Viewpoint of Probabilistic Risk Assessment in Artificial Enabled Social Engineering Attacks

  • Nik Zulkarnaen Khidzir Global Entrepreneurship Research and Innovation Centre, Universiti Malaysia Kelantan, Kelantan, Malaysia
  • Shekh Abdullah-Al-Musa Ahmed Faculty of Creative Technology and Heritage, Universiti Malaysia Kelantan, Kelantan, Malaysia
Keywords: Risk assessment, Social engineering, Artificially-enabled, Malicious software, In-formation security, Vulnerability, Artificial enabled social engineering risk, Coun-termeasure


Risk assessment really a complex decision-making process in the domain of in-formation security areas. There are a lot of unclear model of software domain and the lack of associated uncertainty are two main reasons that directly affect individual decisions making regarding risk assessment. When artificial enabled social engineering attacks are effectively may happening in every levels of domain. On the other hand, the risk assessment conducted on the safety requirements on artificial enabled social engineering attacks. So the simple meaning of social engineering is to refers to the psychologically and mentality use people to give secret information in the context of information security. A strategy of self-confidence for information collection, fraud, or access to the system, is different from a traditional "con" that it is often one of the more complex fraudulent schemes. That is why in this paper  we proposed theoretical framework, which can not only demonstrate its potential for the risk assessment, but it can be sensitive and effective in analyzing a critical and uncertain operational environment that can address the extreme effects of information security.


Abawajy, J. (2014). User preference of cyber security awareness delivery methods. Behaviour & Information Technology, Volume 33 (Issue 3), 237-248.

Buang, M. F. M. E. A. & Daud, S.M. (2012). A web-based KM system for digital forensics - Knowledge sharing capability. Proceedings of 2012 International Conference on Multimedia Computing and Systems, ICMCS 2012, Pages 528-533.

Clay Posey, T. L. R. P. B. L. (2015). The Impact of Organizational Commitment on Insiders’ Motivation to Protect Organizational Information Assets. Journal of Management Information Systems, Volume 32(Issue 4), Pages 179-214.

Hinson, G. (2008). Social Engineering Techniques, Risks, and Controls. The EDP Audit, Control, and Security Newsletter, Volume 37(Issue 4-5), Pages 32-46.

Major, S. D. A. (2009). Social Engineering: Hacking the Wetware! Information Security Journal: A Global Perspective, Volume 18( 1), 40-46.

Pieters, W. (2011). The (Social) Construction of Information Security. The Information Society, Volume 27(Issue 5).

Vuorinen, P. T. J. (2013). Dissecting social engineering. Journal Behavior & Information Technology 32(10), Pages 1014-1023.

Workman, M. (2008). Wisecrackers: A theory‐grounded investigation of phishing and pretext social engineering threats to information security. Publication cover image Volume59, Issue4, 551-564.

Tham, M. T., Vagi, F., Morris, A. J., & Wood, R. K. (1991). On‐line multivariable adaptive control of a binary distillation column. Volume 69(Issue 4), 997-1009.
How to Cite
Khidzir, N. Z., & Ahmed, S. A.-A.-M. (2019). Viewpoint of Probabilistic Risk Assessment in Artificial Enabled Social Engineering Attacks. Journal of Contemporary Issues and Thought, 9, 12-17.