Social Engineering

Shortcut to lecture materials is here.

The point

The course aims to provide the students with basic knowledge about Social Engineering (mostly in the context of ICT), its common forms and techniques (including hybrid attacks involving technological components), and main countermeasures against it.

Learning outcomes in the course: the students will

In short

The course consists of 8 lectures covering various aspects of Social Engineering, and 4 practical labs/seminars. The structure of the course is based on the book Social Engineering: The Art of Human Hacking by Christopher Hadnagy, complemented with assorted other sources. The participants will be divided into 4 teams, each team will be responsible for one lab (chooses the main topic, compiles a presentation and exercises/experiments done with the participation of other students), the main topic of each lab will be consulted with the instructor beforehands. In addition, each participant is to write a 5-10 page paper on a freely chosen but course-related topic.

The main topics of the course are

  1. Information gathering
  2. Elicitation
  3. Pretexting
  4. Psychological principles in SE
  5. Influence and persuasion
  6. Tools of SE
  7. Case studies and examples
  8. Prevention, mitigation and counters

Paper

The paper is similar to SPEAIT course papers (for those who attended that course) - a 5-10 page mixture of an essay and a reference paper (in essence, it is a miniature version of your future thesis). Thus, it should have a clear topic, good presentation of the problem, proper argumentation and formal qualities (academic style, proper references etc). The requirements can be found in this guide.

The deadline for the papers is Friday, October 19 - this leaves the final seminar in the following week for possible clarifications.

WARNING - write your papers by yourself. Presenting a paper downloaded from somewhere is more serious an academic offense than one may think - flunking just the course is a luckier result, but people may also get booted from the school for proven plagiarism. This also applies for partial "borrowing" - rules dictate that all used material be properly referenced (see also here).

Seminar

Some points:

Assessment

The course uses simple pass/fail -assessment; 50% for the written paper (individual task), 50% for the lab/seminar (team task). Additionally, attending at least 3 seminars out of 4 is required - besides attending being useful (might learn something), it also helps avoiding the frustration if your thoroughly prepared seminar contribution will be appreciated by just a couple of others present.

Course calendar / Important dates

Literature

Some of the recommended literature (not a finite list!) is listed here.

Lecture notes

...will appear before any lecture here - as a firm believer in open source and open standards, the instructor also supports open educational resources.

Tagasi Kaku Akadeemia esilehele

Back to the Academy front page

1995-2018 Kaido Kikkas. Käesoleva dokumendi paljundamine, edasiandmine ja/või muutmine on sätestatud kas GNU Vaba Dokumentatsiooni Litsentsi versiooni 1.2 või uuemaga (Litsentsi ingliskeelne täistekst) või Creative Commonsi Autorile viitamine + Jagamine samadel tingimustel 3.0 Eesti litsentsi või uuemaga.

GNU FDL Creative Commons BY-SA 3.0 Estonia

1995-2018, by Kaido Kikkas. This document is distributed under either GNU Free Documentation License (v1.2 or newer) or Creative Commons Attribution-ShareAlike Estonia license v3.0 or newer.