Ala Mughaid,Shadi AlZu'bi,Adnan Hnaif,Salah Taamneh,Asma Alnajjar,Esraa Abu Elsoud

DOI: https://doi.org/10.1007/s10586-022-03604-4

Abstract:Recently, phishing attacks have become one of the most prominent social engineering attacks faced by public internet users, governments, and businesses. In response to this threat, this paper proposes to give a complete vision to what Machine learning is, what phishers are using to trick gullible users with different types of phishing attacks techniques and based on our survey that phishing emails is the most effective on the targeted sectors and users which we are going to compare as well. Therefore, more effective phishing detection technology is needed to curb the threat of phishing emails that are growing at an alarming rate in recent years, thus will discuss the techniques of mitigation of phishing by Machine learning algorithms and technical solutions that have been proposed to mitigate the problem of phishing and valuable awareness knowledge users should be aware to detect and prevent from being duped by phishing scams. In this work, we proposed a detection model using machine learning techniques by splitting the dataset to train the detection model and validating the results using the test data , to capture inherent characteristics of the email text, and other features to be classified as phishing or non-phishing using three different data sets, After making a comparison between them, we obtained that the most number of features used the most accurate and efficient results achieved. the best ML algorithm accuracy were 0.88, 1.00, and 0.97 consecutively for boosted decision tree on the applied data sets.

Samer Atawneh,Hamzah Aljehani

DOI: https://doi.org/10.3390/electronics12204261

IF: 2.9

2023-10-15

Electronics

Abstract:Email phishing is a widespread cyber threat that can result in the theft of sensitive information and financial loss. It uses malicious emails to trick recipients into providing sensitive information or transferring money, often by disguising themselves as legitimate organizations or individuals. As technology advances and attackers become more sophisticated, the problem of email phishing becomes increasingly challenging to detect and prevent. In this research paper, the use of deep learning techniques, including convolutional neural networks (CNNs), long short-term memory (LSTM) networks, recurrent neural networks (RNNs), and bidirectional encoder representations from transformers (BERT), are explored for detecting email phishing attacks. A dataset of phishing and benign emails was utilized, and a set of relevant features was extracted using natural language processing (NLP) techniques. The proposed deep learning model was trained and tested using the dataset, and it was found that it can achieve high accuracy in detecting email phishing compared to other state-of-the-art research, where the best performance was seen when using BERT and LSTM with an accuracy of 99.61%. The results demonstrate the potential of deep learning for improving email phishing detection and protecting against this pervasive threat.

engineering, electrical & electronic,computer science, information systems,physics, applied

Fatima Salahdine,Zakaria El Mrabet,Naima Kaabouch

DOI: https://doi.org/10.1109/UEMCON53757.2021.9666627

2022-01-26

Abstract:Phishing attacks are one of the most common social engineering attacks targeting users emails to fraudulently steal confidential and sensitive information. They can be used as a part of more massive attacks launched to gain a foothold in corporate or government networks. Over the last decade, a number of anti-phishing techniques have been proposed to detect and mitigate these attacks. However, they are still inefficient and inaccurate. Thus, there is a great need for efficient and accurate detection techniques to cope with these attacks. In this paper, we proposed a phishing attack detection technique based on machine learning. We collected and analyzed more than 4000 phishing emails targeting the email service of the University of North Dakota. We modeled these attacks by selecting 10 relevant features and building a large dataset. This dataset was used to train, validate, and test the machine learning algorithms. For performance evaluation, four metrics have been used, namely probability of detection, probability of miss-detection, probability of false alarm, and accuracy. The experimental results show that better detection can be achieved using an artificial neural network.

Cryptography and Security,Machine Learning

M. Chathar Singh,P. Sumanth,S. Bala Sathyanarayana,G. Rithika

DOI: https://doi.org/10.53730/ijhs.v6ns3.7944

2022-05-26

International Journal of Health Sciences

Abstract:E-mail is one of the most widely recognised channels of communication, whether for personal or corporate purposes. The worst part about spam emails is that they intrude on user’s privacy without their consent, and the constant bombardment of spam mails fills up the user's entire email space. Additionally, the issue of wasting network capacity and time checking and deleting spam mails makes it an even more concerning issue. Although confrontation tactics are constantly being upgraded, the results of those methods are now unsatisfactory. Furthermore, phishing emails have been on the rise in recent years. To combat the issue of phishing emails, more effective phishing detection technology is required. We intend to create a phishing email detection tool that analyses the email structure first, using an upgraded Convolutional Neural Networks model with multilayer vectors and Long Short-Term Neural Network (LSTM) to model emails at the email header, character level, email content, and word level all at the same time. To assess the efficacy, we'll use an unbalanced dataset with actual phishing and genuine email ratios. The total accuracy of the experiment achieves a high percentage.

R. Brindha,S. Nandagopal,H. Azath,V. Sathana,Gyanendra Prasad Joshi,Sung Won Kim

DOI: https://doi.org/10.32604/cmc.2023.030784

2023-01-01

Abstract:Phishing is a type of cybercrime in which cyber-attackers pose themselves as authorized persons or entities and hack the victims’ sensitive data. E-mails, instant messages and phone calls are some of the common modes used in cyberattacks. Though the security models are continuously upgraded to prevent cyberattacks, hackers find innovative ways to target the victims. In this background, there is a drastic increase observed in the number of phishing emails sent to potential targets. This scenario necessitates the importance of designing an effective classification model. Though numerous conventional models are available in the literature for proficient classification of phishing emails, the Machine Learning (ML) techniques and the Deep Learning (DL) models have been employed in the literature. The current study presents an Intelligent Cuckoo Search (CS) Optimization Algorithm with a Deep Learning-based Phishing Email Detection and Classification (ICSOA-DLPEC) model. The aim of the proposed ICSOA-DLPEC model is to effectually distinguish the emails as either legitimate or phishing ones. At the initial stage, the pre-processing is performed through three stages such as email cleaning, tokenization and stop-word elimination. Then, the N-gram approach is; moreover, the CS algorithm is applied to extract the useful feature vectors. Moreover, the CS algorithm is employed with the Gated Recurrent Unit (GRU) model to detect and classify phishing emails. Furthermore, the CS algorithm is used to fine-tune the parameters involved in the GRU model. The performance of the proposed ICSOA-DLPEC model was experimentally validated using a benchmark dataset, and the results were assessed under several dimensions. Extensive comparative studies were conducted, and the results confirmed the superior performance of the proposed ICSOA-DLPEC model over other existing approaches. The proposed model achieved a maximum accuracy of 99.72%.

computer science, information systems,materials science, multidisciplinary

Kutub Thakur,Md Liakat Ali,Muath A. Obaidat,Abu Kamruzzaman

DOI: https://doi.org/10.3390/electronics12214545

IF: 2.9

2023-11-05

Electronics

Abstract:Phishing attacks are a growing concern for individuals and organizations alike, with the potential to cause significant financial and reputational damage. Traditional methods for detecting phishing attacks, such as blacklists and signature-based techniques, have limitations that have led to developing more advanced techniques. In recent years, machine learning and deep learning techniques have gained attention for their potential to improve the accuracy of phishing detection. Deep learning algorithms, such as CNNs and LSTMs, are designed to learn from patterns and identify anomalies in data, making them more effective in detecting sophisticated phishing attempts. To develop a comprehensive understanding of the current state of research on the use of deep learning techniques for phishing detection, a systematic literature review is necessary. This review aims to identify the various deep learning techniques used for phishing detection, their effectiveness, and areas for future research. By synthesizing the findings of relevant studies, this review identifies the strengths and limitations of different approaches and provides insights into the challenges that need to be addressed to improve the accuracy and effectiveness of phishing detection. This review aims to contribute to developing a coherent and evidence-based understanding of the use of deep learning techniques for phishing detection. The review identifies gaps in the literature and informs the development of future research questions and areas of focus. With the increasing sophistication of phishing attacks, applying deep learning in this area is a critical and rapidly evolving field. This systematic literature review aims to provide insights into the current state of research and identify areas for future research to advance the field of phishing detection using deep learning.

engineering, electrical & electronic,computer science, information systems,physics, applied

Said Salloum,Tarek Gaber,Sunil Vadera,Khaled Shaalan

DOI: https://doi.org/10.1016/j.procs.2021.05.077

2021-01-01

Procedia Computer Science

Abstract:Phishing is the most prevalent method of cybercrime that convinces people to provide sensitive information; for instance, account IDs, passwords, and bank details. Emails, instant messages, and phone calls are widely used to launch such cyber-attacks. Despite constant updating of the methods of avoiding such cyber-attacks, the ultimate outcome is currently inadequate. On the other hand, phishing emails have increased exponentially in recent years, which suggests a need for more effective and advanced methods to counter them. Numerous methods have been established to filter phishing emails, but the problem still needs a complete solution. To the best of our knowledge, this is the first survey that focuses on using Natural Language Processing (NLP) and Machine Learning (ML) techniques to detect phishing emails. This study provides an analysis of the numerous state-of-the-art NLP strategies currently in use to identify phishing emails at various stages of the attack, with an emphasis on ML strategies. These approaches are subjected to a comparative assessment and analysis. This gives a sense of the problem, its immediate solution space, and the expected future research directions.

Najwa Altwaijry,Isra Al-Turaiki,Reem Alotaibi,Fatimah Alakeel

DOI: https://doi.org/10.3390/s24072077

IF: 3.9

2024-03-25

Sensors

Abstract:Black Phishing is one of the most dangerous attacks targeting individuals, organizations, and nations. Although many traditional methods for email phishing detection exist, there is a need to improve accuracy and reduce false-positive rates. Our work investigates one-dimensional CNN-based models (1D-CNNPD) to detect phishing emails in order to address these challenges. Additionally, further improvement is achieved with the augmentation of the base 1D-CNNPD model with recurrent layers, namely, LSTM, Bi-LSTM, GRU, and Bi-GRU, and experimented with the four resulting models. Two benchmark datasets were used to evaluate the performance of our models: Phishing Corpus and Spam Assassin. Our results indicate that, in general, the augmentations improve the performance of the 1D-CNNPD base model. Specifically, the 1D-CNNPD with Bi-GRU yields the best results. Overall, the performance of our models is comparable to the state of the art of CNN-based phishing email detection. The Advanced 1D-CNNPD with Leaky ReLU and Bi-GRU achieved 100% precision, 99.68% accuracy, an F1 score of 99.66%, and a recall of 99.32%. We observe that increasing model depth typically leads to an initial performance improvement, succeeded by a decline. In conclusion, this study highlights the effectiveness of augmented 1D-CNNPD models in detecting phishing emails with improved accuracy. The reported performance measure values indicate the potential of these models in advancing the implementation of cybersecurity solutions to combat email phishing attacks.

engineering, electrical & electronic,chemistry, analytical,instruments & instrumentation

Noura Fahad Almujahid,Mohd Anul Haq,Mohammed Alshehri

DOI: https://doi.org/10.7717/peerj-cs.2131

2024-06-24

PeerJ Computer Science

Abstract:The advent of Internet technologies has resulted in the proliferation of electronic trading and the use of the Internet for electronic transactions, leading to a rise in unauthorized access to sensitive user information and the depletion of resources for enterprises. As a consequence, there has been a marked increase in phishing, which is now considered one of the most common types of online theft. Phishing attacks are typically directed towards obtaining confidential information, such as login credentials for online banking platforms and sensitive systems. The primary objective of such attacks is to acquire specific personal information to either use for financial gain or commit identity theft. Recent studies have been conducted to combat phishing attacks by examining domain characteristics such as website addresses, content on websites, and combinations of both approaches for the website and its source code. However, businesses require more effective anti-phishing technologies to identify phishing URLs and safeguard their users. The present research aims to evaluate the effectiveness of eight machine learning (ML) and deep learning (DL) algorithms, including support vector machine (SVM), k-nearest neighbors (KNN), random forest (RF), Decision Tree (DT), Extreme Gradient Boosting (XGBoost), logistic regression (LR), convolutional neural network (CNN), and DL model and assess their performances in identifying phishing. This study utilizes two real datasets, Mendeley and UCI, employing performance metrics such as accuracy, precision, recall, false positive rate (FPR), and F-1 score. Notably, CNN exhibits superior accuracy, emphasizing its efficacy. Contributions include using purpose-specific datasets, meticulous feature engineering, introducing SMOTE for class imbalance, incorporating the novel CNN model, and rigorous hyperparameter tuning. The study demonstrates consistent model performance across both datasets, highlighting stability and reliability.

computer science, information systems, artificial intelligence, theory & methods

Fredrick Nthurima,Abraham Matheka

DOI: https://doi.org/10.32591/coas.ojit.0602.06157n

2023-12-24

Open Journal for Information Technology

Abstract:Phishing attacks usually take advantage of weaknesses in the way users behave. An attacker sends an email to the recipient that mimics a genuine email with phishing links. When the recipient clicks on the embedded links, the attacker can harvest critical information like credit card numbers, usernames or passwords as a result of entering the compromised account. Online surveys have put phishing attacks as the leading attack for web content, mostly targeting financial institutions. According to a survey conducted by Ponemon Institute LLC 2017, the loss due to phishing attacks is about $1.5 billion annually. This is a global threat to information security, and it’s on the rise due to IoT (Internet of Things) and thus requires a better phishing detection mechanism to mitigate these losses and reputation injury. This research paper explores and reports the use of multiple machine learning models by using an algorithm called Random Forest and using more phishing email features to improve the accuracy of phishing detection and prevention. This project will explore the existing phishing methods, investigate the effect of combining two machine learning algorithms to detect and prevent phishing attacks, design and develop a supervised classifier to detect and prevent phishing emails and test the model with existing data. A dataset consisting of benign and phishing emails will be used to conduct supervised learning by the model. Expected accuracy is 99.9%, with a rate of less than 0.1% for False Negatives (FN) and False Positives (FP).

Said Salloum,Tarek Gaber,Sunil Vadera,Khaled Shaalan

DOI: https://doi.org/10.1109/access.2022.3183083

IF: 3.9

2022-06-28

IEEE Access

Abstract:Every year, phishing results in losses of billions of dollars and is a major threat to the Internet economy. Phishing attacks are now most often carried out by email. To better comprehend the existing research trend of phishing email detection, several review studies have been performed. However, it is important to assess this issue from different perspectives. None of the surveys have ever comprehensively studied the use of Natural Language Processing (NLP) techniques for detection of phishing except one that shed light on the use of NLP techniques for classification and training purposes, while exploring a few alternatives. To bridge the gap, this study aims to systematically review and synthesise research on the use of NLP for detecting phishing emails. Based on specific predefined criteria, a total of 100 research articles published between 2006 and 2022 were identified and analysed. We study the key research areas in phishing email detection using NLP, machine learning algorithms used in phishing detection email, text features in phishing emails, datasets and resources that have been used in phishing emails, and the evaluation criteria. The findings include that the main research area in phishing detection studies is feature extraction and selection, followed by methods for classifying and optimizing the detection of phishing emails. Amongst the range of classification algorithms, support vector machines (SVMs) are heavily utilised for detecting phishing emails. The most frequently used NLP techniques are found to be TF-IDF and word embeddings. Furthermore, the most commonly used datasets for benchmarking phishing email detection methods is the Nazario phishing corpus. Also, Python is the most commonly used one for phishing email detection. It is expected that the findings of this paper can be helpful for the scientific community, especially in the field of NLP application in cybersecurity problems. This survey also is unique in the sense that it relates works- to their openly available tools and resources. The analysis of the presented works revealed that not much work had been performed on Arabic language phishing emails using NLP techniques. Therefore, many open issues are associated with Arabic phishing email detection.

computer science, information systems,telecommunications,engineering, electrical & electronic

Phyo Htet Kyaw,Jairo Gutierrez,Akbar Ghobakhlou

DOI: https://doi.org/10.3390/electronics13193823

IF: 2.9

2024-09-28

Electronics

Abstract:The landscape of phishing email threats is continually evolving nowadays, making it challenging to combat effectively with traditional methods even with carrier-grade spam filters. Traditional detection mechanisms such as blacklisting, whitelisting, signature-based, and rule-based techniques could not effectively prevent phishing, spear-phishing, and zero-day attacks, as cybercriminals are using sophisticated techniques and trusted email service providers. Consequently, many researchers have recently concentrated on leveraging machine learning (ML) and deep learning (DL) approaches to enhance phishing email detection capabilities with better accuracy. To gain insights into the development of deep learning algorithms in the current research on phishing prevention, this study conducts a systematic literature review (SLR) following the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines. By synthesizing the 33 selected papers using the SLR approach, this study presents a taxonomy of DL-based phishing detection methods, analyzing their effectiveness, limitations, and future research directions to address current challenges. The study reveals that the adaptability of detection models to new behaviors of phishing emails is the major improvement area. This study aims to add details about deep learning used for security to the body of knowledge, and it discusses future research in phishing detection systems.

engineering, electrical & electronic,computer science, information systems,physics, applied

Umer Ahmed Butt,Rashid Amin,Hamza Aldabbas,Senthilkumar Mohan,Bader Alouffi,Ali Ahmadian

DOI: https://doi.org/10.1007/s40747-022-00760-3

IF: 6.7

2022-06-02

Complex & Intelligent Systems

Abstract:Abstract Cloud computing refers to the on-demand availability of personal computer system assets, specifically data storage and processing power, without the client's input. Emails are commonly used to send and receive data for individuals or groups. Financial data, credit reports, and other sensitive data are often sent via the Internet. Phishing is a fraudster's technique used to get sensitive data from users by seeming to come from trusted sources. The sender can persuade you to give secret data by misdirecting in a phished email. The main problem is email phishing attacks while sending and receiving the email. The attacker sends spam data using email and receives your data when you open and read the email. In recent years, it has been a big problem for everyone. This paper uses different legitimate and phishing data sizes, detects new emails, and uses different features and algorithms for classification. A modified dataset is created after measuring the existing approaches. We created a feature extracted comma-separated values (CSV) file and label file, applied the support vector machine (SVM), Naive Bayes (NB), and long short-term memory (LSTM) algorithm. This experimentation considers the recognition of a phished email as a classification issue. According to the comparison and implementation, SVM, NB and LSTM performance is better and more accurate to detect email phishing attacks. The classification of email attacks using SVM, NB, and LSTM classifiers achieve the highest accuracy of 99.62%, 97% and 98%, respectively.

computer science, artificial intelligence

Alper Ozcan,Cagatay Catal,Emrah Donmez,Behcet Senturk

DOI: https://doi.org/10.1007/s00521-021-06401-z

Abstract:Phishing is an attack targeting to imitate the official websites of corporations such as banks, e-commerce, financial institutions, and governmental institutions. Phishing websites aim to access and retrieve users' important information such as personal identification, social security number, password, e-mail, credit card, and other account information. Several anti-phishing techniques have been developed to cope with the increasing number of phishing attacks so far. Machine learning and particularly, deep learning algorithms are nowadays the most crucial techniques used to detect and prevent phishing attacks because of their strong learning abilities on massive datasets and their state-of-the-art results in many classification problems. Previously, two types of feature extraction techniques [i.e., character embedding-based and manual natural language processing (NLP) feature extraction] were used in isolation. However, researchers did not consolidate these features and therefore, the performance was not remarkable. Unlike previous works, our study presented an approach that utilizes both feature extraction techniques. We discussed how to combine these feature extraction techniques to fully utilize from the available data. This paper proposes hybrid deep learning models based on long short-term memory and deep neural network algorithms for detecting phishing uniform resource locator and evaluates the performance of the models on phishing datasets. The proposed hybrid deep learning models utilize both character embedding and NLP features, thereby simultaneously exploiting deep connections between characters and revealing NLP-based high-level connections. Experimental results showed that the proposed models achieve superior performance than the other phishing detection models in terms of accuracy metric.

Cagatay Catal,Görkem Giray,Bedir Tekinerdogan,Sandeep Kumar,Suyash Shukla

DOI: https://doi.org/10.1007/s10115-022-01672-x

Abstract:Phishing attacks aim to steal confidential information using sophisticated methods, techniques, and tools such as phishing through content injection, social engineering, online social networks, and mobile applications. To avoid and mitigate the risks of these attacks, several phishing detection approaches were developed, among which deep learning algorithms provided promising results. However, the results and the corresponding lessons learned are fragmented over many different studies and there is a lack of a systematic overview of the use of deep learning algorithms in phishing detection. Hence, we performed a systematic literature review (SLR) to identify, assess, and synthesize the results on deep learning approaches for phishing detection as reported by the selected scientific publications. We address nine research questions and provide an overview of how deep learning algorithms have been used for phishing detection from several aspects. In total, 43 journal articles were selected from electronic databases to derive the answers for the defined research questions. Our SLR study shows that except for one study, all the provided models applied supervised deep learning algorithms. The widely used data sources were URL-related data, third party information on the website, website content-related data, and email. The most used deep learning algorithms were deep neural networks (DNN), convolutional neural networks, and recurrent neural networks/long short-term memory networks. DNN and hybrid deep learning algorithms provided the best performance among other deep learning-based algorithms. 72% of the studies did not apply any feature selection algorithm to build the prediction model. PhishTank was the most used dataset among other datasets. While Keras and Tensorflow were the most preferred deep learning frameworks, 46% of the articles did not mention any framework. This study also highlights several challenges for phishing detection to pave the way for further research.

Zainab Alshingiti,Rabeah Alaqel,Jalal Al-Muhtadi,Qazi Emad Ul Haq,Kashif Saleem,Muhammad Hamza Faheem

DOI: https://doi.org/10.3390/electronics12010232

IF: 2.9

2023-01-04

Electronics

Abstract:In terms of the Internet and communication, security is the fundamental challenging aspect. There are numerous ways to harm the security of internet users; the most common is phishing, which is a type of attack that aims to steal or misuse a user's personal information, including account information, identity, passwords, and credit card details. Phishers gather information about the users through mimicking original websites that are indistinguishable to the eye. Sensitive information about the users may be accessed and they might be subject to financial harm or identity theft. Therefore, there is a strong need to develop a system that efficiently detects phishing websites. Three distinct deep learning-based techniques are proposed in this paper to identify phishing websites, including long short-term memory (LSTM) and convolutional neural network (CNN) for comparison, and lastly an LSTM–CNN-based approach. Experimental findings demonstrate the accuracy of the suggested techniques, i.e., 99.2%, 97.6%, and 96.8% for CNN, LSTM–CNN, and LSTM, respectively. The proposed phishing detection method demonstrated by the CNN-based system is superior.

engineering, electrical & electronic,computer science, information systems,physics, applied

Tosin Ige,Christopher Kiekintveld,Aritran Piplai,Amy Waggler,Olukunle Kolade,Bolanle Hafiz Matti

2024-11-24

Abstract:Phishing is one of the most effective ways in which cybercriminals get sensitive details such as credentials for online banking, digital wallets, state secrets, and many more from potential victims. They do this by spamming users with malicious URLs with the sole purpose of tricking them into divulging sensitive information which is later used for various cybercrimes. In this research, we did a comprehensive review of current state-of-the-art machine learning and deep learning phishing detection techniques to expose their vulnerabilities and future research direction. For better analysis and observation, we split machine learning techniques into Bayesian, non-Bayesian, and deep learning. We reviewed the most recent advances in Bayesian and non-Bayesian-based classifiers before exploiting their corresponding weaknesses to indicate future research direction. While exploiting weaknesses in both Bayesian and non-Bayesian classifiers, we also compared each performance with a deep learning classifier. For a proper review of deep learning-based classifiers, we looked at Recurrent Neural Networks (RNN), Convolutional Neural Networks (CNN), and Long Short Term Memory Networks (LSTMs). We did an empirical analysis to evaluate the performance of each classifier along with many of the proposed state-of-the-art anti-phishing techniques to identify future research directions, we also made a series of proposals on how the performance of the under-performing algorithm can improved in addition to a two-stage prediction model

Cryptography and Security,Artificial Intelligence,Machine Learning

Faisal S. Alsubaei,Abdulwahab Ali Almazroi,Nasir Ayub

DOI: https://doi.org/10.1109/access.2024.3351946

IF: 3.9

2024-01-01

IEEE Access

Abstract:Protecting against interference is essential at a time when wireless communications are essential for sending large amounts of data. Our research presents a novel deep learning technique, the ResNeXt method and embedded Gated Recurrent Unit (GRU) model (RNT), rigorously developed for real-time phishing attack detection. Focused on countering the escalating threat of phishing assaults and bolstering digital forensics, our systematic approach involves SMOTE for managing data imbalance during initial data processing. The model’s discriminative capability is improved, particularly in the feature extraction process, when autoencoders and ResNet (EARN) are integrated with feature engineering. The ensemble technique of feature extraction reveals crucial data patterns. At the core of our AI categorization is the RNT model, optimized using hyperparameters through the Jaya optimization method (RNT-J). Rigorously tested on real phishing attack datasets, our AI model consistently outperforms state-of-the-art algorithms by a substantial margin of 11% to 19% while maintaining exceptional computing efficiency. Furthermore, our model achieves 98% accuracy, low false positive/false negative values, and a statistical execution time with a mean of 36.99s, median of 35.99s, minimum of 34.99s, maximum of 41.99s, and a standard deviation of 1.10s. Moreover, it demonstrates superior accuracy with SMOTE (98%) and without SMOTE (83%) compared to other algorithms. This state-of-the-art AI study, which focuses on digital forensics, offers enhanced security and optimized productivity for businesses and industries, signifying a breakthrough in the continuing battle against phishing attempts. Through strengthening protection against interference in wireless communication, our AI research strives to amplify data accessibility, resilience, and trustworthiness in the face of cybersecurity threats within the organizational context.

computer science, information systems,telecommunications,engineering, electrical & electronic

Mithün Paul,Genevieve Bartlett,Jelena Mirkovic,Marjorie Freedman

2024-05-21

Abstract:Enterprise security is increasingly being threatened by social engineering attacks, such as phishing, which deceive employees into giving access to enterprise data. To protect both the users themselves and enterprise data, more and more organizations provide cyber security training that seeks to teach employees/customers to identify and report suspicious content. By its very nature, such training seeks to focus on signals that are likely to persist across a wide range of attacks. Further, it expects the user to apply the learnings from these training on e-mail messages that were not filtered by existing, automatic enterprise security (e.g., spam filters and commercial phishing detection software). However, relying on such training now shifts the detection of phishing from an automatic process to a human driven one which is fallible especially when a user errs due to distraction, forgetfulness, etc. In this work we explore treating this type of detection as a natural language processing task and modifying training pipelines accordingly. We present a dataset with annotated labels where these labels are created from the classes of signals that users are typically asked to identify in such training. We also present baseline classifier models trained on these classes of labels. With a comparative analysis of performance between human annotators and the models on these labels, we provide insights which can contribute to the improvement of the respective curricula for both machine and human training.

Cryptography and Security

Khalifa Afane,Wenqi Wei,Ying Mao,Junaid Farooq,Juntao Chen

2024-11-21

Abstract:The escalating threat of phishing emails has become increasingly sophisticated with the rise of Large Language Models (LLMs). As attackers exploit LLMs to craft more convincing and evasive phishing emails, it is crucial to assess the resilience of current phishing defenses. In this study we conduct a comprehensive evaluation of traditional phishing detectors, such as Gmail Spam Filter, Apache SpamAssassin, and Proofpoint, as well as machine learning models like SVM, Logistic Regression, and Naive Bayes, in identifying both traditional and LLM-rephrased phishing emails. We also explore the emerging role of LLMs as phishing detection tools, a method already adopted by companies like NTT Security Holdings and JPMorgan Chase. Our results reveal notable declines in detection accuracy for rephrased emails across all detectors, highlighting critical weaknesses in current phishing defenses. As the threat landscape evolves, our findings underscore the need for stronger security controls and regulatory oversight on LLM-generated content to prevent its misuse in creating advanced phishing attacks. This study contributes to the development of more effective Cyber Threat Intelligence (CTI) by leveraging LLMs to generate diverse phishing variants that can be used for data augmentation, harnessing the power of LLMs to enhance phishing detection, and paving the way for more robust and adaptable threat detection systems.

Cryptography and Security,Artificial Intelligence