The use of probabilistic relational models of complex "critical documents - information system - the user - the attacker" for the analysis of security of information systems users from social engineering attacks

The article describes a model user profiles and vulnerability, the attacker model and sotsiinzhenernyh attack model of information systems and software and hardware devices. Trends in the development of modern business often require confidentiality of corporate information leakage which may result in significant financial losses. Leakage of confidential information may be associated with problems of insecurity and the software and hardware components of the information system of the organization and with the users of the system. Leaks of confidential information from the users of information systems can be carried out for several reasons: because of social engineering attacks influences attacker when a user misled and the attacker receives the required confidential information, as well as due to insider attacks the users of information systems. Insider attack users of information systems can be implemented with the involvement of social engineering attacks influences, but in this case the source of social engineering attacks impact will be located within the organization.