AUTHOR=Hamoud Aymen , Aïmeur Esma 

TITLE=Handling User-Oriented Cyber-Attacks: STRIM, a User-Based Security Training Model

JOURNAL=Frontiers in Computer Science

VOLUME=Volume 2 - 2020

YEAR=2020

URL=https://www.frontiersin.org/journals/computer-science/articles/10.3389/fcomp.2020.00025

DOI=10.3389/fcomp.2020.00025

ISSN=2624-9898

ABSTRACT=Privacy has become an increasingly rare commodity these days as personal information can never again be private once it enters a social network. That latter became an incubator environment and a carrier for cyber-attacks, either by providing the necessary information about victims or facilitating the task of reaching them. Social media create relationships and trust between individuals, without any authority checking and validating their identity. 
This paper analyses the different attack vectors and techniques used against end-users to target their organizations. It shows how the available disclosed information can be transformed into a useful image about the organization  and the role of the victim inside it. These leaks not only expose users to the risk of cyberattacks, but they also give attackers the opportunity to create personalized cyber-attacks that are difficult to avoid.
This paper highlights these user-oriented attacks. It first demonstrates the impact of the disclosed information on the process of the attack formulation in addition to group influence on an individual’s vulnerability. Next, the various psychological manipulation factors and cognitive bias behind the user’s failure to detecting these attacks demonstrated.
This research introduces a theoretical user-based security training model called STRIM, which addresses the above security concerns. It aims to educate and train users to detect, avoid, and report cyberattacks in which they are the primary target. The proposed model is a solution to help organizations establish security-conscious behaviors among their employees.