biases and weaknesses such as curiosity and greed, and manipulate victims into divulging confidential information or performing actions that circumvent security mechanisms, thus compromising security. It is believed that social engineering will be one of the most serious security threats in the next decade. Yet there are very few theory-based studies on this invasion. Drawing on such theoretical underpinning as HSM (heuristic-systematic model) from social psychology and RAT (routine activity theory) from criminology, we strive to develop a comprehensive cognitive-behavioral framework on social engineering from the perspectives of both intruders and targets. This ground-breaking investigation will also employ Game Theory to study the interactions between the intruders and targets and explore the steps leading to a Bayesian Nash equilibrium. Based on the findings from the study, we will design holistic countermeasures in regard to threat identification, prevention, and remediation, and validate the effectiveness of them through field experiments. We hope that with this study we can both contribute to behavioral research in information security and provide instrumental solutions to social engineering threats.

信息系统的普及使得信息安全越来越成为全社会关注的热点问题，随着安全技术的逐步成熟，信息系统的使用者- - "人"已经成为信息安全中的最薄弱环节。社会工程入侵（如网络钓鱼）正是通过利用人类天性中好奇、贪婪等心理弱点和本能反应诱使受害者泄露机密信息，绕过安全防御系统，导致信息安全受损。它将是未来10年最大的信息安全风险，但对该入侵方式的理论性研究尚不多见。本课题试图以社会心理学中的启发-系统模型（HSM）和犯罪学的日常活动理论（RAT）为基础，对社会工程入侵者与受害者的认知行为模型展开实证研究，并基于行为博弈论，探究攻防双方交互行为贝叶斯纳什均衡的选择路径。在理论研究的基础上，设计全面的教育、防范与矫治措施，并采用实验方法对这些组合措施进行验证。在理论上丰富和完善信息安全中的行为学研究成果，在实践上为应对社会工程入侵提供有效对策。

信息系统的普及使得信息安全越来越成为全社会关注的热点问题，随着安全技术的逐步成熟，信息系统的使用者——“人”已经成为信息安全中的最薄弱环节。本研究预期对网络环境中入侵者和受害者的行为及其互动影响因素理论模型进行研究。本课题首先研究了基于RAT模型研究了黑客攻防的行为模型，然后创造性的提出了网络犯罪中的理性与非理性模型结合的理论模型，并进行了深入的研究。随后在网络安全行为方面展开了多个理论模型的研究，包括考虑了企业管理风格与员工遵循信息安全规范的影响。更近一步本项目还考虑了网络中的轻度侵犯行为（网络暴力）的行为模型。从多个方面，对网络安全行为进行了深度研究。