Fighting internet fraud: anti-phishing effectiveness for phishing websites detection

Recently, the Internet has become a very important medium of communication. Many people go online and conduct a wide range of business. They can sell and buy goods, perform different banking activities and even participate in political and social elections by casting a vote online. The parties involved in any transaction never need to meet and a buyer can sometimes be dealing with a fraudulent business that does not actually exist. So, security for conducting businesses online is vital and critical. All security-critical applications (e.g. online banking login pages) that are accessed using the Internet are at the risk of fraud. A common risk comes from so-called Phishing websites, which have become a problem for online banking and e-commerce users. Phishing websites attempt to trick people into revealing their sensitive personal and security information in order for the fraudster to access their accounts. They use websites that look similar to those of legitimate organizations and exploit the end-user's lack of knowledge of web browser clues and security indicators. This thesis addresses the effectiveness of Phishing website detection. It reviews existing anti-Phishing approaches and then makes the following contributions. First of all, the research in this thesis evaluates the effectiveness of the current most common users' tips for detecting Phishing websites. A novel effectiveness criteria is proposed and used to examine every tip and rank it based on its effectiveness score, thus revealing the most effective tips to enable users to detect Phishing attacks. The most effective tips can then be used by anti-Phishing training approaches. Secondly, this thesis proposes a novel Anti-Phishing Approach that uses Training Intervention for Phishing Websites' Detection (APTIPWD) and shows that it can be easily implemented. Thirdly, the effectiveness of the New Approach (APTIPWD) is evaluated using a set of user experiments showing that it is more effective in helping users distinguish between legitimate and Phishing websites than the Old Approach of sending anti-Phishing tips by email. The experiments also address the issues of the effects of technical ability and Phishing knowledge on Phishing websites' detection. The results of the investigation show that technical ability has no effect whereas Phishing knowledge has a positive effect on Phishing website detection. Thus, there is need to ensure that, regardless their technical ability level (expert or non-expert), the participants do not know about Phishing before they evaluate the effectiveness of a new anti-Phishing approach. This thesis then evaluates the anti-Phishing knowledge retention of the New Approach users and compares it with the knowledge retention of users who are sent anti-Phishing tips by email

Investigation of Using CAPTCHA Keystroke Dynamics to Enhance the Prevention of Phishing Attacks

Phishing is a cybercrime that is increasing exponentially day by day. In phishing, a phisher employs social engineering and technology to misdirect victims towards revealing their personal information, which can then be exploited. Despite ongoing research to find effective anti-phishing solutions, phishing remains a serious security problem for Internet users. In this paper, an investigation of using CAPTCHA keystroke dynamics to enhance the prevention of phishing attacks was presented. A controlled laboratory experiment was conducted, with the results indicating the proposed approach as highly effective in protecting online services from phishing attacks. The results showed a 0% false-positive rate and 17.8% false-negative rate. Overall, the proposed solution provided a practical and effective way of preventing phishing attacks

Design and Implementation: An IoT-Framework-Based Automated Wastewater Irrigation System

Automation is being fueled by a multifaceted approach to technological advancements, which includes advances in artificial intelligence, robotics, sensors, and cloud computing. The use of automated, as opposed to conventional, systems, has become more popular in recent years. Modern agricultural technology has played an important role in the development of Saudi Arabia in addition to upgrading infrastructure and plans. Agriculture in Saudi Arabia is dependent upon wells, which are insufficient in terms of water supplies. Thus, irrigation is used for agricultural fields, depending on the soil type, and water is provided to the plants. Two essential elements are necessary for farming, the first is the ability to determine the soil’s fertility, and the second is the use of different technologies to reduce the dependence of water on electrical power and on/off schedules. The purpose of this study is to propose a system in which moisture sensors are placed under trees or plants. The gateway unit transmits sensor information to the controller, which then turns on the pump and recycles the water flow. A farmland’s water pump can be remotely controlled and parameters such as moisture and flow rate can be monitored using an HTTP dashboard. In order to evaluate the applicability of IOT-based automatic wastewater irrigation systems, a pilot test was conducted using the developed framework. Theoretically, such a system could be expanded by including any pre-defined selection parameters

Design and Implementation: An IoT-Framework-Based Automated Wastewater Irrigation System

Automation is being fueled by a multifaceted approach to technological advancements, which includes advances in artificial intelligence, robotics, sensors, and cloud computing. The use of automated, as opposed to conventional, systems, has become more popular in recent years. Modern agricultural technology has played an important role in the development of Saudi Arabia in addition to upgrading infrastructure and plans. Agriculture in Saudi Arabia is dependent upon wells, which are insufficient in terms of water supplies. Thus, irrigation is used for agricultural fields, depending on the soil type, and water is provided to the plants. Two essential elements are necessary for farming, the first is the ability to determine the soil’s fertility, and the second is the use of different technologies to reduce the dependence of water on electrical power and on/off schedules. The purpose of this study is to propose a system in which moisture sensors are placed under trees or plants. The gateway unit transmits sensor information to the controller, which then turns on the pump and recycles the water flow. A farmland’s water pump can be remotely controlled and parameters such as moisture and flow rate can be monitored using an HTTP dashboard. In order to evaluate the applicability of IOT-based automatic wastewater irrigation systems, a pilot test was conducted using the developed framework. Theoretically, such a system could be expanded by including any pre-defined selection parameters

Entice to Trap: Enhanced Protection against a Rate-Aware Intelligent Jammer in Cognitive Radio Networks

Anti-jamming in cognitive radio networks (CRN) is mainly accomplished using machine learning techniques in the domains of frequency, coding, power and rate. Jamming is a major threat to CRN because it can cause severe performance damage such as network isolation, network application interruption and even physical damage to infrastructure simple radio devices. With the improvement in communication technologies, the capabilities of adversaries are also increased. The intelligent jammer knows the rate at which users transmit data, which is based on the attractiveness factor of each user. The higher the data rate for a secondary user, the more attractive it is to the rate-aware jammer. In this paper, we present a dummy user in the network as a honeypot of the jammer to get the jammer’s attention. A new anti-jamming deceiving theoretical method based on rate modifications is introduced to increase the bandwidth efficiency of the entire cognitive radio-based communication system. We employ a defensive anti-jamming deception mechanism of the Pseudo Secondary User (PSU) to as an entice to trap the attacker by providing thus enhanced protection for the rest of the network from the impact of the attacker. Our analytical simulation results show a significant improvement in performance using the proposed solution. The utility of the proposed intelligent anti-jamming algorithm lies in its applications to support the secondary wireless sensor nodes

Enhanced Anomaly Detection System for IoT Based on Improved Dynamic SBPSO

The Internet of Things (IoT) supports human endeavors by creating smart environments. Although the IoT has enabled many human comforts and enhanced business opportunities, it has also opened the door to intruders or attackers who can exploit the technology, either through attacks or by eluding it. Hence, security and privacy are the key concerns for IoT networks. To date, numerous intrusion detection systems (IDS) have been designed for IoT networks, using various optimization techniques. However, with the increase in data dimensionality, the search space has expanded dramatically, thereby posing significant challenges to optimization methods, including particle swarm optimization (PSO). In light of these challenges, this paper proposes a method called improved dynamic sticky binary particle swarm optimization (IDSBPSO) for feature selection, introducing a dynamic search space reduction strategy and a number of dynamic parameters to enhance the searchability of sticky binary particle swarm optimization (SBPSO). Through this approach, an IDS was designed to detect malicious data traffic in IoT networks. The proposed model was evaluated using two IoT network datasets: IoTID20 and UNSW-NB15. It was observed that in most cases, IDSBPSO obtained either higher or similar accuracy even with less number of features. Moreover, IDSBPSO substantially reduced computational cost and prediction time, compared with conventional PSO-based feature selection methods

Deep Learning-Based Symptomizing Cyber Threats Using Adaptive 5G Shared Slice Security Approaches

In fifth Generation (5G) networks, protection from internal attacks, external breaches, violation of confidentiality, and misuse of network vulnerabilities is a challenging task. Various approaches, especially deep-learning (DL) prototypes, have been adopted in order to counter such challenges. For 5G network defense, DL module are recommended here in order to symptomize suspicious NetFlow data. This module behaves as a virtual network function (VNF) and is placed along a 5G network. The DL module as a cyber threat-symptomizing (CTS) unit acts as a virtual security scanner along the 5G network data analytic function (NWDAF) to monitor the network data. When the data were found to be suspicious, causing network bottlenecks and let-downs of end-user services, they were labeled as “Anomalous”. For the best proactive and adaptive cyber defense system (PACDS), a logically organized modular approach has been followed to design the DL security module. In the application context, improvements have been made to input features dimension and computational complexity reduction with better response times and accuracy in outlier detection. Moreover, key performance indicators (KPIs) have been proposed for security module placement to secure interslice and intraslice communication channels from any internal or external attacks, also suggesting an adaptive defense mechanism and indicating its placement on a 5G network. Among the chosen DL models, the CNN model behaves as a stable model during behavior analysis in the results. The model classifies botnet-labeled data with 99.74% accuracy and higher precision

Artificial intelligence-driven malware detection framework for internet of things environment

The Internet of Things (IoT) environment demands a malware detection (MD) framework for protecting sensitive data from unauthorized access. The study intends to develop an image-based MD framework. The authors apply image conversion and enhancement techniques to convert malware binaries into RGB images. You only look once (Yolo V7) is employed for extracting the key features from the malware images. Harris Hawks optimization is used to optimize the DenseNet161 model to classify images into malware and benign. IoT malware and Virusshare datasets are utilized to evaluate the proposed framework’s performance. The outcome reveals that the proposed framework outperforms the current MD framework. The framework generates the outcome at an accuracy and F1-score of 98.65 and 98.5 and 97.3 and 96.63 for IoT malware and Virusshare datasets, respectively. In addition, it achieves an area under the receiver operating characteristics and the precision-recall curve of 0.98 and 0.85 and 0.97 and 0.84 for IoT malware and Virusshare datasets, accordingly. The study’s outcome reveals that the proposed framework can be deployed in the IoT environment to protect the resources

Faults Feature Extraction Using Discrete Wavelet Transform and Artificial Neural Network for Induction Motor Availability Monitoring—Internet of Things Enabled Environment

Motivation: This paper presents the high contact resistance (HCR) and rotor bar faults by an extraction method for an induction motor using Discrete Wavelet Transform (DWT) and Artificial Neural Network (ANN). The root mean square (RMS) and mean features are obtained using DWT, and ANN is used for classification using activation functions. Activation provides output by assigning the specific input with respect to the transfer function according to the nature and type of the activation function. Method: The faulty conditions are induced using MATLAB by adopting the motor current signature analysis (MCSA) method to achieve current signature signals of the healthy and faulty motors. Results: The DWT technique has been applied to obtain fault-specific features of the average continuously varying signal (RMS) and an average of the data points (mean) at levels 5, 7, 8, and 9, followed by ANN to classify the faults for condition monitoring. Utility: The utility of the results is to reduce unscheduled downtime in the industry, thus saving revenue and reducing production losses. This work will help provide support to ensure early indication of faults in induction motors under operating conditions, enabling in-service engineers to take timely preventive measures as part of the availability of resources in IoT-enabled systems. Application: Resource availability and cybersecurity are becoming vital in an environment that supports the Internet of Things (IoT) as the essential components of Industry 4.0 scenarios. The novelty of this research lies in the implementation of high contact resistance and rotor bar faults using DWT and ANN with different activation functions to achieve accuracy up to 98%