3,285 research outputs found
Analyzing Social and Stylometric Features to Identify Spear phishing Emails
Spear phishing is a complex targeted attack in which, an attacker harvests
information about the victim prior to the attack. This information is then used
to create sophisticated, genuine-looking attack vectors, drawing the victim to
compromise confidential information. What makes spear phishing different, and
more powerful than normal phishing, is this contextual information about the
victim. Online social media services can be one such source for gathering vital
information about an individual. In this paper, we characterize and examine a
true positive dataset of spear phishing, spam, and normal phishing emails from
Symantec's enterprise email scanning service. We then present a model to detect
spear phishing emails sent to employees of 14 international organizations, by
using social features extracted from LinkedIn. Our dataset consists of 4,742
targeted attack emails sent to 2,434 victims, and 9,353 non targeted attack
emails sent to 5,912 non victims; and publicly available information from their
LinkedIn profiles. We applied various machine learning algorithms to this
labeled data, and achieved an overall maximum accuracy of 97.76% in identifying
spear phishing emails. We used a combination of social features from LinkedIn
profiles, and stylometric features extracted from email subjects, bodies, and
attachments. However, we achieved a slightly better accuracy of 98.28% without
the social features. Our analysis revealed that social features extracted from
LinkedIn do not help in identifying spear phishing emails. To the best of our
knowledge, this is one of the first attempts to make use of a combination of
stylometric features extracted from emails, and social features extracted from
an online social network to detect targeted spear phishing emails.Comment: Detection of spear phishing using social media feature
A review of phishing email detection approaches with deep learning algorithm implementation
Phishing email is designed to mimics the legitimate emails to fool the victim into revealing their confidential
information for the phisher's benefit. There have been many approaches in detecting phishing emails but
the whole solution is still needed as the weaknesses of the previous and current approaches are being
manipulated by phishers to make phishing attack works. This paper provides an organized guide to present
the wide state of phishing attack generally and phishing email specifically. This paper also categorizes
machine learning into shallow learning and deep learning, followed by related works in each category with
their contributions and drawbacks. The main objective of this review is to uncover the utility of machine
learning in general, and deep learning in particular, in order to detect phishing email by studying the
literature. This will provide an insight of the phishing issue, the alternatives prior to the phishing email
detection and the contrast of machine learning and deep learning approaches in detecting phishing emails
RAIDER: Reinforcement-aided Spear Phishing Detector
Spear Phishing is a harmful cyber-attack facing business and individuals
worldwide. Considerable research has been conducted recently into the use of
Machine Learning (ML) techniques to detect spear-phishing emails. ML-based
solutions may suffer from zero-day attacks; unseen attacks unaccounted for in
the training data. As new attacks emerge, classifiers trained on older data are
unable to detect these new varieties of attacks resulting in increasingly
inaccurate predictions. Spear Phishing detection also faces scalability
challenges due to the growth of the required features which is proportional to
the number of the senders within a receiver mailbox. This differs from
traditional phishing attacks which typically perform only a binary
classification between phishing and benign emails. Therefore, we devise a
possible solution to these problems, named RAIDER: Reinforcement AIded Spear
Phishing DEtectoR. A reinforcement-learning based feature evaluation system
that can automatically find the optimum features for detecting different types
of attacks. By leveraging a reward and penalty system, RAIDER allows for
autonomous features selection. RAIDER also keeps the number of features to a
minimum by selecting only the significant features to represent phishing emails
and detect spear-phishing attacks. After extensive evaluation of RAIDER over
11,000 emails and across 3 attack scenarios, our results suggest that using
reinforcement learning to automatically identify the significant features could
reduce the dimensions of the required features by 55% in comparison to existing
ML-based systems. It also improves the accuracy of detecting spoofing attacks
by 4% from 90% to 94%. In addition, RAIDER demonstrates reasonable detection
accuracy even against a sophisticated attack named Known Sender in which
spear-phishing emails greatly resemble those of the impersonated sender.Comment: 16 page
Phishing-Attack, Detection and Prevention
Social Engineering is the process of deceiving people to reveal confidential information about themselves. There are various categories of Social Engineering, among which Phishing is the most frequently used attack nowadays; a new phishing site is created on the internet every 20 seconds and more than seventy percent of phishing emails are opened by their targets. From fraudulent emails to deploying malicious softwares on people\u27s computers, phishing has become one of the main concerns that bothers the common people. There are various types of phishing such as Vishing (voice phishing), Email phishing, Smishing (SMS phishing) and many more, out of which we are going to deal with the email phishing. Email phishing is the practice of getting emails with malicious intents. The initial effort involved simulating potential phishing attacks within a controlled setup leading to devising a solution on how to detect and prevent clicking on the malicious links by common netizens like us. The developed Machine Learning (ML) model was able to classify the vulnerable links with 97.88% training and 96.4% testing accuracies respectively. Overall, the work provides a comprehensive overview of the state-of-the-art in ML based phishing email detection, and highlights the potential of ML techniques to enhance the security of individuals and organizations against phishing attacks. Keywords : Social Engineering, Natural Language Processing, Sentimental analysis, Email Scams, CyberSecurity Automation, Individuals, Organizationshttps://ecommons.udayton.edu/stander_posters/3904/thumbnail.jp
Intelligent Security for Phishing Online using Adaptive Neuro Fuzzy Systems
Anti-phishing detection solutions employed in industry use blacklist-based approaches to achieve low false-positive rates, but blacklist approaches utilizes website URLs only. This study analyses and combines phishing emails and phishing web-forms in a single framework, which allows feature extraction and feature model construction. The outcome should classify between phishing, suspicious, legitimate and detect emerging phishing attacks accurately. The intelligent phishing security for online approach is based on machine learning techniques, using Adaptive Neuro-Fuzzy Inference System and a combination sources from which features are extracted. An experiment was performed using two-fold cross validation method to measure the system’s accuracy. The intelligent phishing security approach achieved a higher accuracy. The finding indicates that the feature model from combined sources can detect phishing websites with a higher accuracy. This paper contributes to phishing field a combined feature which sources in a single framework. The implication is that phishing attacks evolve rapidly; therefore, regular updates and being ahead of phishing strategy is the way forward
Framework for Phishing Detection in Email under Heave Using Conceptual Similarity
Today everything is available in online. Every day so many users start their online transactions. The main reason behind thisis number of alternatives and best deals are available there. They can choose according to their taste with cost effective manner. This is one side of a coin. The other side fully dealt with security problems and frauds in the online transactions. Among most of the online transactions email is the shortcut and flexible for both communication as well as for attack. So this paper mainly focuses on detection of phishing attacks and categorizes the emails based on specified and critical properties which give more information about the source of the phishing. In general most of the existing systems focus on email classification based on header part or body part. Most of the filters available today focus mainly on mail headers only. Sometimes this is not enough to detect the fraud. Some more studies focus on body part also. But they follow document clustering with term intensive similarity. First, to identify advanced phishing attacks blind term intensive similarity is not sufficient. Second, emails system is like online stream. So the nature of the phishing behavior may change time to time. In that case online learning is also required to handle concept drifts. This paper focuses on conceptual similarity along with term intensive similarity. We introduced a novel procedure named as “Framework for Phishing detection in email under heave using conceptual similarity†to adaptively classify the emails. Simulation results shows that our proposed approach effectively detect and isolate the emails with phishing attack by comparing underlying concept
Visual match of emails or landing pages to detect phishing
In a phishing attack, a perpetrator attempts to obtain the online credentials of a user by impersonating a trusted entity such as a bank, email service provider, etc. Sophisticated phishers attempt to deceive spam filters by structuring the visual look-and-feel of their fake emails to be nearly but not precisely identical to emails sent by a trusted entity, such that the spam filter allows the fake email to reach a user’s inbox.
This disclosure applies machine-learning based techniques to assess the visual similarity of genuine and phished emails (or landing pages) for a given brand. The techniques detect visual near-duplicates of a trusted entity’s email and thereby achieve resilience against adversarial attacks. The need for use of hand-crafted features to achieve visual-similarity match is eliminated, enabling accurate detection of new genres of phishing email as they surface
- …