Πλοήγηση ανά Συγγραφέας "Kapouranis, Dimitrios"
Τώρα δείχνει 1 - 1 of 1
Αποτελέσματα ανά σελίδα
Επιλογές ταξινόμησης
Τεκμήριο Analysis implementation and evaluation of cybersecurity process automation infrastructure(ΕΛΜΕΠΑ, Σχολή Μηχανικών (ΣΜΗΧ), Τμήμα Ηλεκτρολόγων Μηχανικών και Μηχανικών Υπολογιστών, 2025-10-07) Kapouranis, Dimitrios; Καπουράνης, Δημήτριος; Markakis, Evangelos; Μαρκάκης, ΕυάγγελοςThe rise of social engineering attacks continues to pose a significant threat to individuals and organizations. The past few years, research has focused not only on developing effective cybersecurity defense strategies and mitigation approaches but also on the assessment of an individual’s awareness of such attack scenarios. Several approaches have been used, ranging from traditional methods, such as questionnaires designed to assess cybersecurity risky behavior, susceptibility to persuasion, and so on, to more modern practices, such as simulated social engineering campaigns, which include Phishing Campaigns, among others. More often than not, Simulated Phishing Campaigns require human intervention, which can be time and cost consuming as well as prone to error. This thesis proposes the use of Robotic Process Automation (RPA) technology to automate Simulated Phishing Campaigns and, thus, enhance the efficiency and effectiveness of cybersecurity defense strategies. The proposed system includes a user interface and back-end logic that automates the process of sending phishing emails and enumerating interactions, with the goal to assess phishing awareness of a group of individuals that may be the personnel of an organization. Furthermore, the proposed system takes as an input the result of an initial persuasion susceptibility assessment and employs persuasion principles, commonly used as phishing techniques, with the aim to target specific aspects of the human personality and provide an enhanced assessment of one’s phishing susceptibility by considering both the initial persuasion susceptibility assessment and the actual susceptibility recorded through the campaign. To evaluate the system, a realistic use case scenario was employed to conduct an experiment in lab environment and evaluate phishing awareness of a group of individuals using the proposed solution. The results of this thesis demonstrate the potential offered by RPA technology in automating Simulated Phishing Campaigns and thus, enhancing phishing awareness assessment strategies.