(December 2020) The course repository created on Github.
Texas Tech University, A joint effort between the 1) Computer Science Department, and 2) Department of Psychological Sciences
Designed and Taught by: 1) Dr. Akbar Namin (Computer Science Department), and 2) Dr. Keith S. Jones (Department of Psychological Sciences)
A course on "Digital Forensics" designed and offered as a cross-listed course at Texas Tech University 2020
This repository contains the instructional modules and course materials to teach Social Engineering. the materials are developed by:
- Dr. Akbar Namin, Associate Professor of Computer Science at Texas Tech University
- Dr. Keith S. Jones, Associate Professor of Psychological Sciences at Texas Tech University
The materials were prepared, developed, taught during 2020, and it is evolving. This course initiallay is developed as a cross-listed graduate-level university course. But it can also be used for undergraduate students. The lecture notes were prepared by the insturctors of the course, the lab and hands-on experiences were developed by the graduate assistants working on this research.
This introductory course on social engineering attacks provides students with basics concepts and advanced analysis of attack techniques, detection testing, defense policies, and mitigation strategies. The course will highlight the importance of understanding the Social Engineering Attack Life Cycle (SEALC) in order to be able to detect, prevent, and respond to these types of attacks. Students taking this course will be exposed to practical hands-on experiences to exercise social engineering attack techniques and defense principles with the goal of developing effective security and awareness policies and procedures to enhance organizations’ security postures. Aligned with Cybersecurity Curricula [1], the course will provide an overview of the psychological and behavioral factors related to social engineering attacks including adversarial thinking, emotional responses and their impact on decision-making, cognitive biases of risks and rewards, and trust building.
To this end, students will be able to assess the susceptibility level of individuals to social engineering attacks. The course will then overview different types of social engineering attacks targeting the exploitation of vulnerabilities in infrastructure through various forms of phishing and spear phishing attacks, physical/impersonation, vishing (phone phishing), email compromise, and baiting. The course will also explore the techniques often utilized by adversaries in misleading users including malicious advertisements, browsers and various forms of spoofing (e.g., misleading URLs), user interactions with webpages, and analyzing browser warnings. Along with detection and mitigation of social engineering attacks, the course will provide scenario-based and hands-on experiences using simulators to create various forms of social engineering attacks. Through the hands-on experiences integrated into this course, students will learn about automated simulation tools for launching social engineering attacks such as: Social Engineering Toolkit (SET), Infosec IQ, GoPhish, LUCY, Simple Phishing Toolkit (sptoolkit), Phishing Frenzy, King Phisher, SpeedPhish Framework (SPF), PhishMe (now Confense), SpearPhisher BETA and many other phishing risk assessment tools. The student also will learn techniques such as email filtering, blacklisting, security information and management tools (SIEM) and IDS/IPS.
The course will consists of three sections:
- Fundamental concepts of deception theory and psychological and behavioral factors related to social engineering attacks
- Automated simulation tools to launch social engineering attacks
- Automated linguistic approaches to analyze social engineering attacks and deception.
These four topics constitute the skeleton of social engineering techniques and practices.
The course is completely practical supported with hands-on experiences and formal lectures. Students taking this course will be able to:
- Demonstrate in-depth knowledge of social engineering basics
- Understand the basic techniques of conducting social engineering attacks
- TBD.
The tentative topics and tools to be covered include:
- TBD
- TBD
- [CSEC17 curricular guidelines] [1]:
- Demonstrate overall understanding of the types of social engineering attacks, psychology of social engineering attacks, and misleading users
- Demonstrate the ability to identify types of social engineering attacks
- Demonstrate the ability to implement approaches for detection and mitigation of social engineering attacks
- [NICE Framework, Skill Number S0052 [2] [3]:
- Demonstrate the ability in using social engineering techniques including phishing, baiting, tailgating, piggybacking, hovering, pretexting, quid pro quo, etc.
- Identify and describe persuasion principles in social engineering attacks.
- Demonstrate overall understanding of conducting different types of social engineering attacks including phishing, texting, vishing, and shoulder surfing.
- Demonstrate the ability to use phishing simulator tools and automatically generating social engineering attacks with malicious payloads
- Demonstrate the ability to assess the vulnerability of an organization to phishing attacks through phishing security test (PST)
- Demonstrate the ability to analyze social engineering attacks through linguistic analysis techniques.
- Demonstrate overall understanding of deception theory
The following are the expected learning outcomes of the course:
- Masters of Science Degree:
- Communicate effectively orally and in writing (LO 1)
- Engage in life-long learning and self-critique (LO 2)
- Function independently on self-directed projects or research where appropriate (LO 4)
- Doctor of Philosophy Degree:
- Graduates are expected to communicate effectively orally and in writing (LO 1)
- Engage in life-long learning and self-critique (LO 2).
- Function in a multi-disciplinary, and culturally diverse environment with cross-functional teams (LO 3)
[1] Cybersecurity Curricula 2017, Curriculum Guidelines for Post-Secondary Degree Programs in Cybersecurity, 2017,
[2] National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework, NIST Special Publication 800-181,
[3] Social Engineering,
There are four sections, each would require a separate textbook. Here is the list of books used for each section:
- TBD
- Book: TBD
- Author: TBD
- Published Year: TBD
- Publisher: TBD
- TBD.
- TBD.
TBD
To stimulate learning, four team and competition-based projects are defined. The four projects will allow students and each team practice the necessary skillsets for each section (i.e., reverse engineering, etc.). For each project, each team plays the role of both blue and red teams and thus is responsible to build an artifact with some secret item that will be discovered by the other team.
For instance, in disk forensics, each team will create a disk dump file with some hidden secret recipes hiden in different sectors, and the other team's job is to discover the secret recipes.
Students will be graded based on assignments, exams, and the project (tentative).
- Assignments (four individual assignments): 40%
- Projects (four team-based projects): 40%
- Take Home Exams: 20%
In preperation of this course including lecture notes, lab assignments, case studies, and hands-on experiences many graduate students involved. In particular, these graduate students contributed to the development of the course through donating their created artifacts:
- Pranisha Khadka (SET Tutorial)
- Kritika Giree (SET Tutorial)
- Bhuwan Ratala Joshi (SET Tutorial)
- Denish Otieno (SE Education - Online Materials)
- Saroj Gopali (SE Tools)
- The National Science Foundation (NSF) to support and sponsor the project (NSF Grant Number: 1723765)