Your search keyword '"phishing detection"' showing total 572 results

1. BustedURL: Collaborative Multi-agent System for Real-Time Malicious URL Detection

Author

Sundarraj, Jayaprakash Nariyambut, Zhang, Yan, Itharaju, Santosh Kapil Dev, Saleh, Ahmed, Ahmed, Saad, Azam, Sami, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Chen, Tong, editor, Cao, Yang, editor, Nguyen, Quoc Viet Hung, editor, and Nguyen, Thanh Tam, editor

Published

2025

2. Unmasking Phishing Attempts: A Study on Detection in Spanish Emails

Author

Herrera-Semenets, Vitali, Bustio-Martínez, Lázaro, Pérez-Guadarramas, Yamel, Ángel González-Ordiano, Jorge, van den Berg, Jan, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Hernández-García, Ruber, editor, Barrientos, Ricardo J., editor, and Velastin, Sergio A., editor

Published

2025

3. Real-time phishing URL detection framework using knowledge distilled ELECTRA.

Author

Jishnu, K. S. and Arthi, B.

Abstract

The rise of cyber threats, particularly URL-based phishing attacks, has tarnished the digital age despite its unparalleled access to information. These attacks often deceive users into disclosing confidential information by redirecting them to fraudulent websites. Existing browser-based methods, predominantly relying on blacklist approaches, have failed to effectively detect phishing attacks. To counteract this issue, we propose a novel system that integrates a deep learning model with a user-centric Chrome browser extension to detect and alert users about potential phishing URLs instantly. Our approach introduces a Knowledge Distilled ELECTRA model for URL detection and achieves remarkable performance metrics of 99.74% accuracy and a 99.43% F1-score on a diverse dataset of 450,176 URLs. Coupled with the browser extension, our system provides real-time feedback, empowering users to make informed decisions about the websites they visit. Additionally, we incorporate a user feedback loop for continuous model enhancement. This work sets a precedent by offering a seamless, robust, and efficient solution to mitigate phishing threats for internet users. [ABSTRACT FROM AUTHOR]

Published

2024

4. A Survey on the Applications of Semi-supervised Learning to Cyber-security.

Author

Mvula, Paul Kiyambu, Branco, Paula, Jourdan, Guy-Vincent, and Viktor, Herna Lydia

Subjects

*ARTIFICIAL intelligence, *ARTIFICIAL neural networks, *REINFORCEMENT learning, *DISTRIBUTED artificial intelligence, *COMPUTER science conferences, *INTRUSION detection systems (Computer security)

Published

2024

5. A Systematic Review of Deep Learning Techniques for Phishing Email Detection.

Author

Kyaw, Phyo Htet, Gutierrez, Jairo, and Ghobakhlou, Akbar

Subjects

MACHINE learning, PHISHING, RESEARCH personnel, CYBERCRIMINALS, TAXONOMY

Abstract

The landscape of phishing email threats is continually evolving nowadays, making it challenging to combat effectively with traditional methods even with carrier-grade spam filters. Traditional detection mechanisms such as blacklisting, whitelisting, signature-based, and rule-based techniques could not effectively prevent phishing, spear-phishing, and zero-day attacks, as cybercriminals are using sophisticated techniques and trusted email service providers. Consequently, many researchers have recently concentrated on leveraging machine learning (ML) and deep learning (DL) approaches to enhance phishing email detection capabilities with better accuracy. To gain insights into the development of deep learning algorithms in the current research on phishing prevention, this study conducts a systematic literature review (SLR) following the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines. By synthesizing the 33 selected papers using the SLR approach, this study presents a taxonomy of DL-based phishing detection methods, analyzing their effectiveness, limitations, and future research directions to address current challenges. The study reveals that the adaptability of detection models to new behaviors of phishing emails is the major improvement area. This study aims to add details about deep learning used for security to the body of knowledge, and it discusses future research in phishing detection systems. [ABSTRACT FROM AUTHOR]

Published

2024

6. Leveraging NLP and Deep Learning for Phishing Detection and Anti-Phishing Training in Nigeria: A Focus on Localized Tactics and Cultural Factors.

Author

Amaechi, Chinedum Emmanuel and Okeke, Ogochukwu C.

Subjects

DEEP learning, INTERNET security, PHISHING, ARTIFICIAL intelligence

Abstract

Phishing attacks pose a significant cybersecurity threat globally, with developing nations like Nigeria facing unique challenges due to localized tactics and cultural factors. This paper presents a novel approach to phishing mitigation in Nigeria, leveraging Natural Language Processing (NLP) and Deep Learning techniques to enhance both automated detection and user training. We analyze a corpus of Nigeria-specific phishing attempts, identifying linguistic patterns and cultural references commonly exploited by attackers. Using this data, we train a deep learning model capable of detecting localized phishing content with high accuracy. Building on this technical foundation, we design a dynamic anti-phishing training program that adapts to individual user behavior and local phishing trends. A Hybrid Deep learning models-recurrent neural networks (RNNs) and transformer-based models (BERT), was trained on large datasets of phishing and legitimate samples to learn discriminate features and classify new instances. Our results demonstrate significant improvements in both automated phishing detection rates and user resilience to social engineering tactics. The model achieved high precision (0.89), recall (0.94), and F1-scores (0.92, 1.00). This research contributes to the field by showcasing the potential of combining advanced AI techniques with culturally informed strategies to create more effective, localized cybersecurity solutions. [ABSTRACT FROM AUTHOR]

Published

2024

7. Phishing detection using grey wolf and particle swarm optimizer.

Author

Hamdan, Adel, Tahboush, Muhannad, Adawy, Mohammad, Alwada'n, Tariq, Ghwanmeh, Sameh, and Husni, Moath

Subjects

GREY Wolf Optimizer algorithm, PARTICLE swarm optimization, METAHEURISTIC algorithms, FEATURE selection, PHISHING

Abstract

Phishing could be considered a worldwide problem; undoubtedly, the number of illegal websites has increased quickly. Besides that, phishing is a security attack that has several purposes, such as personal information, credit card numbers, and other information. Phishing websites look like legitimate ones, which makes it difficult to differentiate between them. There are several techniques and methods for phishing detection. The authors present two machine-learning algorithms for phishing detection. Besides that, the algorithms employed are XGBoost and random forest. Also, this study uses particle swarm optimization (PSO) and grey wolf optimizer (GWO), which are considered metaheuristic algorithms. This research used the Mendeley dataset. Precision, recall, and accuracy are used as the evaluation criteria. Experiments are done with all features (111) and with features selected by PSO and GWO. Finally, experiments are done with the most common features selected by both PSO and GWO (PSO n GWO). The result demonstrates that system performance is highly acceptable, with an F-measure of 91.4%. [ABSTRACT FROM AUTHOR]

Published

2024

8. Real-time phishing URL detection framework using knowledge distilled ELECTRA

Author

K. S. Jishnu and B. Arthi

Subjects

Distilled ELECTRA, phishing detection, URL classification, chrome extensions, real-time security, Control engineering systems. Automatic machinery (General), TJ212-225, Automation, T59.5

Abstract

The rise of cyber threats, particularly URL-based phishing attacks, has tarnished the digital age despite its unparalleled access to information. These attacks often deceive users into disclosing confidential information by redirecting them to fraudulent websites. Existing browser-based methods, predominantly relying on blacklist approaches, have failed to effectively detect phishing attacks. To counteract this issue, we propose a novel system that integrates a deep learning model with a user-centric Chrome browser extension to detect and alert users about potential phishing URLs instantly. Our approach introduces a Knowledge Distilled ELECTRA model for URL detection and achieves remarkable performance metrics of 99.74% accuracy and a 99.43% F1-score on a diverse dataset of 450,176 URLs. Coupled with the browser extension, our system provides real-time feedback, empowering users to make informed decisions about the websites they visit. Additionally, we incorporate a user feedback loop for continuous model enhancement. This work sets a precedent by offering a seamless, robust, and efficient solution to mitigate phishing threats for internet users.

Published

2024

9. Enhancing phishing email detection with stylometric features and classifier stacking.

Author

Chanis, Ilias and Arampatzis, Avi

Abstract

Phishing is the most common and potentially dangerous cyber attack that organizations are forced to deal with on a constant basis, rendering its automated detection as early as possible a necessity to ensure the security of computer systems. Focusing on the email level, this work improves content-based phishing email detection by integrating stylometric features with the commonly-used vectorization techniques, as well as by utilizing classifier stacking. Leveraging a diverse set of stylometric features, we systematically explore different methods of combining them with vectorized text as well as multiple stacking configurations for the machine learning algorithms. Our findings demonstrate that the proposed methods consistently outperform vectorization-only baselines on an imbalanced dataset, with a smaller improvement to a balanced one. Specifically, we achieved an F 1 measure of 0.9843 on the balanced set and 0.9656 on the imbalanced one by stacking multiple different classifiers that were trained on the content and stylometric features separately, improving baselines by more than 2.2% for the imbalanced dataset. As such, our work contributes to the ongoing efforts in cybersecurity by further enhancing the performance of state-of-the-art phishing email detection systems. [ABSTRACT FROM AUTHOR]

Published

2025

10. Ethereum phishing detection based on graph neural networks

Author

Ao Xiong, Yuanzheng Tong, Chengling Jiang, Shaoyong Guo, Sujie Shao, Jing Huang, Wei Wang, and Baozhen Qi

Subjects

anomaly detection, blockchain, cryptocurrency, Ethereum, GNN, phishing detection, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract With the development of blockchain, cryptocurrencies are also showing a boom. However, due to the decentralized and anonymous nature of blockchain, cryptocurrencies have inevitably become a hotbed for fraudulent crimes. For example, phishing scams are frequent, which not only jeopardize the financial security of blockchain, but also hinder the promotion of blockchain technology. To solve this problem, this paper proposes a graph neural network‐based phishing detection method for Ethereum, and validates it using Ethereum datasets. Specifically, this paper proposes a feature learning algorithm named TransWalk, which consists of a random walk strategy for transaction networks and a multi‐scale feature extraction method for Ethereum. Then, an Ethereum phishing fraud detection framework is built based on TransWalk, and conduct extensive experiments on the Ethereum dataset to verify the effectiveness of this scheme in identifying Ethereum phishing detection.

Published

2024

11. Phishing detection algorithm based on attention and feature fusion

Author

Sirui ZHANG, Zhiwei YAN, Kejun DONG, Xuebiao YUCHI

Subjects

phishing detection, hierarchical feature fusion, attention mechanism, Electronic computers. Computer science, QA75.5-76.95

Abstract

Phishing has been the primary means utilized by attackers to conduct cyber fraud. As national anti-cyber fraud efforts continue to increase, the technical confrontation of various phishing activities has also escalated, bringing significant pressure to phishing detection work. For instance, current phishing attacks often employ images in place of text and apply small-scale shifts or rotations to high-weight website logo images to evade traditional detection algorithms that rely on text or image features. To address the problem of escalating adversarial phishing technologies, a phishing detection algorithm based on the attention mechanism and feature fusion was proposed, and a hierarchical classification model was established. This model included two stages of fusion involving domain names, web structure, web text, and web icons, capable of effectively countering various technical adversarial strategies employed by attackers. In the first stage, the algorithm leveraged the lightweight characteristics of the machine learning model to pre-recall a subset of suspicious domain names from a multitude of domain names. This was achieved by fusing the structural features of domain names, text, and web pages. In the second stage, based on the candidate subset, the attention mechanism was introduced to enhance the extraction of global text association features between the samples and the counterfeited objects. Additionally, the contrast features between the samples and the icons of the counterfeited objects were intensified, and a deep classification model fusing text and image features was established. The effectiveness of the algorithm was ultimately verified. This hierarchical detection method effectively avoids the extraction of image data from a large number of domain names to be detected, significantly improving detection efficiency while ensuring the accuracy of detection.

Published

2024

12. Optimized Phishing Detection with Recurrent Neural Network and Whale Optimizer Algorithm.

Author

Gupta, Brij Bhooshan, Gaurav, Akshat, Attar, Razaz Waheeb, Arya, Varsha, Alhomoud, Ahmed, and Chui, Kwok Tai

Subjects

MACHINE learning, METAHEURISTIC algorithms, UNIFORM Resource Locators, PHISHING, ELECTRONIC data processing

Abstract

Phishing attacks present a persistent and evolving threat in the cybersecurity land-scape, necessitating the development of more sophisticated detection methods. Traditional machine learning approaches to phishing detection have relied heavily on feature engineering and have often fallen short in adapting to the dynamically changing patterns of phishing Uniform Resource Locator (URLs). Addressing these challenge, we introduce a framework that integrates the sequential data processing strengths of a Recurrent Neural Network (RNN) with the hyperparameter optimization prowess of the Whale Optimization Algorithm (WOA). Our model capitalizes on an extensive Kaggle dataset, featuring over 11,000 URLs, each delineated by 30 attributes. The WOA's hyperparameter optimization enhances the RNN's performance, evidenced by a meticulous validation process. The results, encapsulated in precision, recall, and F1-score metrics, surpass baseline models, achieving an overall accuracy of 92%. This study not only demonstrates the RNN's proficiency in learning complex patterns but also underscores the WOA's effectiveness in refining machine learning models for the critical task of phishing detection. [ABSTRACT FROM AUTHOR]

Published

2024

13. 基于注意力机制与特征融合的网络钓鱼检测算法.

Author

张思睿, 延志伟, 董科军, and 尉迟学彪

Abstract

Copyright of Chinese Journal of Network & Information Security is the property of Beijing Xintong Media Co., Ltd. and its content may not be copied or emailed to multiple sites or posted to a listserv without the copyright holder's express written permission. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)

Published

2024

14. Enhanced Feature Selection Using Genetic Algorithm for Machine-Learning-Based Phishing URL Detection.

Author

Kocyigit, Emre, Korkmaz, Mehmet, Sahingoz, Ozgur Koray, and Diri, Banu

Subjects

COMPUTER security, MACHINE learning, FEATURE selection, GENETIC algorithms, PHISHING, UNIFORM Resource Locators

Abstract

In recent years, the importance of computer security has increased due to the rapid advancement of digital technology, widespread Internet use, and increased sophistication of cyberattacks. Machine learning has gained great interest in securing data systems because it offers the capability of automatically detecting and responding to security threats in real time, which is crucial for maintaining the security of computer systems and protecting data from malicious attacks. This study concentrates on phishing attack detection systems, a prevalent cyber-threat. These systems assess the features of the incoming requests to identify whether they are malicious or not. Although the number of features is increasing in these systems, feature selection has become an essential pre-processing phase that identifies the most important features of a set of available features to prevent overfitting problems, improve model performance, reduce computational cost, and decrease training and execution time. Leveraging genetic algorithms, known for simulating natural selection to identify optimal solutions, we propose a novel feature selection method, based on genetic algorithms and locally optimized, that is applied to a URL-based phishing detection system with machine learning models. Our research demonstrates that the proposed technique offers a promising strategy for improving the performance of machine learning models. [ABSTRACT FROM AUTHOR]

Published

2024

15. How effective are large language models in detecting phishing emails?

Author

Jing Hua, Ping Wang, and Lutchkus, Peyton

Subjects

LANGUAGE models, CHATGPT, ARTIFICIAL intelligence, PHISHING, INTERNET security

Abstract

Phishing emails exploit human vulnerabilities to illicitly obtain sensitive information, representing a critical research focus in cybersecurity. This study explores the effectiveness of artificial intelligence (AI), specifically Large Language Models (LLMs), in detecting phishing emails. Evaluating LLM-based models, including ChatGPT-4 and Gemini, the study directly tests them on a mixed dataset of sanitized phishing emails and non-phishing emails using a defined set of phishing indicators and measures. The findings contribute to understanding the practical application of AI in detecting phishing attempts, advancing discourse on AI's role in cybersecurity. [ABSTRACT FROM AUTHOR]

Published

2024

16. Advancing Phishing Attack Detection with a Novel Dataset and Deep Learning Solution

Author

Le, Quoc-Khanh, Nguyen, Quoc-An, Nguyen, Dat-Thinh, Nguyen, Xuan-Ha, Le, Kim-Hung, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Nguyen, Ngoc Thanh, editor, Huynh, Cong-Phap, editor, Nguyen, Thanh Thuy, editor, Le-Khac, Nhien-An, editor, and Nguyen, Quang-Vu, editor

Published

2024

17. Phishing E-mail Detection Using Machine Learning

Author

Prajapati, Priteshkumar, Bhadania, Yash, Joshi, Abhishek, Jani, Yash, Nandani, Heli, Ajwalia, Madhav, Shah, Parth, Howlett, Robert J., Series Editor, Jain, Lakhmi C., Series Editor, Somani, Arun K., editor, Mundra, Ankit, editor, Gupta, Rohit Kumar, editor, Bhattacharya, Subhajit, editor, and Mazumdar, Arka Prokash, editor

Published

2024

18. Detecting Phishing URLs Using Machine Learning: A Review

Author

Kapse, Kritika, Chawla, Meenu, Tiwari, Namita, Goenka, Richa, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Pastor-Escuredo, David, editor, Brigui, Imene, editor, Kesswani, Nishtha, editor, Bordoloi, Sushanta, editor, and Ray, Ashok Kumar, editor

Published

2024

19. Exploring Multi-attribute Selection Strategies for Effective Phishing Detection with Machine Learning

Author

Arundhati, Priya, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, Verma, Anshul, editor, Verma, Pradeepika, editor, Pattanaik, Kiran Kumar, editor, Dhurandher, Sanjay Kumar, editor, and Woungang, Isaac, editor

Published

2024

20. KGhish: A Phishing Website Detection Method Based on Knowledge Graph

Author

Liu, Changlin, Wang, Shanshan, Chen, Zhenxiang, Huang, Limei, Li, Yan, Li, Hanwen, Goos, Gerhard, Series Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Huang, De-Shuang, editor, Chen, Wei, editor, and Zhang, Qinhu, editor

Published

2024

21. Detection of Phishing Websites from URLs Using Hybrid Ensemble-Based Machine Learning Technique

Author

Agagu, Modupe, Ogunbiyi, Ibrahin Abayomi, Lasisi, Ayodele, Omorogiuwa, Osaremwinda, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Ghazali, Rozaida, editor, Nawi, Nazri Mohd, editor, Deris, Mustafa Mat, editor, Abawajy, Jemal H., editor, and Arbaiy, Nureize, editor

Published

2024

22. Machine Learning-Based Phishing Website Detection: A Comparative Analysis and Web Application Development

Author

Yau, Jia Xin, Chia, Kai Lin, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Ghazali, Rozaida, editor, Nawi, Nazri Mohd, editor, Deris, Mustafa Mat, editor, Abawajy, Jemal H., editor, and Arbaiy, Nureize, editor

Published

2024

23. Detecting URL Phishing Using BERT and DistilBERT Classifiers

Author

Kumar, Joney, Kacprzyk, Janusz, Series Editor, Gomide, Fernando, Advisory Editor, Kaynak, Okyay, Advisory Editor, Liu, Derong, Advisory Editor, Pedrycz, Witold, Advisory Editor, Polycarpou, Marios M., Advisory Editor, Rudas, Imre J., Advisory Editor, Wang, Jun, Advisory Editor, Pant, Millie, editor, Deep, Kusum, editor, and Nagar, Atulya, editor

Published

2024

24. Reinforcement Learning Model for Detecting Phishing Websites

Author

Kamal, Hasan, Gautam, Siddhi, Mehrotra, Deepti, Sharif, Mhd Saeed, Masys, Anthony J., Editor-in-Chief, Bichler, Gisela, Advisory Editor, Bourlai, Thirimachos, Advisory Editor, Johnson, Chris, Advisory Editor, Karampelas, Panagiotis, Advisory Editor, Leuprecht, Christian, Advisory Editor, Morse, Edward C., Advisory Editor, Skillicorn, David, Advisory Editor, Yamagata, Yoshiki, Advisory Editor, Jahankhani, Hamid, editor, Bowen, Gordon, editor, Sharif, Mhd Saeed, editor, and Hussien, Osama, editor

Published

2024

25. Detection of Phishing Page Using Machine Learning and Response HTML

Author

Janani, S. R., Ashwin, Russel, Kumar, Sanjay, Dinesh, Shyam, Siddharth, Yashwanth, Angrisani, Leopoldo, Series Editor, Arteaga, Marco, Series Editor, Chakraborty, Samarjit, Series Editor, Chen, Jiming, Series Editor, Chen, Shanben, Series Editor, Chen, Tan Kay, Series Editor, Dillmann, Rüdiger, Series Editor, Duan, Haibin, Series Editor, Ferrari, Gianluigi, Series Editor, Ferre, Manuel, Series Editor, Jabbari, Faryar, Series Editor, Jia, Limin, Series Editor, Kacprzyk, Janusz, Series Editor, Khamis, Alaa, Series Editor, Kroeger, Torsten, Series Editor, Li, Yong, Series Editor, Liang, Qilian, Series Editor, Martín, Ferran, Series Editor, Ming, Tan Cher, Series Editor, Minker, Wolfgang, Series Editor, Misra, Pradeep, Series Editor, Mukhopadhyay, Subhas, Series Editor, Ning, Cun-Zheng, Series Editor, Nishida, Toyoaki, Series Editor, Oneto, Luca, Series Editor, Panigrahi, Bijaya Ketan, Series Editor, Pascucci, Federica, Series Editor, Qin, Yong, Series Editor, Seng, Gan Woon, Series Editor, Speidel, Joachim, Series Editor, Veiga, Germano, Series Editor, Wu, Haitao, Series Editor, Zamboni, Walter, Series Editor, Zhang, Junjie James, Series Editor, Tan, Kay Chen, Series Editor, Kumar, Amit, editor, and Mozar, Stefan, editor

Published

2024

26. Towards Automatic Principles of Persuasion Detection Using Machine Learning Approach

Author

Bustio-Martínez, Lázaro, Herrera-Semenets, Vitali, García-Mendoza, Juan-Luis, González-Ordiano, Jorge Ángel, Zúñiga-Morales, Luis, Sánchez Rivero, Rubén, Quiróz-Ibarra, José Emilio, Santander-Molina, Pedro Antonio, van den Berg, Jan, Buscaldi, Davide, Goos, Gerhard, Founding Editor, Hartmanis, Juris, Founding Editor, Bertino, Elisa, Editorial Board Member, Gao, Wen, Editorial Board Member, Steffen, Bernhard, Editorial Board Member, Yung, Moti, Editorial Board Member, Hernández Heredia, Yanio, editor, Milián Núñez, Vladimir, editor, and Ruiz Shulcloper, José, editor

Published

2024

27. Securing the Web

Author

Ruchi Sharma, Bhag Dei Thakur, Neelam Kaushik, and Purnima Chauhan

Subjects

forensic science, cybersecurity, look-alike domains, open-source intelligence, domain analysis, phishing detection, malware prevention, Criminal law and procedure, K5000-5582, Cybernetics, Q300-390

Abstract

In an era characterized by the ubiquity of the internet, the proliferation of online services, and the increasing frequency of cyber threats, the detection of look-alike domains has become a critical component of cybersecurity. The current paper presents an approach for the detection of look-alike domains, leveraging the power of open-source intelligence (OSINT) tools. It included gathering and analyzing a wide range of publicly available data sources, including permutations, WHOIS records, IP information, website content, Geo IP, similarity percentage, name server, and mail server records, and building a comprehensive profile of domains under investigation. Through the application of online search engines, patterns and features that distinguish legitimate domains from their deceptive counterparts were established. The analysis demonstrated that OSINT tools provided significant information about the sample domains and successfully detected 1598 registered look-alike domains among 10 sample domains using dnstwist, while OpenSquat identified 103 squatting domains, 960 active phishing websites, and 53 domains with suspicious certificates across five sample websites. The research contributes to the enhancement of cybersecurity practices by providing a cost-effective and scalable solution for identifying look-alike domains, which can serve as precursors to various online threats, including phishing attacks, malware distribution, and fraud.

Published

2024

28. Phishing behavior detection on different blockchains via adversarial domain adaptation

Author

Chuyi Yan, Xueying Han, Yan Zhu, Dan Du, Zhigang Lu, and Yuling Liu

Subjects

Blockchain, Phishing detection, Adversarial domain adaptation, Graph/network transfer learning, Hierarchical graph attention, Network security, Computer engineering. Computer hardware, TK7885-7895, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract Despite the growing attention on blockchain, phishing activities have surged, particularly on newly established chains. Acknowledging the challenge of limited intelligence in the early stages of new chains, we propose ADA-Spear-an automatic phishing detection model utilizing adversarial domain adaptive learning which symbolizes the method’s ability to penetrate various heterogeneous blockchains for phishing detection. The model effectively identifies phishing behavior in new chains with limited reliable labels, addressing challenges such as significant distribution drift, low attribute overlap, and limited inter-chain connections. Our approach includes a subgraph construction strategy to align heterogeneous chains, a layered deep learning encoder capturing both temporal and spatial information, and integrated adversarial domain adaptive learning in end-to-end model training. Validation in Ethereum, Bitcoin, and EOSIO environments demonstrates ADA-Spear’s effectiveness, achieving an average F1 score of 77.41 on new chains after knowledge transfer, surpassing existing detection methods.

Published

2024

29. Phishing behavior detection on different blockchains via adversarial domain adaptation.

Author

Yan, Chuyi, Han, Xueying, Zhu, Yan, Du, Dan, Lu, Zhigang, and Liu, Yuling

Subjects

PHISHING, BLOCKCHAINS, DEEP learning, KNOWLEDGE transfer, BITCOIN

Abstract

Despite the growing attention on blockchain, phishing activities have surged, particularly on newly established chains. Acknowledging the challenge of limited intelligence in the early stages of new chains, we propose ADA-Spear-an automatic phishing detection model utilizing adversarial domain adaptive learning which symbolizes the method's ability to penetrate various heterogeneous blockchains for phishing detection. The model effectively identifies phishing behavior in new chains with limited reliable labels, addressing challenges such as significant distribution drift, low attribute overlap, and limited inter-chain connections. Our approach includes a subgraph construction strategy to align heterogeneous chains, a layered deep learning encoder capturing both temporal and spatial information, and integrated adversarial domain adaptive learning in end-to-end model training. Validation in Ethereum, Bitcoin, and EOSIO environments demonstrates ADA-Spear's effectiveness, achieving an average F1 score of 77.41 on new chains after knowledge transfer, surpassing existing detection methods. [ABSTRACT FROM AUTHOR]

Published

2024

30. Comparative evaluation of machine learning algorithms for phishing site detection.

Author

Almujahid, Noura Fahad, Haq, Mohd Anul, and Alshehri, Mohammed

Subjects

CONVOLUTIONAL neural networks, PHISHING, INTERNET use in business, PHISHING prevention, IDENTITY theft, DEEP learning, MACHINE learning

Abstract

The advent of Internet technologies has resulted in the proliferation of electronic trading and the use of the Internet for electronic transactions, leading to a rise in unauthorized access to sensitive user information and the depletion of resources for enterprises. As a consequence, there has been a marked increase in phishing, which is now considered one of the most common types of online theft. Phishing attacks are typically directed towards obtaining confidential information, such as login credentials for online banking platforms and sensitive systems. The primary objective of such attacks is to acquire specific personal information to either use for financial gain or commit identity theft. Recent studies have been conducted to combat phishing attacks by examining domain characteristics such as website addresses, content on websites, and combinations of both approaches for the website and its source code. However, businesses require more effective anti-phishing technologies to identify phishing URLs and safeguard their users. The present research aims to evaluate the effectiveness of eight machine learning (ML) and deep learning (DL) algorithms, including support vector machine (SVM), k-nearest neighbors (KNN), random forest (RF), Decision Tree (DT), Extreme Gradient Boosting (XGBoost), logistic regression (LR), convolutional neural network (CNN), and DL model and assess their performances in identifying phishing. This study utilizes two real datasets, Mendeley and UCI, employing performance metrics such as accuracy, precision, recall, false positive rate (FPR), and F-1 score. Notably, CNN exhibits superior accuracy, emphasizing its efficacy. Contributions include using purpose-specific datasets, meticulous feature engineering, introducing SMOTE for class imbalance, incorporating the novel CNN model, and rigorous hyperparameter tuning. The study demonstrates consistent model performance across both datasets, highlighting stability and reliability. [ABSTRACT FROM AUTHOR]

Published

2024

31. Next-Generation Spam Filtering: Comparative Fine-Tuning of LLMs, NLPs, and CNN Models for Email Spam Classification.

Author

Roumeliotis, Konstantinos I., Tselikas, Nikolaos D., and Nasiopoulos, Dimitrios K.

Subjects

SPAM email, LANGUAGE models, NATURAL language processing, EMAIL security, CONVOLUTIONAL neural networks, EMAIL systems

Abstract

Spam emails and phishing attacks continue to pose significant challenges to email users worldwide, necessitating advanced techniques for their efficient detection and classification. In this paper, we address the persistent challenges of spam emails and phishing attacks by introducing a cutting-edge approach to email filtering. Our methodology revolves around harnessing the capabilities of advanced language models, particularly the state-of-the-art GPT-4 Large Language Model (LLM), along with BERT and RoBERTa Natural Language Processing (NLP) models. Through meticulous fine-tuning tailored for spam classification tasks, we aim to surpass the limitations of traditional spam detection systems, such as Convolutional Neural Networks (CNNs). Through an extensive literature review, experimentation, and evaluation, we demonstrate the effectiveness of our approach in accurately identifying spam and phishing emails while minimizing false positives. Our methodology showcases the potential of fine-tuning LLMs for specialized tasks like spam classification, offering enhanced protection against evolving spam and phishing attacks. This research contributes to the advancement of spam filtering techniques and lays the groundwork for robust email security systems in the face of increasingly sophisticated threats. [ABSTRACT FROM AUTHOR]

Published

2024

32. Real-time phishing detection using deep learning methods by extensions.

Author

Dam Minh Linh, Ha Duy Hung, Han Minh Chau, Quang Sy Vu, and Thanh-Nam Tran

Subjects

MACHINE learning, CONVOLUTIONAL neural networks, UNIFORM Resource Locators, PHISHING, PHISHING prevention, DEEP learning, TELEPHONE numbers

Abstract

Phishing is an attack method that relies on a user's insufficient vigilance and understanding of the internet. For example, an attacker creates an online transaction website and tricks users into logging into the fake website to steal their personal information, such as credit card numbers, email addresses, phone numbers, and physical addresses. This paper proposes implementing an extension to prevent phishing for internet users. In particular, this study develops a smart warning feature for the proposed extension using deep learning models. The proposed extension installed in the web browser protects users by checking for, warning about, and preventing untrusted connections. This study evaluated and compared the performance of machine learning models using a malicious uniform resource locator (URL) dataset containing 651,191 data samples. The results of the investigation confirm that the proposed extension using a convolutional neural network (CNN) achieved a high accuracy of 98.4%. [ABSTRACT FROM AUTHOR]

Published

2024

33. PHISHING ATTACK DETECTION USING GRADIENT BOOSTING.

Author

R., ASLIN SUSHMITHA

Subjects

PHISHING, CYBERTERRORISM, INTERNET security, MACHINE learning, FRAUD investigation

Abstract

Phishing is a prevalent cyber attack that uses deceptive websites to trick individuals into revealing personal information. These sites mimic legitimate ones to steal data such as usernames, passwords, and financial details. Detecting phishing is crucial, and machine learning algorithms are effective tools for this task. Attackers favor phishing due to its effectiveness in tricking victims with authentic-looking yet malicious links, which can breach security measures. This method employs machine learning to innovate phishing website detection. However, attackers can manipulate features like HTML, DOM, and URLs using web scraping and scripting languages. A new approach using machine learning classifiers tackles these threats by analyzing internet URLs and domain names. A dataset sourced from globally recognized intelligence services and organizations facilitates streamlined feature extraction, reducing processing overhead by prioritizing URL and domain name traits. The Gradient Boosting Classifier is used on an 11,055-instance dataset with thirty-two features to classify phishing URLs, demonstrating superior accuracy compared to methods like Random Forest. Gradient boosting is highly effective across various machine learning tasks, leveraging aggregated weak learners such as decision trees for strong predictive accuracy. Its suitability for handling imbalanced datasets makes it particularly effective for phishing detection, which is crucial for distinguishing between legitimate and malicious URLs. This method enhances accuracy by extracting and comparing distinct characteristics of legitimate and phishing URLs. By focusing on URL and domain name attributes, a more effective approach to identifying phishing attempts in cybersecurity is proposed. [ABSTRACT FROM AUTHOR]

Published

2024

34. Insights into Cybercrime Detection and Response: A Review of Time Factor.

Author

Taherdoost, Hamed

Subjects

*INTRUSION detection systems (Computer security), *RANSOMWARE, *TECHNOLOGICAL progress, *IDENTITY theft, *DIGITAL technology, *DIGITAL communications, *PHISHING, *REACTION time

Abstract

Amidst an unprecedented period of technological progress, incorporating digital platforms into diverse domains of existence has become indispensable, fundamentally altering the operational processes of governments, businesses, and individuals. Nevertheless, the swift process of digitization has concurrently led to the emergence of cybercrime, which takes advantage of weaknesses in interconnected systems. The growing dependence of society on digital communication, commerce, and information sharing has led to the exploitation of these platforms by malicious actors for hacking, identity theft, ransomware, and phishing attacks. With the growing dependence of organizations, businesses, and individuals on digital platforms for information exchange, commerce, and communication, malicious actors have identified the susceptibilities present in these systems and have begun to exploit them. This study examines 28 research papers focusing on intrusion detection systems (IDS), and phishing detection in particular, and how quickly responses and detections in cybersecurity may be made. We investigate various approaches and quantitative measurements to comprehend the link between reaction time and detection time and emphasize the necessity of minimizing both for improved cybersecurity. The research focuses on reducing detection and reaction times, especially for phishing attempts, to improve cybersecurity. In smart grids and automobile control networks, faster attack detection is important, and machine learning can help. It also stresses the necessity to improve protocols to address increasing cyber risks while maintaining scalability, interoperability, and resilience. Although machine-learning-based techniques have the potential for detection precision and reaction speed, obstacles still need to be addressed to attain real-time capabilities and adjust to constantly changing threats. To create effective defensive mechanisms against cyberattacks, future research topics include investigating innovative methodologies, integrating real-time threat intelligence, and encouraging collaboration. [ABSTRACT FROM AUTHOR]

Published

2024

35. SmartiPhish: a reinforcement learning-based intelligent anti-phishing solution to detect spoofed website attacks.

Author

Ariyadasa, Subhash, Fernando, Shantha, and Fernando, Subha

Subjects

*DEEP learning, *REINFORCEMENT learning, *DEEP reinforcement learning, *WEBSITES, *PHISHING, *CYBERTERRORISM

Abstract

Phishing, a well-known cyberattack that cannot be completely eradicated from the Internet, has increased dramatically since the COVID-19 pandemic. Despite previous efforts to reduce this prevalent Internet threat, constantly changing attacks make phishing detection a difficult task. The lack of continuous learning support provided by existing solutions and the lack of a systematic knowledge acquisition process make its detection more difficult. SmartiPhish is introduced in this context as the first anti-phishing solution with integrated continuous learning support with an innovative knowledge acquisition process. SmartiPhish combines deep learning and reinforcement learning to have a successful phishing detection solution. The deep learning model predicts a phishing probability for a given web page based on the URL and HTML content, and the probability is then passed to a reinforcement learning environment to make a decision based on the popularity of the web page and prior knowledge of it. SmartiPhish has a detection accuracy of 96.40% and a detection time of 4.3 s. SmartiPhish performs well in an imbalanced environment, and zero-day attack detection is also interesting. Furthermore, SmartiPhish demonstrated a 5.65% performance improvement in just six weeks, in contrast to the existing anti-phishing tools' declining performance trend over time. [ABSTRACT FROM AUTHOR]

Published

2024

36. A Comparative Analysis of Feature Eliminator Methods to Improve Machine Learning Phishing Detection.

Author

Tanimu, Jibrilla, Shiaeles, Stavros, and Adda, Mo

Subjects

PHISHING, FEATURE selection, MACHINE learning, STATISTICAL models, INTERNET security

Abstract

This machine learning (ML)-based phishing detection employs statistical models and algorithms to assess and recognize phishing attacks. These algorithms can learn patterns and features that distinguish between phishing and nonphishing attacks once they are trained on vast amounts of data from both types of cases. Phishing detection systems can quickly evaluate considerable data, identify possible phishing attempts, and warn users of potential dangers. ML-based phishing detection systems have the potential to continuously improve their accuracy over time through ongoing feature refinement, iterative model evaluation, and algorithm optimization. In contrast to conventional techniques, these systems offer a more effective and efficient approach to identifying and mitigating phishing attacks. This research critically analyzes existing literature on phishing detection, aiming to identify all proposed features and determine the critical ones necessary for accurate and fast phishing attack detection. By eliminating unnecessary overhead, this research enhances our understanding of feature eliminator methods and their role in improving ML-based phishing detection. The findings would contribute to the development of more robust cybersecurity measures to combat phishing attacks, as well as advance the field's knowledge and application of ML in detecting and mitigating such threats. The study highlights the importance of feature selection and optimization in achieving accurate and efficient phishing detection, ultimately strengthening the overall security posture of organizations and individuals against phishing attacks. [ABSTRACT FROM AUTHOR]

Published

2024

37. Prompt Engineering or Fine-Tuning? A Case Study on Phishing Detection with Large Language Models

Author

Fouad Trad and Ali Chehab

Subjects

large language models, prompt engineering, fine-tuning, phishing detection, Computer engineering. Computer hardware, TK7885-7895

Abstract

Large Language Models (LLMs) are reshaping the landscape of Machine Learning (ML) application development. The emergence of versatile LLMs capable of undertaking a wide array of tasks has reduced the necessity for intensive human involvement in training and maintaining ML models. Despite these advancements, a pivotal question emerges: can these generalized models negate the need for task-specific models? This study addresses this question by comparing the effectiveness of LLMs in detecting phishing URLs when utilized with prompt-engineering techniques versus when fine-tuned. Notably, we explore multiple prompt-engineering strategies for phishing URL detection and apply them to two chat models, GPT-3.5-turbo and Claude 2. In this context, the maximum result achieved was an F1-score of 92.74% by using a test set of 1000 samples. Following this, we fine-tune a range of base LLMs, including GPT-2, Bloom, Baby LLaMA, and DistilGPT-2—all primarily developed for text generation—exclusively for phishing URL detection. The fine-tuning approach culminated in a peak performance, achieving an F1-score of 97.29% and an AUC of 99.56% on the same test set, thereby outperforming existing state-of-the-art methods. These results highlight that while LLMs harnessed through prompt engineering can expedite application development processes, achieving a decent performance, they are not as effective as dedicated, task-specific LLMs.

Published

2024

38. CT-GCN+: a high-performance cryptocurrency transaction graph convolutional model for phishing node classification

Author

Bingxue Fu, Yixuan Wang, and Tao Feng

Subjects

Blockchain, Information security, Phishing detection, Imbalance data, Transaction graph, Computer engineering. Computer hardware, TK7885-7895, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract Due to the anonymous and contract transfer nature of blockchain cryptocurrencies, they are susceptible to fraudulent incidents such as phishing. This poses a threat to the property security of users and hinders the healthy development of the entire blockchain community. While numerous studies have been conducted on identifying cryptocurrency phishing users, there is a lack of research that integrates class imbalance and transaction time characteristics. This paper introduces a novel graph neural network-based account identification model called CT-GCN+, which utilizes blockchain cryptocurrency phishing data. It incorporates an imbalanced data processing module for graphs to consider cryptocurrency transaction time. The model initially extracts time characteristics from the transaction graph using LSTM and Attention mechanisms. These time characteristics are then fused with underlying features, which are subsequently inputted into a combined SMOTE and GCN model for phishing user classification. Experimental results demonstrate that the CT-GCN+ model achieves a phishing user identification accuracy of 97.22% and a phishing user identification area under the curve of 96.67%. This paper presents a valuable approach to phishing detection research within the blockchain and cryptocurrency ecosystems.

Published

2024

39. Design of Efficient Phishing Detection Model using Machine Learning

Author

Bong-Hyun Kim

Subjects

ensemble method, heatmap, machine learning, phishing detection, random forest, sklearn, Technology

Abstract

Recently, there have been cases of phishing attempts to steal personal information through fake sites disguised as major sites. Although phishing attacks continue and increase, countermeasures remain in the form of defense after identifying the attack. Therefore, in this paper, we designed a phishing detection model using machine learning that provides knowledge and prediction by learning patterns from data input to a computer. For this, an analysis model was built using sklearn logistic regression, and the phishing probability was visualized using a heatmap. In addition, a graph was used to visually indicate the result, and a function for attribute information of a phishing website was provided.

Published

2024

40. DEPHIDES: Deep Learning Based Phishing Detection System

Author

Ozgur Koray Sahingoz, Ebubekir BUBEr, and Emin Kugu

Subjects

Deep learning, cyber security, phishing attack, classification algorithms, phishing detection, Electrical engineering. Electronics. Nuclear engineering, TK1-9971

Abstract

In today’s digital landscape, the increasing prevalence of internet-connected devices, including smartphones, personal computers, and IoT devices, has enabled users to perform a wide range of daily activities such as shopping, banking, and communication in the online world. However, cybercriminals are capitalizing on the Internet’s anonymity and the ease of conducting cyberattacks. Phishing attacks have become a popular method for acquiring sensitive user information, including passwords, bank account details, social security numbers and more, often through social engineering and messaging tools. To protect users from such threats, it is essential to establish sophisticated phishing detection systems on computing devices. Many of these systems leverage machine learning techniques for accurate classification. In recent years, deep learning algorithms have gained prominence, especially when dealing with large datasets. This study presents the development of a phishing detection system based on deep learning, employing five different algorithms: artificial neural networks, convolutional neural networks, recurrent neural networks, bidirectional recurrent neural networks, and attention networks. The system primarily focuses on the fast classification of web pages using URLs. To assess the system’s performance, a relatively extensive dataset of labeled URLs, comprising approximately five million records, was collected and shared. The experimental results indicate that convolutional neural networks achieved the highest performance, boasting a detection accuracy of 98.74% for phishing attacks. This research underscores the effectiveness of deep learning algorithms, particularly in enhancing cybersecurity in the face of evolving cyber threats.

Published

2024

41. CT-GCN+: a high-performance cryptocurrency transaction graph convolutional model for phishing node classification

Author

Fu, Bingxue, Wang, Yixuan, and Feng, Tao

Published

2024

42. The application of a novel neural network in the detection of phishing websites.

Author

Feng, Fang, Zhou, Qingguo, Shen, Zebang, Yang, Xuhui, Han, Lihong, and Wang, JinQiang

Abstract

In recent years, security incidents of website occur increasingly frequently, and this motivates us to study websites' security. Although there are many phishing detection approaches to detect phishing websites, the detection accuracy has not been desirable. In this paper, we propose a novel phishing detection model based on a novel neural network classification method. This detection model can achieve high accu-racy and has good generalization ability by design risk minimization principle. Furthermore, the training process of the novel detection model is simple and stable by Monte Carlo algorithm. Based on testing of a set of phishing and benign websites, we have noted that this novel phishing detection model achieves the best Accuracy, True-positive rate (TPR), False-positive rate (FPR), Precision, Recall, F-measure and Matthews Correlation Coefficient(MCC) comparable to other models as Naive Bayes (NB), Logistic Regression(LR), K-Nearest Neighbor (KNN), Decision Tree (DT), Linear Support Vector Machine (LSVM), Radial-Basis Support Vector Machine (RSVM) and Linear Discriminant Analysis (LDA). Furthermore, based upon experiments, we find that the proposed detection model can achieve a high Accuracy of 97.71% and a low FPR of 1.7%. It indicates that the proposed detection model is promising and can be effectively applied to phishing detection. [ABSTRACT FROM AUTHOR]

Published

2024

43. Prompt Engineering or Fine-Tuning? A Case Study on Phishing Detection with Large Language Models.

Author

Trad, Fouad and Chehab, Ali

Subjects

LANGUAGE models, UNIFORM Resource Locators, PHISHING, MACHINE learning, ENGINEERING

Abstract

Large Language Models (LLMs) are reshaping the landscape of Machine Learning (ML) application development. The emergence of versatile LLMs capable of undertaking a wide array of tasks has reduced the necessity for intensive human involvement in training and maintaining ML models. Despite these advancements, a pivotal question emerges: can these generalized models negate the need for task-specific models? This study addresses this question by comparing the effectiveness of LLMs in detecting phishing URLs when utilized with prompt-engineering techniques versus when fine-tuned. Notably, we explore multiple prompt-engineering strategies for phishing URL detection and apply them to two chat models, GPT-3.5-turbo and Claude 2. In this context, the maximum result achieved was an F1-score of 92.74% by using a test set of 1000 samples. Following this, we fine-tune a range of base LLMs, including GPT-2, Bloom, Baby LLaMA, and DistilGPT-2—all primarily developed for text generation—exclusively for phishing URL detection. The fine-tuning approach culminated in a peak performance, achieving an F1-score of 97.29% and an AUC of 99.56% on the same test set, thereby outperforming existing state-of-the-art methods. These results highlight that while LLMs harnessed through prompt engineering can expedite application development processes, achieving a decent performance, they are not as effective as dedicated, task-specific LLMs. [ABSTRACT FROM AUTHOR]

Published

2024

44. Explainable machine learning for phishing feature detection.

Author

Calzarossa, Maria Carla, Giudici, Paolo, and Zieni, Rasha

Subjects

*MACHINE learning, *PHISHING, *PHISHING prevention, *FEATURE selection, *GINI coefficient

Abstract

Phishing is a very dangerous security threat that affects individuals as well as companies and organizations. To fight the risks associated with this threat, it is important to detect phishing websites in a timely manner. Machine learning models work well for this purpose as they can predict phishing cases, using information on the underlying websites. In this paper, we contribute to the research on the detection of phishing websites by proposing an explainable machine learning model that can provide not only accurate predictions of phishing, but also explanations of which features are most likely associated with phishing websites. To this aim, we propose a novel feature selection model based on Lorenz Zonoids, the multidimensional extension of Gini coefficient. We illustrate our proposal on a real dataset that contains features of both phishing and legitimate websites. [ABSTRACT FROM AUTHOR]

Published

2024

45. AntiPhishStack: LSTM-Based Stacked Generalization Model for Optimized Phishing URL Detection.

Author

Aslam, Saba, Aslam, Hafsa, Manzoor, Arslan, Chen, Hui, and Rasool, Abdur

Subjects

*UNIFORM Resource Locators, *PHISHING, *INFORMATION technology security, *COMPUTER network security, *CYBERTERRORISM, *PHISHING prevention, *GENERALIZATION, *DEEP learning

Abstract

The escalating reliance on revolutionary online web services has introduced heightened security risks, with persistent challenges posed by phishing despite extensive security measures. Traditional phishing systems, reliant on machine learning and manual features, struggle with evolving tactics. Recent advances in deep learning offer promising avenues for tackling novel phishing challenges and malicious URLs. This paper introduces a two-phase stack generalized model named AntiPhishStack, designed to detect phishing sites. The model leverages the learning of URLs and character-level TF-IDF features symmetrically, enhancing its ability to combat emerging phishing threats. In Phase I, features are trained on a base machine learning classifier, employing K-fold cross-validation for robust mean prediction. Phase II employs a two-layered stacked-based LSTM network with five adaptive optimizers for dynamic compilation, ensuring premier prediction on these features. Additionally, the symmetrical predictions from both phases are optimized and integrated to train a meta-XGBoost classifier, contributing to a final robust prediction. The significance of this work lies in advancing phishing detection with AntiPhishStack, operating without prior phishing-specific feature knowledge. Experimental validation on two benchmark datasets, comprising benign and phishing or malicious URLs, demonstrates the model's exceptional performance, achieving a notable 96.04% accuracy compared to existing studies. This research adds value to the ongoing discourse on symmetry and asymmetry in information security and provides a forward-thinking solution for enhancing network security in the face of evolving cyber threats. [ABSTRACT FROM AUTHOR]

Published

2024

46. Sentence Level Analysis Model for Phishing Detection Using KNN.

Author

Sawe, Lindah, Gikandi, Joyce, Kamau, John, and Njuguna, David

Subjects

EMAIL spoofing, PHISHING prevention, COVID-19 pandemic, CYBERTERRORISM, K-nearest neighbor classification

Abstract

Phishing emails have experienced a rapid surge in cyber threats globally, especially following the emergence of the COVID-19 pandemic. This form of attack has led to substantial financial losses for numerous organizations. Although various models have been constructed to differentiate legitimate emails from phishing attempts, attackers continuously employ novel strategies to manipulate their targets into falling victim to their schemes. This form of attack has led to substantial financial losses for numerous organizations. While efforts are ongoing to create phishing detection models, their current level of accuracy and speed in identifying phishing emails is less than satisfactory. Additionally, there has been a concerning rise in the frequency of phished emails recently. Consequently, there is a pressing need for more efficient and high-performing phishing detection models to mitigate the adverse impact of such fraudulent messages. In the context of this research, a comprehensive analysis is conducted on both components of an email message—namely, the email header and body. Sentence-level characteristics are extracted and leveraged in the construction of a new phishing detection model. This model utilizes K Nearest Neighbor (KNN) introducing the novel dimension of sentence-level analysis. Established datasets from Kaggle were employed to train and validate the model. The evaluation of this model's effectiveness relies on key performance metrics including accuracy of 0.97, precision, recall, and F1-measure. [ABSTRACT FROM AUTHOR]

Published

2024

47. Comparative evaluation of machine learning algorithms for phishing site detection

Author

Noura Fahad Almujahid, Mohd Anul Haq, and Mohammed Alshehri

Subjects

Phishing, Machine learning, Phishing detection, Classification, Electronic computers. Computer science, QA75.5-76.95

Abstract

The advent of Internet technologies has resulted in the proliferation of electronic trading and the use of the Internet for electronic transactions, leading to a rise in unauthorized access to sensitive user information and the depletion of resources for enterprises. As a consequence, there has been a marked increase in phishing, which is now considered one of the most common types of online theft. Phishing attacks are typically directed towards obtaining confidential information, such as login credentials for online banking platforms and sensitive systems. The primary objective of such attacks is to acquire specific personal information to either use for financial gain or commit identity theft. Recent studies have been conducted to combat phishing attacks by examining domain characteristics such as website addresses, content on websites, and combinations of both approaches for the website and its source code. However, businesses require more effective anti-phishing technologies to identify phishing URLs and safeguard their users. The present research aims to evaluate the effectiveness of eight machine learning (ML) and deep learning (DL) algorithms, including support vector machine (SVM), k-nearest neighbors (KNN), random forest (RF), Decision Tree (DT), Extreme Gradient Boosting (XGBoost), logistic regression (LR), convolutional neural network (CNN), and DL model and assess their performances in identifying phishing. This study utilizes two real datasets, Mendeley and UCI, employing performance metrics such as accuracy, precision, recall, false positive rate (FPR), and F-1 score. Notably, CNN exhibits superior accuracy, emphasizing its efficacy. Contributions include using purpose-specific datasets, meticulous feature engineering, introducing SMOTE for class imbalance, incorporating the novel CNN model, and rigorous hyperparameter tuning. The study demonstrates consistent model performance across both datasets, highlighting stability and reliability.

Published

2024

48. Phishing detection on Ethereum via transaction subgraphs embedding

Author

Haifeng Lv and Yong Ding

Subjects

blockchain, Ethereum, Graph2Vec, phishing detection, XGBoost, Electronic computers. Computer science, QA75.5-76.95

Abstract

Abstract With the rapid development of blockchain technology in the financial sector, the security of blockchain is being put to the test due to an increase in phishing fraud. Therefore, it is essential to study more effective measures and better solutions. Graph models have been proven to provide abundant information for downstream assignments. In this study, a graph‐based embedding classification method is proposed for phishing detection on Ethereum by modeling its transaction records using subgraphs. Initially, the transaction data of normal addresses and an equal number of confirmed phishing addresses are collected through web crawling. Multiple subgraphs using the collected transaction records are constructed, with each subgraph containing a target address and its nearby transaction network. To extract features of the addresses, a modified Graph2Vec model called imgraph2vec is designed, which considers block height, timestamp, and amount of transactions. Finally, the Extreme Gradient Boosting (XGBoost) algorithm is employed to detect phishing and normal addresses. The experimental results show that the proposed method achieves good performance in phishing detection, indicating the effectiveness of imgraph2vec in feature acquisition of transaction networks compared to existing models.

Published

2023

49. Enhanced Feature Selection Using Genetic Algorithm for Machine-Learning-Based Phishing URL Detection

Author

Emre Kocyigit, Mehmet Korkmaz, Ozgur Koray Sahingoz, and Banu Diri

Subjects

feature selection, genetic algorithm, phishing detection, Technology, Engineering (General). Civil engineering (General), TA1-2040, Biology (General), QH301-705.5, Physics, QC1-999, Chemistry, QD1-999

Abstract

In recent years, the importance of computer security has increased due to the rapid advancement of digital technology, widespread Internet use, and increased sophistication of cyberattacks. Machine learning has gained great interest in securing data systems because it offers the capability of automatically detecting and responding to security threats in real time, which is crucial for maintaining the security of computer systems and protecting data from malicious attacks. This study concentrates on phishing attack detection systems, a prevalent cyber-threat. These systems assess the features of the incoming requests to identify whether they are malicious or not. Although the number of features is increasing in these systems, feature selection has become an essential pre-processing phase that identifies the most important features of a set of available features to prevent overfitting problems, improve model performance, reduce computational cost, and decrease training and execution time. Leveraging genetic algorithms, known for simulating natural selection to identify optimal solutions, we propose a novel feature selection method, based on genetic algorithms and locally optimized, that is applied to a URL-based phishing detection system with machine learning models. Our research demonstrates that the proposed technique offers a promising strategy for improving the performance of machine learning models.

Published

2024

50. Explainable Machine Learning for Bag of Words-Based Phishing Detection

Author

Calzarossa, Maria Carla, Giudici, Paolo, Zieni, Rasha, Filipe, Joaquim, Editorial Board Member, Ghosh, Ashish, Editorial Board Member, Prates, Raquel Oliveira, Editorial Board Member, Zhou, Lizhu, Editorial Board Member, and Longo, Luca, editor

Published

2023