Your search keyword '"phishing detection"' showing total 6 results

1. Lightweight URL-based phishing detection using natural language processing transformers for mobile devices.

Author

Haynes, Katherine, Shirazi, Hossein, and Ray, Indrakshi

Subjects

NATURAL language processing, DEEP learning, PHISHING, ARTIFICIAL neural networks, ONLINE dating mobile apps, ALGORITHMS

Abstract

Hackers are increasingly launching phishing attacks via SMS and social media. Games and dating apps introduce yet another attack vector. However, current deep learning-based phishing detection applications are not applicable to mobile devices due to the computational burden. We propose a lightweight phishing detection algorithm that distinguishes phishing from legitimate websites solely from URLs to be used in mobile devices. As a baseline performance, we apply Artificial Neural Networks (ANNs) to URL-based and HTML-based website features. A model search results in 15 ANN models with accuracies >96%, comparable to state-of-the-art approaches. Next, we test the performance of deep ANNs on URL-based features only; however, all models perform poorly with the highest accuracy of 86.2%, indicating that URL-based features alone are not adequate to detect phishing websites even with deep ANNs. Since language transformers learn to represent context-dependent text sequences, we hypothesize that they will be able to learn directly from the text in URLs to distinguish between legitimate and malicious websites. We apply two state-of-the-art deep transformers (BERT and ELECTRA) for phishing detection. Testing custom and standard vocabularies, we find that pre-trained transformers available for immediate use (with fine-tuning) outperform the model trained with the custom URL-based vocabulary. Using pre-trained transformers to predict phishing websites from only URLs has four advantages: 1) requires little training time (~8 minutes), 2) is more easily updatable than feature-based approaches because no pre-processing of URLs is required, 3) is safer to use because phishing websites can be predicted without physically visiting the malicious sites and 4) is easily deployable for real-time detection and is applicable to run on mobile devices. [ABSTRACT FROM AUTHOR]

Published

2021

2. PhishStack: Evaluation of Stacked Generalization in Phishing URLs Detection.

Author

Motiur Rahman, Sheikh Shah Mohammad, Islam, Takia, and Jabiullah, Md. Ismail

Subjects

PHISHING, GENERALIZATION, ERROR rates, MACHINE learning, INFORMATION technology security

Abstract

Stacked Generalization has been assessed and evaluated in the field of Phishing URLs detection. This field has become egregious area of information security. Recently, different phishing URLs detection systems have already proposed by several researchers. But due to the lack of proper machine learning algorithm selection, the performance of those systems can be affected. A details investigation on individual machine learning classifiers on level 1 and final prediction from level 2 along with three real datasets have been presented on this paper. The performance has been evaluated by precision-recall curve, AUC-ROC curve, accuracy, misclassification rate and mean absolute error (MAE). The best AUC area obtained from Random Forest and Multi Layer Perceptron (MLP) individually. But stacked generalization provides higher accuracy of 97.44% with numeric feature set in binary classification and in multiclass feature set (dataset three), provides the performance with 97.86% of accuracy. Stacked generalization provides minimum error rate and MAE of 2.142857% with multiclass feature set which leads to a strong basement of developing an anti-phishing tools. [ABSTRACT FROM AUTHOR]

Published

2020

3. A Multi-Agent Case-Based Reasoning Architecture for Phishing Detection.

Author

Abutair, Hassan Y.a. and Belghith, Abdelfettah

Subjects

CASE-based reasoning, MULTIAGENT systems, PHISHING, COMPUTER security, COMPUTER science

Abstract

Security threats are becoming very sophisticated and pervasive everywhere. Phishing threats in particular has a changeable nature and short life cycle that complicates the detection process. In this paper, we introduce a Multi-Agent System (MAS) as an adaptive intelligent technique that acts on top of distributed Case-Based Reasoning (CBR) Phishing Detection Systems (CBR-PDSs) as a Phishing Detection System Architecture (PDSA) that runs on large scale globally to constitute a robust worldwide Phishing Threat Intelligence (PTI) environment. The global collaborations of PTI introduces a proactive phishing detection technique, quarantines phishing threats via global threats sharing, and minimizes users’ susceptibilities to hard-to-detect spear or advanced phishing attacks. Also, combining two intelligent systems in a unified interactive architecture facilitates the prediction process, increases the accuracy rate, easily tackles the dynamic and changeable behaviors of advanced phishing threats, and minimizes the false negative rate as well. The proposed architecture illustrates the consolidated interaction between intelligent agents and distributed CBR-PDSs in a PTI framework. [ABSTRACT FROM AUTHOR]

Published

2017

4. Using Case-Based Reasoning for Phishing Detection.

Author

Abutair, Hassan Y.A. and Belghith, Abdelfettah

Subjects

PHISHING, CLASSIFICATION, CASE-based reasoning, ADAPTIVE control systems, BIG data, FEATURE extraction, MACHINE learning

Abstract

Abstract: Many classifications techniques have been used and devised to combat phishing threats, but none of them is able to efficiently identify web phishing attacks due to the continuous change and the short life cycle of phishing websites. In this paper, we introduce a Case-Based Reasoning (CBR) Phishing Detection System (CBR-PDS). It mainly depends on CBR methodology as a core part. The proposed system is highly adaptive and dynamic as it can easily adapt to detect new phishing attacks with a relatively small data set in contrast to other classifiers that need to be heavily trained in advance. We test our system using different scenarios on a balanced 572 phishing and legitimate URLs. Experiments show that the CBR-PDS system accuracy exceeds 95.62%, yet it significantly enhances the classification accuracy with a small set of features and limited data sets. [ABSTRACT FROM AUTHOR]

Published

2017

5. A Multi-Agent Case-Based Reasoning Architecture for Phishing Detection

Author

Hassan Y.A. Abutair and Abdelfettah Belghith

Subjects

Computer science, Process (engineering), 020206 networking & telecommunications, 02 engineering and technology, Phishing detection, Computer security, computer.software_genre, Phishing, ComputingMilieux_MANAGEMENTOFCOMPUTINGANDINFORMATIONSYSTEMS, 0202 electrical engineering, electronic engineering, information engineering, General Earth and Planetary Sciences, 020201 artificial intelligence & image processing, Case-based reasoning, Architecture, computer, General Environmental Science

Abstract

Security threats are becoming very sophisticated and pervasive everywhere. Phishing threats in particular has a changeable nature and short life cycle that complicates the detection process. In this paper, we introduce a Multi-Agent System (MAS) as an adaptive intelligent technique that acts on top of distributed Case-Based Reasoning (CBR) Phishing Detection Systems (CBR-PDSs) as a Phishing Detection System Architecture (PDSA) that runs on large scale globally to constitute a robust worldwide Phishing Threat Intelligence (PTI) environment. The global collaborations of PTI introduces a proactive phishing detection technique, quarantines phishing threats via global threats sharing, and minimizes users’ susceptibilities to hard-to-detect spear or advanced phishing attacks. Also, combining two intelligent systems in a unified interactive architecture facilitates the prediction process, increases the accuracy rate, easily tackles the dynamic and changeable behaviors of advanced phishing threats, and minimizes the false negative rate as well. The proposed architecture illustrates the consolidated interaction between intelligent agents and distributed CBR-PDSs in a PTI framework.

Published

2017

6. Using Case-Based Reasoning for Phishing Detection

Author

Abdelfettah Belghith and Hassan Y.A. Abutair

Subjects

Computer science, 020206 networking & telecommunications, 02 engineering and technology, Phishing detection, computer.software_genre, Short life, Phishing, Set (abstract data type), 0202 electrical engineering, electronic engineering, information engineering, General Earth and Planetary Sciences, 020201 artificial intelligence & image processing, Case-based reasoning, Data mining, computer, General Environmental Science

Abstract

Many classifications techniques have been used and devised to combat phishing threats, but none of them is able to efficiently identify web phishing attacks due to the continuous change and the short life cycle of phishing websites. In this paper, we introduce a Case-Based Reasoning (CBR) Phishing Detection System (CBR-PDS). It mainly depends on CBR methodology as a core part. The proposed system is highly adaptive and dynamic as it can easily adapt to detect new phishing attacks with a relatively small data set in contrast to other classifiers that need to be heavily trained in advance. We test our system using different scenarios on a balanced 572 phishing and legitimate URLs. Experiments show that the CBR-PDS system accuracy exceeds 95.62%, yet it significantly enhances the classification accuracy with a small set of features and limited data sets.

Published

2017