Exhaustive study on Detection of phishing practices and tactics

Due to the rapid development in the technologies related to the Internet, users have changed their preferences from conventional shop based shopping to online shopping, from office work to work from home and from personal meetings to web meetings. Along with the rapidly increasing number of users, Internet has also attracted many attackers, such as fraudsters, hackers, spammers and phishers, looking for their victims on the huge cyber space. Phishing is one of the basic cybercrimes, which uses anonymous structure of Internet and social engineering approach, to deceive users with the use of malicious phishing links to gather their private information and credentials. Identifying whether a web link used by the attacker is a legitimate or phishing link is a very challenging problem because of the semantics-based structure of the attack, used by attackers to trick users in to entering their personal information. There are a diverse range of algorithms with different methodologies that can be used to prevent these attacks. The efficiency of such systems may be influenced by a lack of proper choice of classifiers along with the types of feature sets. The purpose of this analysis is to understand the forms of phishing threats and the existing approaches used to deter them

Deep learning in phishing mitigation: a uniform resource locator-based predictive model

To mitigate the evolution of phish websites, various phishing prediction8 schemes are being optimized eventually. However, the optimized methods produce gratuitous performance overhead due to the limited exploration of advanced phishing cues. Thus, a phishing uniform resource locator-based predictive model is enhanced by this work to defeat this deficiency using deep learning algorithms. This model’s architecture encompasses pre-processing of the effective feature space that is made up of 60 mutual uniform resource locator (URL) phishing features, and a dual deep learning-based model of convolution neural network with bi-directional long short-term memory (CNN-BiLSTM). The proposed predictive model is trained and tested on a dataset of 14,000 phish URLs and 28,074 legitimate URLs. Experimentally, the performance outputs are remarked with a 0.01% false positive rate (FPR) and 99.27% testing accuracy

Phishing Webpage Classification via Deep Learning-Based Algorithms: An Empirical Study

This work was supported/funded by the Ministry of Higher Education under the Fundamental Research Grant Scheme (FRGS/1/2018/ICT04/UTM/01/1). The authors sincerely thank Universiti Teknologi Malaysia (UTM) under Research University Grant Vot-20H04, Malaysia Research University Network (MRUN) Vot 4L876, for the completion of the research. Faculty of Informatics and Management, University of Hradec Kralove, SPEV project Grant Number: 2102/2021.Phishing detection with high-performance accuracy and low computational complexity has always been a topic of great interest. New technologies have been developed to improve the phishing detection rate and reduce computational constraints in recent years. However, one solution is insufficient to address all problems caused by attackers in cyberspace. Therefore, the primary objective of this paper is to analyze the performance of various deep learning algorithms in detecting phishing activities. This analysis will help organizations or individuals select and adopt the proper solution according to their technological needs and specific applications’ requirements to fight against phishing attacks. In this regard, an empirical study was conducted using four different deep learning algorithms, including deep neural network (DNN), convolutional neural network (CNN), Long Short-Term Memory (LSTM), and gated recurrent unit (GRU). To analyze the behaviors of these deep learning architectures, extensive experiments were carried out to examine the impact of parameter tuning on the performance accuracy of the deep learning models. In addition, various performance metrics were measured to evaluate the effectiveness and feasibility of DL models in detecting phishing activities. The results obtained from the experiments showed that no single DL algorithm achieved the best measures across all performance metrics. The empirical findings from this paper also manifest several issues and suggest future research directions related to deep learning in the phishing detection domain.Ministry of Higher Education under the Fundamental Research Grant Scheme FRGS/1/2018/ICT04/UTM/01/1Universiti Teknologi Malaysia (UTM) Vot-20H04Malaysia Research University Network (MRUN) 4L876Faculty of Informatics and Management, University of Hradec Kralove, SPEV project 2102/2021

Deep Learning for Phishing Detection: Taxonomy, Current Challenges and Future Directions

This work was supported in part by the Ministry of Higher Education under the Fundamental Research Grant Scheme under Grant FRGS/1/2018/ICT04/UTM/01/1; and in part by the Faculty of Informatics and Management, University of Hradec Kralove, through SPEV project under Grant 2102/2022.Phishing has become an increasing concern and captured the attention of end-users as well as security experts. Existing phishing detection techniques still suffer from the de ciency in performance accuracy and inability to detect unknown attacks despite decades of development and improvement. Motivated to solve these problems, many researchers in the cybersecurity domain have shifted their attention to phishing detection that capitalizes on machine learning techniques. Deep learning has emerged as a branch of machine learning that becomes a promising solution for phishing detection in recent years. As a result, this study proposes a taxonomy of deep learning algorithm for phishing detection by examining 81 selected papers using a systematic literature review approach. The paper rst introduces the concept of phishing and deep learning in the context of cybersecurity. Then, taxonomies of phishing detection and deep learning algorithm are provided to classify the existing literature into various categories. Next, taking the proposed taxonomy as a baseline, this study comprehensively reviews the state-of-the-art deep learning techniques and analyzes their advantages as well as disadvantages. Subsequently, the paper discusses various issues that deep learning faces in phishing detection and proposes future research directions to overcome these challenges. Finally, an empirical analysis is conducted to evaluate the performance of various deep learning techniques in a practical context, and to highlight the related issues that motivate researchers in their future works. The results obtained from the empirical experiment showed that the common issues among most of the state-of-the-art deep learning algorithms are manual parameter-tuning, long training time, and de cient detection accuracy.Ministry of Higher Education under the Fundamental Research Grant Scheme FRGS/1/2018/ICT04/UTM/01/1Faculty of Informatics and Management, University of Hradec Kralove, through SPEV project 2102/202

Phishing Detection using Base Classifier and Ensemble Technique

Phishing attacks continue to pose a significant threat in today's digital landscape, with both individuals and organizations falling victim to these attacks on a regular basis. One of the primary methods used to carry out phishing attacks is through the use of phishing websites, which are designed to look like legitimate sites in order to trick users into giving away their personal information, including sensitive data such as credit card details and passwords. This research paper proposes a model that utilizes several benchmark classifiers, including LR, Bagging, RF, K-NN, DT, SVM, and Adaboost, to accurately identify and classify phishing websites based on accuracy, precision, recall, f1-score, and confusion matrix. Additionally, a meta-learner and stacking model were combined to identify phishing websites in existing systems. The proposed ensemble learning approach using stack-based meta-learners proved to be highly effective in identifying both legitimate and phishing websites, achieving an accuracy rate of up to 97.19%, with precision, recall, and f1 scores of 97%, 98%, and 98%, respectively. Thus, it is recommended that ensemble learning, particularly with stacking and its meta-learner variations, be implemented to detect and prevent phishing attacks and other digital cyber threats

GPT Semantic Networking: A Dream of the Semantic Web – The Time is Now

The book presents research and practical implementations related to natural language processing (NLP) technologies based on the concept of artificial intelligence, generative AI, and the concept of Complex Networks aimed at creating Semantic Networks. The main principles of NLP, training models on large volumes of text data, new universal and multi-purpose language processing systems are presented. It is shown how the combination of NLP and Semantic Networks technologies opens up new horizons for text analysis, context understanding, the formation of domain models, causal networks, etc. This book presents methods for creating Semantic Networks based on prompt engineering. Practices are presented that will help build semantic networks capable of solving complex problems and making revolutionary changes in the analytical activity. The publication is intended for those who are going to use large language models for the construction and analysis of semantic networks in order to solve applied problems, in particular, in the field of decision making.У книзі представлені дослідження та практичні реалізації технологій обробки природної мови (НЛП), заснованих на концепції штучного інтелект, генеративний ШІ та концепція складних мереж, спрямована на створення семантичних мереж. Представлено основні принципи НЛП, моделі навчання на великих обсягах текстових даних, нові універсальні та багатоцільові системи обробки мови. Показано, як поєднання технологій NLP і семантичних мереж відкриває нові горизонти для аналізу тексту, розуміння контексту, формування моделей домену, причинно-наслідкових мереж тощо. У цій книзі представлені методи створення семантичних мереж на основі оперативного проектування. Представлені практики, які допоможуть побудувати семантичні мережі, здатні вирішувати складні проблеми та вносити революційні зміни в аналітичну діяльність. Видання розраховане на тих, хто збирається використовувати велику мову моделі побудови та аналізу семантичних мереж з метою вирішення прикладних задач, зокрема, у сфері прийняття рішень

ALMA: ALgorithm Modeling Application

As of today, the most recent trend in information technology is the employment of large-scale data analytic methods powered by Artificial Intelligence (AI), influencing the priorities of businesses and research centers all over the world. However, due to both the lack of specialized talent and the need for greater compute, less established businesses struggle to adopt such endeavors, with major technological mega-corporations such as Microsoft, Facebook and Google taking the upper hand in this uneven playing field. Therefore, in an attempt to promote the democratization of AI and increase the efficiency of data scientists, this work proposes a novel no-code/low-code AI platform: the ALgorithm Modeling Application (ALMA). Moreover, as the state of the art of such platforms is still gradually maturing, current solutions often fail into encompassing security/safety aspects directly into their process. In that respect, the solution proposed in this thesis aims not only to achieve greater development and deployment efficiency while building machine learning applications but also to build upon others by addressing the inherent pitfalls of AI through a ”secure by design” philosophy.Atualmente, a tendência mais recente no domínio das tecnologias de informação e a utilização de métodos de análise de dados baseados em Inteligência Artificial (IA), influenciando as prioridades das empresas e centros de investigação de todo o mundo. No entanto, devido à falta de talento especializado no mercado e a necessidade de obter equipamentos com maior capacidade de computação, negócios menos estabelecidos têm maiores dificuldades em realizar esse tipo de investimentos quando comparados a grandes empresas tecnológicas como a Microsoft, o Facebook e a Google. Deste modo, na tentativa de promover a democratização da IA e aumentar a eficiência dos cientistas de dados, este trabalho propõe uma nova plataforma de no-code/low- code: “THe Algorithm Modeling Application” (ALMA). Por outro lado, e visto que a maioria das soluções atuais falham em abranger aspetos de segurança relativos ˜ a IA diretamente no seu processo, a solução proposta nesta tese visa não só alcançar maior eficiência na construção de soluções baseadas em IA, mas também abordar as questões de segurança implícitas ao seu uso

A Machine Learning Technique for Detection of Social Media Fake News

publishedVersio

Umělá inteligence v kybernetické bezpečnosti

Artifcial intelligence (AI) and machine learning (ML) have grown rapidly in recent years, and their applications in practice can be seen in many felds, ranging from facial recognition to image analysis. Recent developments in Artificial intelligence have a vast transformative potential for both cybersecurity defenders and cybercriminals. Anti-malware solutions adopt intelligent techniques to detect and prevent threats to the digital space. In contrast, cybercriminals are aware of the new prospects too and likely to adapt AI techniques to their operations. This thesis presents advances made so far in the field of applying AI techniques in cybersecurity for combating against cyber threats, to demonstrate how this promising technology can be a useful tool for detection and prevention of cyberattacks. Furthermore, the research examines how transnational criminal organizations and cybercriminals may leverage developing AI technology to conduct more sophisticated criminal activities. Next, the research outlines the possible dynamic new kind of malware, called X-Ware and X-sWarm, which simulates the swarm system behaviour and integrates the neural network to operate more efficiently as a background for the forthcoming anti-malware solution. This research proposes how to record and visualize the behaviour of these type of malware when it propagates through the file system, computer network (virus process is known) or by observed data analysis (virus process is not known and we observe only the data from the system). Finally, a paradigm of an anti-malware solution, named Multi agent antivirus system has been proposed in the thesis that gives the insight to develop a more robust, adaptive and flexible defence system.Význam umělé inteligence (AI) a strojového učení (ML) v posledních letech rychle rostl a na jejich aplikacích lze vidět, že v mnoha oblastech, od rozpoznávání obličeje až po analýzu obrazu, byl učiněn velký pokrok. Poslední vývoj v oblasti umělé inteligence má obrovský potenciál jak pro obránce v oblasti kybernetické bezpečnosti, tak pro ůtočníky. AI se stává řešením v otázce obrany proti modernímu malware a hraje tak důležitou roli v detekci a prevenci hrozeb v digitálním prostoru. Naproti tomu kyberzločinci jsou si vědomi nových vyhlídek ve spojení s AI a pravděpodobně přizpůsobí tyto techniky novým generacím malware, vektorům útoku a celkově jejich operacím. Tato práce představuje dosavadní pokroky aplikace technik AI v oblasti kybernetické bezpečnosti. V této oblasti tzn. v boji proti kybernetickým hrozbám se ukázuje jako slibná technologie a užitečný nástroj pro detekci a prevenci kybernetických útoků. V práci si rovněž pokládme otázku, jak mohou nadnárodní zločinecké organizace a počítačoví zločinci využít vyvíjející se technologii umělé inteligence k provádění sofistikovanějších trestných činností. Konečně, výzkum nastíní možný nový druh malware, nazvaný X-Ware, který simuluje chování hejnového systému a integruje neuronovou síť tak, aby fungovala efektivněji a tak se celý X-Ware a X-sWarm dal použít nejen jako kybernetická zbraň na útok, ale i jako antivirové obranné řešení. Tento výzkum navrhuje, jak zaznamenat a vizualizovat chování X-Ware, když se šíří prostřednictvím systému souborů, sítí a to jak analýzou jeho dynamiky (proces je znám), tak analýzou dat (proces není znám, pozorujeme jen data). Nakonec bylo v disertační práci navrženo paradigma řešení proti malwaru, jež bylo nazváno „Multi agent antivirus system“. Tato práce tedy poskytuje pohled na vývoj robustnějšího, adaptivnějšího a flexibilnějšího obranného systému.460 - Katedra informatikyvyhově

The Threat of Offensive AI to Organizations

AI has provided us with the ability to automate tasks, extract information from vast amounts of data, and synthesize media that is nearly indistinguishable from the real thing. However, positive tools can also be used for negative purposes. In particular, cyber adversaries can use AI to enhance their attacks and expand their campaigns. Although offensive AI has been discussed in the past, there is a need to analyze and understand the threat in the context of organizations. For example, how does an AI-capable adversary impact the cyber kill chain? Does AI benefit the attacker more than the defender? What are the most significant AI threats facing organizations today and what will be their impact on the future? In this study, we explore the threat of offensive AI on organizations. First, we present the background and discuss how AI changes the adversary’s methods, strategies, goals, and overall attack model. Then, through a literature review, we identify 32 offensive AI capabilities which adversaries can use to enhance their attacks. Finally, through a panel survey spanning industry, government and academia, we rank the AI threats and provide insights on the adversaries