Pishing Attacks in Network Security

In the last few decays, phishing tricks have swiftly grown posing enormous threat to worldwide Internet security. These days, phishing attacks are one of the utmost common and serious threats over internet whereas cyber attackers are trying to steal users personal information regarding their financial assets by using different malwares and social engineering. The usual way of phishing attacks use some electronic messaging like emails or by providing the links that appears to be legitimate sites but actually these sites are malicious and controlled by the attackers. To detect phishing attack at high accuracy is always a crucial and has been great issue of interest. Recently many detection techniques has been introduced which are specifically designed for the detection of phishing with extreme accuracy. In this report the phishing attacks are discuss with some of the techniques which are proposed in various literature

Flow whitelisting in SCADA networks

Supervisory Control And Data Acquisition (SCADA) networks are commonly deployed to aid the operation of large industrial facilities. Modern SCADA networks are becoming more vulnerable to network attacks, due to the now common use of standard communication protocols and increased interconnection to corporate networks and the Internet. In this work, we propose an approach to improve the security of these networks based on flow whitelisting. A flow whitelist describes the legitimate traffic solely using four properties of network packets: the client address, the server address, the server-side port, and the transport protocol. The proposed approach consists in learning a flow whitelist by capturing network traffic and aggregating it into flows for a given period of time. After this learning phase is complete, any non-whitelisted connection observed generates an alarm. The evaluation of the approach focuses on two important whitelist characteristics: size and stability. We demonstrate the applicability of the approach using real-world traffic traces, captured in two water treatment plants and a gas and electric utility

A framework for securing email entrances and mitigating phishing impersonation attacks

Emails are used every day for communication, and many countries and organisations mostly use email for official communications. It is highly valued and recognised for confidential conversations and transactions in day-to-day business. The Often use of this channel and the quality of information it carries attracted cyber attackers to it. There are many existing techniques to mitigate attacks on email, however, the systems are more focused on email content and behaviour and not securing entrances to email boxes, composition, and settings. This work intends to protect users' email composition and settings to prevent attackers from using an account when it gets hacked or hijacked and stop them from setting forwarding on the victim's email account to a different account which automatically stops the user from receiving emails. A secure code is applied to the composition send button to curtail insider impersonation attack. Also, to secure open applications on public and private devices

Reeling in Big Phish with a Deep MD5 Net

Phishing continues to grow as phishers discover new exploits and attack vectors for hosting malicious content; the traditional response using takedowns and blacklists does not appear to impede phishers significantly. A handful of law enforcement projects — for example the FBI\u27s Digital PhishNet and the Internet Crime and Complaint Center (ic3.gov) — have demonstrated that they can collect phishing data in substantial volumes, but these collections have not yet resulted in a significant decline in criminal phishing activity. In this paper, a new system is demonstrated for prioritizing investigative resources to help reduce the time and effort expended examining this particular form of online criminal activity. This research presents a means to correlate phishing websites by showing that certain websites are created by the same phishing kit. Such kits contain the content files needed to create the counterfeit website and often contain additional clues to the identity of the creators. A clustering algorithm is presented that uses collected phishing kits to establish clusters of related phishing websites. The ability to correlate websites provides law enforcement or other potential stakeholders with a means for prioritizing the allocation of limited investigative resources by identifying frequently repeating phishing offenders

Identification of Phishing Attacks using Machine Learning Algorithm

Phishing is a particular type of cybercrime that allows criminals to trick people and steal crucial data. The phishing assault has developed into a more complex attack vector since the first instance was published in 1990. Phishing is currently one of the most prevalent types of online fraud behavior. Phishing is done using a number of methods, such as through emails, phone calls, instant chats, adverts, pop-up windows on websites, and DNS poisoning. Phishing attacks can cause their victims to suffer significant losses, including the loss of confidential information, identity theft, businesses, and state secrets. By examining current phishing practises and assessing the state of phishing, this article seeks to assess these attacks. This article offers a fresh, in-depth model of phishing that takes into account attack stages, different types of attackers, threats, targets, attack media, and attacking strategies. Here, we categorise websites as real or phishing websites using machine learning techniques including Random Forest, XGBoost, and Logistic Regression. Additionally, the proposed anatomy will aid readers in comprehending the lifespan of a phishing attack, raising awareness of these attacks and the strategies employed as well as aiding in the creation of a comprehensive anti-phishing system