Today,phishing is an online attack designed to obtain sensitive information such as credit card and bank account numbers,passwords,and usernames.We can find several anti-phishing solutions,such as heuristic detection,...Today,phishing is an online attack designed to obtain sensitive information such as credit card and bank account numbers,passwords,and usernames.We can find several anti-phishing solutions,such as heuristic detection,virtual similarity detection,black and white lists,and machine learning(ML).However,phishing attempts remain a problem,and establishing an effective anti-phishing strategy is a work in progress.Furthermore,while most antiphishing solutions achieve the highest levels of accuracy on a given dataset,their methods suffer from an increased number of false positives.These methods are ineffective against zero-hour attacks.Phishing sites with a high False Positive Rate(FPR)are considered genuine because they can cause people to lose a lot ofmoney by visiting them.Feature selection is critical when developing phishing detection strategies.Good feature selection helps improve accuracy;however,duplicate features can also increase noise in the dataset and reduce the accuracy of the algorithm.Therefore,a combination of filter-based feature selection methods is proposed to detect phishing attacks,including constant feature removal,duplicate feature removal,quasi-feature removal,correlated feature removal,mutual information extraction,and Analysis of Variance(ANOVA)testing.The technique has been tested with differentMachine Learning classifiers:Random Forest,Artificial Neural Network(ANN),Ada-Boost,Extreme Gradient Boosting(XGBoost),Logistic Regression,Decision Trees,Gradient Boosting Classifiers,Support Vector Machine(SVM),and two types of ensemble models,stacking and majority voting to gain A low false positive rate is achieved.Stacked ensemble classifiers(gradient boosting,randomforest,support vector machine)achieve 1.31%FPR and 98.17%accuracy on Dataset 1,2.81%FPR and Dataset 3 shows 2.81%FPR and 97.61%accuracy,while Dataset 2 shows 3.47%FPR and 96.47%accuracy.展开更多
In order to effectively detect malicious phishing behaviors, a phishing detection method based on the uniform resource locator (URL) features is proposed. First, the method compares the phishing URLs with legal ones...In order to effectively detect malicious phishing behaviors, a phishing detection method based on the uniform resource locator (URL) features is proposed. First, the method compares the phishing URLs with legal ones to extract the features of phishing URLs. Then a machine learning algorithm is applied to obtain the URL classification model from the sample data set training. In order to adapt to the change of a phishing URL, the classification model should be constantly updated according to the new samples. So, an incremental learning algorithm based on the feedback of the original sample data set is designed. The experiments verify that the combination of the URL features extracted in this paper and the support vector machine (SVM) classification algorithm can achieve a high phishing detection accuracy, and the incremental learning algorithm is also effective.展开更多
Cyber Attacks are critical and destructive to all industry sectors.They affect social engineering by allowing unapproved access to a Personal Computer(PC)that breaks the corrupted system and threatens humans.The defen...Cyber Attacks are critical and destructive to all industry sectors.They affect social engineering by allowing unapproved access to a Personal Computer(PC)that breaks the corrupted system and threatens humans.The defense of security requires understanding the nature of Cyber Attacks,so prevention becomes easy and accurate by acquiring sufficient knowledge about various features of Cyber Attacks.Cyber-Security proposes appropriate actions that can handle and block attacks.A phishing attack is one of the cybercrimes in which users follow a link to illegal websites that will persuade them to divulge their private information.One of the online security challenges is the enormous number of daily transactions done via phishing sites.As Cyber-Security have a priority for all organizations,Cyber-Security risks are considered part of an organization’s risk management process.This paper presents a survey of different modern machine-learning approaches that handle phishing problems and detect with high-quality accuracy different phishing attacks.A dataset consisting of more than 11000 websites from the Kaggle dataset was utilized and studying the effect of 30 website features and the resulting class label indicating whether or not it is a phishing website(1 or−1).Furthermore,we determined the confusion matrices of Machine Learning models:Neural Networks(NN),Na飗e Bayes,and Adaboost,and the results indicated that the accuracies achieved were 90.23%,92.97%,and 95.43%,respectively.展开更多
The data in the cloud is protected by various mechanisms to ensure security aspects and user’s privacy.But,deceptive attacks like phishing might obtain the user’s data and use it for malicious purposes.In Spite of m...The data in the cloud is protected by various mechanisms to ensure security aspects and user’s privacy.But,deceptive attacks like phishing might obtain the user’s data and use it for malicious purposes.In Spite of much techno-logical advancement,phishing acts as thefirst step in a series of attacks.With technological advancements,availability and access to the phishing kits has improved drastically,thus making it an ideal tool for the hackers to execute the attacks.The phishing cases indicate use of foreign characters to disguise the ori-ginal Uniform Resource Locator(URL),typosquatting the popular domain names,using reserved characters for re directions and multi-chain phishing.Such phishing URLs can be stored as a part of the document and uploaded in the cloud,providing a nudge to hackers in cloud storage.The cloud servers are becoming the trusted tool for executing these attacks.The prevailing software for blacklisting phishing URLs lacks the security for multi-level phishing and expects security from the client’s end(browser).At the same time,the avalanche effect and immut-ability of block-chain proves to be a strong source of security.Considering these trends in technology,a block-chain basedfiltering implementation for preserving the integrity of user data stored in the cloud is proposed.The proposed Phish Block detects the homographic phishing URLs with accuracy of 91%which assures the security in cloud storage.展开更多
In the digital age, phishing attacks have been a persistent security threat leveraged by traditional password management systems that are not able to verify the authenticity of websites. This paper presents an approac...In the digital age, phishing attacks have been a persistent security threat leveraged by traditional password management systems that are not able to verify the authenticity of websites. This paper presents an approach to embedding sophisticated phishing detection within a password manager’s framework, called PhishGuard. PhishGuard uses a Large Language Model (LLM), specifically a fine-tuned BERT algorithm that works in real time, where URLs fed by the user in the credentials are analyzed and authenticated. This approach enhances user security with its provision of real-time protection from phishing attempts. Through rigorous testing, this paper illustrates how PhishGuard has scored well in tests that measure accuracy, precision, recall, and false positive rates.展开更多
基金financially supported by the Deanship of Scientific Research and Graduate Studies at King Khalid University under research grant number(R.G.P.2/21/46)in part by the Deanship of Scientific Research,Vice Presidency for Graduate Studies and Scientific Research,King Faisal University,Saudi Arabia,under Grant KFU253116.
文摘Today,phishing is an online attack designed to obtain sensitive information such as credit card and bank account numbers,passwords,and usernames.We can find several anti-phishing solutions,such as heuristic detection,virtual similarity detection,black and white lists,and machine learning(ML).However,phishing attempts remain a problem,and establishing an effective anti-phishing strategy is a work in progress.Furthermore,while most antiphishing solutions achieve the highest levels of accuracy on a given dataset,their methods suffer from an increased number of false positives.These methods are ineffective against zero-hour attacks.Phishing sites with a high False Positive Rate(FPR)are considered genuine because they can cause people to lose a lot ofmoney by visiting them.Feature selection is critical when developing phishing detection strategies.Good feature selection helps improve accuracy;however,duplicate features can also increase noise in the dataset and reduce the accuracy of the algorithm.Therefore,a combination of filter-based feature selection methods is proposed to detect phishing attacks,including constant feature removal,duplicate feature removal,quasi-feature removal,correlated feature removal,mutual information extraction,and Analysis of Variance(ANOVA)testing.The technique has been tested with differentMachine Learning classifiers:Random Forest,Artificial Neural Network(ANN),Ada-Boost,Extreme Gradient Boosting(XGBoost),Logistic Regression,Decision Trees,Gradient Boosting Classifiers,Support Vector Machine(SVM),and two types of ensemble models,stacking and majority voting to gain A low false positive rate is achieved.Stacked ensemble classifiers(gradient boosting,randomforest,support vector machine)achieve 1.31%FPR and 98.17%accuracy on Dataset 1,2.81%FPR and Dataset 3 shows 2.81%FPR and 97.61%accuracy,while Dataset 2 shows 3.47%FPR and 96.47%accuracy.
基金The National Basic Research Program of China(973 Program)(No.2010CB328104,2009CB320501)the National Natural Science Foundation of China(No.61272531,61070158,61003257,61060161,61003311,41201486)+4 种基金the National Key Technology R&D Program during the11th Five-Year Plan Period(No.2010BAI88B03)Specialized Research Fund for the Doctoral Program of Higher Education(No.20110092130002)the National Science and Technology Major Project(No.2009ZX03004-004-04)the Foundation of the Key Laboratory of Netw ork and Information Security of Jiangsu Province(No.BM2003201)the Key Laboratory of Computer Netw ork and Information Integration of the Ministry of Education of China(No.93K-9)
文摘In order to effectively detect malicious phishing behaviors, a phishing detection method based on the uniform resource locator (URL) features is proposed. First, the method compares the phishing URLs with legal ones to extract the features of phishing URLs. Then a machine learning algorithm is applied to obtain the URL classification model from the sample data set training. In order to adapt to the change of a phishing URL, the classification model should be constantly updated according to the new samples. So, an incremental learning algorithm based on the feedback of the original sample data set is designed. The experiments verify that the combination of the URL features extracted in this paper and the support vector machine (SVM) classification algorithm can achieve a high phishing detection accuracy, and the incremental learning algorithm is also effective.
文摘Cyber Attacks are critical and destructive to all industry sectors.They affect social engineering by allowing unapproved access to a Personal Computer(PC)that breaks the corrupted system and threatens humans.The defense of security requires understanding the nature of Cyber Attacks,so prevention becomes easy and accurate by acquiring sufficient knowledge about various features of Cyber Attacks.Cyber-Security proposes appropriate actions that can handle and block attacks.A phishing attack is one of the cybercrimes in which users follow a link to illegal websites that will persuade them to divulge their private information.One of the online security challenges is the enormous number of daily transactions done via phishing sites.As Cyber-Security have a priority for all organizations,Cyber-Security risks are considered part of an organization’s risk management process.This paper presents a survey of different modern machine-learning approaches that handle phishing problems and detect with high-quality accuracy different phishing attacks.A dataset consisting of more than 11000 websites from the Kaggle dataset was utilized and studying the effect of 30 website features and the resulting class label indicating whether or not it is a phishing website(1 or−1).Furthermore,we determined the confusion matrices of Machine Learning models:Neural Networks(NN),Na飗e Bayes,and Adaboost,and the results indicated that the accuracies achieved were 90.23%,92.97%,and 95.43%,respectively.
文摘The data in the cloud is protected by various mechanisms to ensure security aspects and user’s privacy.But,deceptive attacks like phishing might obtain the user’s data and use it for malicious purposes.In Spite of much techno-logical advancement,phishing acts as thefirst step in a series of attacks.With technological advancements,availability and access to the phishing kits has improved drastically,thus making it an ideal tool for the hackers to execute the attacks.The phishing cases indicate use of foreign characters to disguise the ori-ginal Uniform Resource Locator(URL),typosquatting the popular domain names,using reserved characters for re directions and multi-chain phishing.Such phishing URLs can be stored as a part of the document and uploaded in the cloud,providing a nudge to hackers in cloud storage.The cloud servers are becoming the trusted tool for executing these attacks.The prevailing software for blacklisting phishing URLs lacks the security for multi-level phishing and expects security from the client’s end(browser).At the same time,the avalanche effect and immut-ability of block-chain proves to be a strong source of security.Considering these trends in technology,a block-chain basedfiltering implementation for preserving the integrity of user data stored in the cloud is proposed.The proposed Phish Block detects the homographic phishing URLs with accuracy of 91%which assures the security in cloud storage.
文摘In the digital age, phishing attacks have been a persistent security threat leveraged by traditional password management systems that are not able to verify the authenticity of websites. This paper presents an approach to embedding sophisticated phishing detection within a password manager’s framework, called PhishGuard. PhishGuard uses a Large Language Model (LLM), specifically a fine-tuned BERT algorithm that works in real time, where URLs fed by the user in the credentials are analyzed and authenticated. This approach enhances user security with its provision of real-time protection from phishing attempts. Through rigorous testing, this paper illustrates how PhishGuard has scored well in tests that measure accuracy, precision, recall, and false positive rates.
