A novel hybrid approach of SVM combined with NLP and probabilistic neural network for email phishing

Phishing attacks are one of the slanting cyber-attacks that apply socially engineered messages that are imparted to individuals from expert hackers going for tricking clients to uncover their delicate data, the most mainstream correspondence channel to those messages is through clients' emails. Phishing has turned into a generous danger for web clients and a noteworthy reason for money related misfortunes. Therefore, different arrangements have been created to handle this issue. Deceitful emails, also called phishing emails, utilize a scope of impact strategies to convince people to react, for example, promising a fiscal reward or summoning a feeling of criticalness. Regardless of far reaching alerts and intends to instruct clients to distinguish phishing sends, these are as yet a pervasive practice and a worthwhile business. The creators accept that influence, as a style of human correspondence intended to impact others, has a focal job in fruitful advanced tricks. Cyber criminals have ceaselessly propelling their techniques for assault. The current strategies to recognize the presence of such malevolent projects and to keep them from executing are static, dynamic and hybrid analysis. In this work we are proposing a hybrid methodology for phishing detection incorporating feature extraction and classification of the mails using SVM. At last, alongside the chose features, the PNN characterizes the spam mails from the genuine mails with more exactness and accuracy

SoK: Why Johnny Can't Fix PGP Standardization

Pretty Good Privacy (PGP) has long been the primary IETF standard for encrypting email, but suffers from widespread usability and security problems that have limited its adoption. As time has marched on, the underlying cryptographic protocol has fallen out of date insofar as PGP is unauthenticated on a per message basis and compresses before encryption. There have been an increasing number of attacks on the increasingly outdated primitives and complex clients used by the PGP eco-system. However, attempts to update the OpenPGP standard have failed at the IETF except for adding modern cryptographic primitives. Outside of official standardization, Autocrypt is a "bottom-up" community attempt to fix PGP, but still falls victim to attacks on PGP involving authentication. The core reason for the inability to "fix" PGP is the lack of a simple AEAD interface which in turn requires a decentralized public key infrastructure to work with email. Yet even if standards like MLS replace PGP, the deployment of a decentralized PKI remains an open issue

RAIDER: Reinforcement-aided Spear Phishing Detector

Spear Phishing is a harmful cyber-attack facing business and individuals worldwide. Considerable research has been conducted recently into the use of Machine Learning (ML) techniques to detect spear-phishing emails. ML-based solutions may suffer from zero-day attacks; unseen attacks unaccounted for in the training data. As new attacks emerge, classifiers trained on older data are unable to detect these new varieties of attacks resulting in increasingly inaccurate predictions. Spear Phishing detection also faces scalability challenges due to the growth of the required features which is proportional to the number of the senders within a receiver mailbox. This differs from traditional phishing attacks which typically perform only a binary classification between phishing and benign emails. Therefore, we devise a possible solution to these problems, named RAIDER: Reinforcement AIded Spear Phishing DEtectoR. A reinforcement-learning based feature evaluation system that can automatically find the optimum features for detecting different types of attacks. By leveraging a reward and penalty system, RAIDER allows for autonomous features selection. RAIDER also keeps the number of features to a minimum by selecting only the significant features to represent phishing emails and detect spear-phishing attacks. After extensive evaluation of RAIDER over 11,000 emails and across 3 attack scenarios, our results suggest that using reinforcement learning to automatically identify the significant features could reduce the dimensions of the required features by 55% in comparison to existing ML-based systems. It also improves the accuracy of detecting spoofing attacks by 4% from 90% to 94%. In addition, RAIDER demonstrates reasonable detection accuracy even against a sophisticated attack named Known Sender in which spear-phishing emails greatly resemble those of the impersonated sender.Comment: 16 page

Empirical Research Methods in Usable Privacy and Security

Researchers in the usable privacy and security (UPS) field study privacy- and security-relevant perceptions and behaviors and aim to design systems that simul- taneously address requirements for usability/user experience, security, and privacy. Human-computer interaction (HCI) and social science research methods are well-suited to study many of the types of questions that are relevant in UPS, which often involve concepts such as subjective experience, attitudes, understanding, behavior and behavior change. However, there are many challenges specific to UPS that are not usually described in more generic methods textbooks. We highlight techniques for risk representation, options for participant recruitment, ethics-related topics in study design, and biases that may play a role in UPS studies with human participants

Improving Authentication for Users via Better Understanding Password Use and Abuse

Passwords are our primary form of authentication. Yet passwords are a major vulnerability for computer systems due to their predictable nature, in fact Florêncio et al., conclude that human limitations makes what is often considered to be “proper password use” impossible [52]. It is vital we improve authentication with respect to both security and usability. The aim of this research is to investigate password use and abuse in order to improve authentication for users. We investigate circulated password advice that claims to help in this security fight. We find that it is contradictory, often at odds with best practice and research findings, and can be ambiguous and taxing on users. We complete a user study investigating user and administrator perceptions of the password advice collected. We leverage knowledge of security benefits, usability and organisation costs to investigate the trade-offs that exist when security advice is enforced. To improve password systems, effective and accurate information is needed regarding the prevalence of security vulnerabilities. We develop a guessability metric which produces guessing success results that are independent of the underlying distribution of the data. We use this to prove that small password breaches can lead to major vulnerabilities to entire cohorts of other users. We also demonstrate that a tailored learning algorithm can actively learn characteristics of the passwords it is guessing, and that it can leverage this information to improve its guessing. We demonstrate that characteristics such as nationality can be derived from data and used to improve guessing, this reduces security in an online environment and potentially leaks private information about cohorts of users. Finally, we design models to quantify the effectiveness of security policies. We demonstrate the value of the NIST 2017 guidelines. We find that if an organisation is willing to bear costs on themselves, they can significantly improve usability for their end-users, and simultaneously increase their security