Two methodologies for physical penetration testing using social engineering

Share/Save/Bookmark

Dimkov, Trajce and Pieters, Wolter and Hartel, Pieter (2009) Two methodologies for physical penetration testing using social engineering. [Report]

[img]PDF
512Kb
Abstract:During a penetration test on the physical security of an organization, if social engineering is used, the penetration tester directly interacts with the employees. These interactions are usually based on deception and if not done properly can upset the employees, violate their privacy or damage their trust towards the organization, leading to law suits and loss of productivity of the organization. This paper proposes two methodologies for performing a physical penetration test where the goal is to gain an asset using social engineering. These methodologies aim to reduce the impact of the penetration test on the employees. The methodologies are validated by a set of penetration tests we did in a period of two years.
Item Type:Report
Copyright:© 2009 University of Twente, Centre for Telematics and Information Technology
Faculty:
Electrical Engineering, Mathematics and Computer Science (EEMCS)
Research Group:
Link to this item:http://purl.utwente.nl/publications/69064
Export this item as:BibTeX
EndNote
HTML Citation
Reference Manager

 

Repository Staff Only: item control page