Building accurate HAV exploiting User Profiling and Sentiment Analysis

TL;DR

This paper presents an automated tool that uses user profiling and sentiment analysis of social media data to identify potential vulnerabilities to social engineering attacks, enhancing awareness and risk mitigation.

Contribution

It introduces a novel automated system that extracts, categorizes, and summarizes user interests from social networks to assess susceptibility to social engineering.

Findings

Effective identification of user interests and weaknesses

Provides actionable reports for risk awareness

Potential to reduce social engineering risks

Abstract

Social Engineering (SE) is one of the most dangerous aspect an attacker can use against a given entity (private citizen, industry, government, ...). In order to perform SE attacks, it is necessary to collect as much information as possible about the target (or victim(s)). The aim of this paper is to report the details of an activity which took to the development of an automatic tool that extracts, categorizes and summarizes the target interests, thus possible weaknesses with respect to specific topics. Data is collected from the user's activity on social networks, parsed and analyzed using text mining techniques. The main contribution of the proposed tool consists in delivering some reports that allow the citizen, institutions as well as private bodies the screening of their exposure to SE attacks, with a strong awareness potential that will be reflected in a decrease of the risks and a good opportunity to save money.