Cyber attacks are increasingly emerging as problems. They are caused not only by technological aspects but also by human factors that are often overlooked during the design of interactive systems. Reports by cybersecurity giants such as IBM and Verizon have shown that up to 95% of security incidents result from human error. This phenomenon is dramatically amplified in contexts such as public administrations, which often lack the financial and human resources to defend themselves against cyber attacks. To address this issue, this paper presents a web platform called DAMOCLES that aims to support the digital defense of Italian public administrations through human factor assessments related to cyber incidents and the mitigation of emerging vulnerabilities. In particular, this paper illustrates the EUD techniques used in DAMOCLES to facilitate the creation of ethical phishing campaigns, which serve as a tool within the platform to assess the vulnerabilities of organization’s employees.
Leveraging EUD and Generative AI for Ethical Phishing Campaigns / Breve, Bernardo; Buono, Paolo; Caruccio, Loredana; Maria Cau, Federico; Cimino, Gaetano; Desolda, Giuseppe; Deufemia, Vincenzo; Lanzilotti, Rosa; Davide Spano, Lucio; Tucci, Cesare. - 15713 LNCS:(2025), pp. 264-282. ( 10th International Symposium on End-User Development, IS-EUD 2025 deu 2025) [10.1007/978-3-031-95452-8_16].
Leveraging EUD and Generative AI for Ethical Phishing Campaigns
Bernardo Breve;
2025
Abstract
Cyber attacks are increasingly emerging as problems. They are caused not only by technological aspects but also by human factors that are often overlooked during the design of interactive systems. Reports by cybersecurity giants such as IBM and Verizon have shown that up to 95% of security incidents result from human error. This phenomenon is dramatically amplified in contexts such as public administrations, which often lack the financial and human resources to defend themselves against cyber attacks. To address this issue, this paper presents a web platform called DAMOCLES that aims to support the digital defense of Italian public administrations through human factor assessments related to cyber incidents and the mitigation of emerging vulnerabilities. In particular, this paper illustrates the EUD techniques used in DAMOCLES to facilitate the creation of ethical phishing campaigns, which serve as a tool within the platform to assess the vulnerabilities of organization’s employees.| File | Dimensione | Formato | |
|---|---|---|---|
|
978-3-031-95452-8_16.pdf
accesso aperto
Licenza:
Creative commons
Dimensione
2.88 MB
Formato
Adobe PDF
|
2.88 MB | Adobe PDF | Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
