Email is a channel of communication which is considered to be a confidential medium of communication for exchange of information among individuals and organisations. The confidentiality consideration about e-mail is no longer the case as attackers send malicious emails to users to deceive them into disclosing their private personal information such as username, password, and bank card details, etc. In search of a solution to combat phishing cybercrime attacks, different approaches have been developed. However, the traditional exiting solutions have been limited in assisting email users to identify phishing emails from legitimate ones. This paper reveals the different email and website phishing solutions in phishing attack detection. It first provides a literature analysis of different existing phishing mitigation approaches. It then provides a discussion on the limitations of the techniques, before concluding with an explorationin to how phishing detection can be improved.
AN INTELLIGENT CLASSIFICATION MODEL FOR PHISHING EMAIL DETECTIONIJNSA Journal
Phishing attacks are one of the trending cyber-attacks that apply socially engineered messages that are
communicated to people from professional hackers aiming at fooling users to reveal their sensitive
information, the most popular communication channel to those messages is through users’ emails. This
paper presents an intelligent classification model for detecting phishing emails using knowledge discovery,
data mining and text processing techniques. This paper introduces the concept of phishing terms weighting
which evaluates the weight of phishing terms in each email. The pre-processing phase is enhanced by
applying text stemming and WordNet ontology to enrich the model with word synonyms. The model applied
the knowledge discovery procedures using five popular classification algorithms and achieved a notable
enhancement in classification accuracy; 99.1% accuracy was achieved using the Random Forest algorithm
and 98.4% using J48, which is –to our knowledge- the highest accuracy rate for an accredited data set.
This paper also presents a comparative study with similar proposed classification techniques.
MALICIOUS URL DETECTION USING CONVOLUTIONAL NEURAL NETWORKijcseit
The World Wide Web has become an important part of our everyday life for information communication
and knowledge dissemination. It helps to transact information timely, rapidly and easily. Identifying theft
and identity fraud are referred as two sides of cyber-crime in which hackers and malicious users obtain the
personal data of existing legitimate users to attempt fraud or deception motivation for financial gain.
Malicious URLs host unsolicited content (spam, phishing, drive-by exploits, etc.) and lure unsuspecting
users to become victims of scams (monetary loss, theft of private information, and malware installation),
and cause losses of billions of dollars every year. To detect such crimes systems should be fast and precise
with the ability to detect new malicious content. Traditionally, this detection is done mostly through the
usage of blacklists. However, blacklists cannot be exhaustive, and lack the ability to detect newly generated
malicious URLs. To improve the generality of malicious URL detectors, machine learning techniques have
been explored with increasing attention in recent years. In this paper, I use a simple algorithm to detect
and predicting URLs it is good or bad and compared with two other algorithms to know (SVM, LR).
The International Journal of Engineering and Science (The IJES)theijes
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
An iac approach for detecting profile cloningIJNSA Journal
Nowadays, Online Social Networks (OSNs) are popular websites on the internet, which millions of users
register on and share their own personal information with others. Privacy threats and disclosing personal
information are the most important concerns of OSNs’ users. Recently, a new attack which is named
Identity Cloned Attack is detected on OSNs. In this attack the attacker tries to make a fake identity of a real
user in order to access to private information of the users’ friends which they do not publish on the public
profiles. In today OSNs, there are some verification services, but they are not active services and they are
useful for users who are familiar with online identity issues. In this paper, Identity cloned attacks are
explained in more details and a new and precise method to detect profile cloning in online social networks
is proposed. In this method, first, the social network is shown in a form of graph, then, according to
similarities among users, this graph is divided into smaller communities. Afterwards, all of the similar
profiles to the real profile are gathered (from the same community), then strength of relationship (among
all selected profiles and the real profile) is calculated, and those which have the less strength of
relationship will be verified by mutual friend system. In this study, in order to evaluate the effectiveness of
proposed method, all steps are applied on a dataset of Facebook, and finally this work is compared with
two previous works by applying them on the dataset.
AN INTELLIGENT CLASSIFICATION MODEL FOR PHISHING EMAIL DETECTIONIJNSA Journal
Phishing attacks are one of the trending cyber-attacks that apply socially engineered messages that are
communicated to people from professional hackers aiming at fooling users to reveal their sensitive
information, the most popular communication channel to those messages is through users’ emails. This
paper presents an intelligent classification model for detecting phishing emails using knowledge discovery,
data mining and text processing techniques. This paper introduces the concept of phishing terms weighting
which evaluates the weight of phishing terms in each email. The pre-processing phase is enhanced by
applying text stemming and WordNet ontology to enrich the model with word synonyms. The model applied
the knowledge discovery procedures using five popular classification algorithms and achieved a notable
enhancement in classification accuracy; 99.1% accuracy was achieved using the Random Forest algorithm
and 98.4% using J48, which is –to our knowledge- the highest accuracy rate for an accredited data set.
This paper also presents a comparative study with similar proposed classification techniques.
MALICIOUS URL DETECTION USING CONVOLUTIONAL NEURAL NETWORKijcseit
The World Wide Web has become an important part of our everyday life for information communication
and knowledge dissemination. It helps to transact information timely, rapidly and easily. Identifying theft
and identity fraud are referred as two sides of cyber-crime in which hackers and malicious users obtain the
personal data of existing legitimate users to attempt fraud or deception motivation for financial gain.
Malicious URLs host unsolicited content (spam, phishing, drive-by exploits, etc.) and lure unsuspecting
users to become victims of scams (monetary loss, theft of private information, and malware installation),
and cause losses of billions of dollars every year. To detect such crimes systems should be fast and precise
with the ability to detect new malicious content. Traditionally, this detection is done mostly through the
usage of blacklists. However, blacklists cannot be exhaustive, and lack the ability to detect newly generated
malicious URLs. To improve the generality of malicious URL detectors, machine learning techniques have
been explored with increasing attention in recent years. In this paper, I use a simple algorithm to detect
and predicting URLs it is good or bad and compared with two other algorithms to know (SVM, LR).
The International Journal of Engineering and Science (The IJES)theijes
The International Journal of Engineering & Science is aimed at providing a platform for researchers, engineers, scientists, or educators to publish their original research results, to exchange new ideas, to disseminate information in innovative designs, engineering experiences and technological skills. It is also the Journal's objective to promote engineering and technology education. All papers submitted to the Journal will be blind peer-reviewed. Only original articles will be published.
An iac approach for detecting profile cloningIJNSA Journal
Nowadays, Online Social Networks (OSNs) are popular websites on the internet, which millions of users
register on and share their own personal information with others. Privacy threats and disclosing personal
information are the most important concerns of OSNs’ users. Recently, a new attack which is named
Identity Cloned Attack is detected on OSNs. In this attack the attacker tries to make a fake identity of a real
user in order to access to private information of the users’ friends which they do not publish on the public
profiles. In today OSNs, there are some verification services, but they are not active services and they are
useful for users who are familiar with online identity issues. In this paper, Identity cloned attacks are
explained in more details and a new and precise method to detect profile cloning in online social networks
is proposed. In this method, first, the social network is shown in a form of graph, then, according to
similarities among users, this graph is divided into smaller communities. Afterwards, all of the similar
profiles to the real profile are gathered (from the same community), then strength of relationship (among
all selected profiles and the real profile) is calculated, and those which have the less strength of
relationship will be verified by mutual friend system. In this study, in order to evaluate the effectiveness of
proposed method, all steps are applied on a dataset of Facebook, and finally this work is compared with
two previous works by applying them on the dataset.
Physical and Cyber Crime Detection using Digital Forensic Approach: A Complet...IJARIIT
Criminalization may be a general development that has significantly extended in previous few years. In
order, to create the activity of the work businesses easy, use of technology is important. Crime investigation analysis
is a section records in data mining plays a crucial role in terms of predicting and learning the criminals. In our
paper, we've got planned an incorporated version for physical crime as well as cybercrime analysis. Our approach
uses data mining techniques for crime detection and criminal identity for physical crimes and digitized forensic tools
(DFT) for evaluating cybercrimes. The presented tool named as Comparative Digital Forensic Process tool
(CDFPT) is entirely based on digital forensic model and its stages named as Comparative Digital Forensic Process
Model (CDFPM). The primary step includes accepting the case details, categorizing the crime case as physical crime
or cybercrime and sooner or later storing the data in particular databases. For physical crime analysis we've used kmeans
approach cluster set of rules to make crime clusters. The k-means method effects are a lot advantageous by the
utilization of GMAPI generation. This provides advanced and consumer-friendly visual-aid to k-means approach for
tracing the region of the crime. we have applied KNN for criminal identification with the
help of observing beyond crimes and finding similar ones that suit this crime, if no past document is discovered then
the new crime sample are introduced to the crime data-set. With the advancements of web, the network form has
become much more complicated and attacking methods are further more than that as well. For crime analysis
we're detecting the attacks executed on host system through an outsider the usage of
assorted digitized forensic tools to produce information security with the help of generating reports for an
event which could need any investigation. Our digitized technique aids the development of the society
by helping the investigation businesses to follow a custom-built investigative technique in crime analysis and criminal
identification as opposed to manually looking the database to analyze criminal activities, and as a
result facilitate them in combating crimes.
A COMPARATIVE ANALYSIS OF DIFFERENT FEATURE SET ON THE PERFORMANCE OF DIFFERE...ijaia
Reducing the risk pose by phishers and other cybercriminals in the cyber space requires a robust and automatic means of detecting phishing websites, since the culprits are constantly coming up with new techniques of achieving their goals almost on daily basis. Phishers are constantly evolving the methods they used for luring user to revealing their sensitive information. Many methods have been proposed in past for phishing detection. But the quest for better solution is still on. This research covers the development of phishing website model based on different algorithms with different set of features in order to investigate the most significant features in the dataset
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
A novel hybrid approach of SVM combined with NLP and probabilistic neural ne...IJECEIAES
Phishing attacks are one of the slanting cyber-attacks that apply socially engineered messages that are imparted to individuals from expert hackers going for tricking clients to uncover their delicate data, the most mainstream correspondence channel to those messages is through clients' emails. Phishing has turned into a generous danger for web clients and a noteworthy reason for money related misfortunes. Therefore, different arrangements have been created to handle this issue. Deceitful emails, also called phishing emails, utilize a scope of impact strategies to convince people to react, for example, promising a fiscal reward or summoning a feeling of criticalness. Regardless of far reaching alerts and intends to instruct clients to distinguish phishing sends, these are as yet a pervasive practice and a worthwhile business. The creators accept that influence, as a style of human correspondence intended to impact others, has a focal job in fruitful advanced tricks. Cyber criminals have ceaselessly propelling their techniques for assault. The current strategies to recognize the presence of such malevolent projects and to keep them from executing are static, dynamic and hybrid analysis. In this work we are proposing a hybrid methodology for phishing detection incorporating feature extraction and classification of the mails using SVM. At last, alongside the chose features, the PNN characterizes the spam mails from the genuine mails with more exactness and accuracy.
Distributed Digital Artifacts on the Semantic WebEditor IJCATR
Distributed digital artifacts incorporate cryptographic hash values to URI called trusty URIs in a distributed environment
building good in quality, verifiable and unchangeable web resources to prevent the rising man in the middle attack. The greatest
challenge of a centralized system is that it gives users no possibility to check whether data have been modified and the communication
is limited to a single server. As a solution for this, is the distributed digital artifact system, where resources are distributed among
different domains to enable inter-domain communication. Due to the emerging developments in web, attacks have increased rapidly,
among which man in the middle attack (MIMA) is a serious issue, where user security is at its threat. This work tries to prevent MIMA
to an extent, by providing self reference and trusty URIs even when presented in a distributed environment. Any manipulation to the
data is efficiently identified and any further access to that data is blocked by informing user that the uniform location has been
changed. System uses self-reference to contain trusty URI for each resource, lineage algorithm for generating seed and SHA-512 hash
generation algorithm to ensure security. It is implemented on the semantic web, which is an extension to the world wide web, using
RDF (Resource Description Framework) to identify the resource. Hence the framework was developed to overcome existing
challenges by making the digital artifacts on the semantic web distributed to enable communication between different domains across
the network securely and thereby preventing MIMA.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
With the development and rapid growth in IT infrastructure, malicious code attacks are considered as the
main threat to cybersecurity. Malicious JavaScript’s which are intentionally crafted by the attackers inside the web page
over the web as an emerging security issue affecting millions of users. In past few years, a number of studies have been
conducted based on machine learning for detection of malicious JavaScript code attacks has demonstrated a poor
detection accuracy and increased performance overheads. In this paper, an effective interceptor approach for detection of
multivariate and novel malicious JavaScript’s based on deep learning is proposed and evaluated. Hybrid feature set based
on static and dynamic analysis were used. The dataset which was used in this study consists of 32,000 benign webpages
and 12,900 malicious pages. The experimental results show that this approach was able to detect 99.01% of new malicious
code variants.
International Journal of Computer Science and Information Security,IJCSIS ISSN 1947-5500, Pittsburgh, PA, USA
Email: ijcsiseditor@gmail.com
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Atta...CSCJournals
Phishing is a growing threat to Internet users and causes billions of dollars in damage every year. While there are a number of research articles that study the tactics, techniques and procedures employed by phishers in the literature, in this paper, we present a theoretical yet practical model to study this menacing threat in a formal manner. While it is common folklore knowledge that a successful phishing attack entails creating messages that are indistinguishable from the natural, expected messages by the intended victim, this concept has not been formalized. Our model attempts to capture a phishing attack in terms of this indistinguishability between the natural and phishing message probability distributions. We view the actions performed by a phisher as an attempt to create messages that are indistinguishable to the victim from that of “normal” messages. To the best of our knowledge, this is the first study that places phishing on a concrete theoretical framework and offers a new perspective to analyze this threat. We propose metrics to analyze the success probability of a phishing attack taking into account the input used by a phisher and the work involved in creating deceptive email messages. Finally, we study and apply our model to a new class of phishing attacks called collaborative spear phishing that is gaining momentum. Recent examples include Operation Woolen-Goldfish in 2015, Rocket Kitten in 2014 and Epsilon email breach in 2011. We point out fundamental flaws in the current email-based marketing business model which enables such targeted spear phishing collaborative attacks. In this sense, our study is very timely and presents new and emerging trends in phishing.
Secure system based on recombined fingerprints for sharing multimedia files i...eSAT Journals
Abstract In this paper the execution time is less when compared to previous algorithm. And also it provide security between the merchant and buyer The traitor tracing protocol is used to detect the illegal transaction. Here we used fingerprinting solution to avoid illegal redistribution of multimedia contents. Here we convert the multimedia video file into image then encrypting the image after the encrypted image will be transferred from merchant to buyer. The buyer receives the copyright protection from merchant, he decrypts the image then converts it into video. After that, the copyright protection of file is transferred to child buyer. Then tracing traitor protocol is used to checks the fingerprints for merchant to buyer and buyer to child buyer. Traitor tracing protocol is used to detect the illegal transaction of the content. The Blowfish algorithm is used to encrypt and decrypt the multimedia files. Finally we detect the performance of our work based on efficiency, accuracy and we achieve security. Keywords: Fingerprint, Multimedia files, Blowfish algorithm, Merchant, Buyer, Child Buyer, Copyright Protection
Access Policy Management For OSN Using Network RelationshipsIJMTST Journal
In the online social networks (OSN) users and resources are interconnected via various types of
relationships. The relationships are one-to-one, one-to-many, many-to-one, and many-to-many like that. Now
a day’s online social networks plays crucial role to monitor and to control the access of the resources. In the
OSN, online provider should be enabled to specify which access permission can be granted in terms of
existing relationships. In this work we used user-to-user relationship based access control model. Access
control policies decide which permissions can be granted to the requested users based on their requests and
we are using two path checking algorithms namely DFS and BFS to determine the path existence between
users as well as the requested user is authenticated user or not.
Social network has become so popular with overwhelming high rate of growth, due to this popularity the online social networks is facing the issues of spamming, which has leads to unsubstantial economic loss to this menace of spam and spammers activities. It has leads to uncontrollable dissemination of viruses and malwares, promotional ads, phishing, and scams. spam activities has enter a new dangerous dimension, the spammers have step up their games and tactics online social networks, it consumes large amounts of network bandwidth leading to less revenue and significant economic loss to both private and public sectors. From the previous scholars work on spammer classification taxonomy, various machine learning techniques have been extensively used to detect spam activities and spammers in online social networks. There are various classifier that are learn over content-based features extracted from the user's interactions and profiles to label them as spam/spammers or legitimate. But recently, new network structural bench mark features have been proposed for spammer detection task, but their importance using structural bench mark learning methods has not been extensively evaluated yet. In this research work, we evaluate the the metric performance of some structural bench mark learning methods using scientific and strategic approach based attributes extracted from an interaction network for the task of spammer detection in online social network.
A COMPARATIVE STUDY OF SOCIAL NETWORKING APPROACHES IN IDENTIFYING THE COVERT...ijwscjournal
This paper categories and compares various works done in the field of social networking for covert networks. It uses criminal network analysis to categorize various approaches in social engineering like dynamic network analysis, destabilizing covert networks, counter terrorism, key player, subgroup detection
and homeland security. The terrorist network has been taken for study because of its network of individuals who spread from continents to continents and have an effective influence of their ideology throughout the globe. It also presents various metrics based on which the centrality of nodes in the graphs could be
identified and it’s illustrated based on a synthetic dataset for 9/11 attack. This paper will also discuss various open problems in this area.
A comprehensive study of distributed Denial-of-Service attack with the detect...IJECEIAES
With the dramatic evolution in networks nowadays, an equivalent growth of challenges has been depicted toward implementing and deployment of such networks. One of the serious challenges is the security where wide range of attacks would threat these networks. Denial-of-Service (DoS) is one of the common attacks that targets several types of networks in which a huge amount of information is being flooded into a specific server for the purpose of turning of such server. Many research studies have examined the simulation of networks in order to observe the behavior of DoS. However, the variety of its types hinders the process of configuring the DoS attacks. In particular, the Distributed DoS (DDoS) is considered to be the most challenging threat to various networks. Hence, this paper aims to accommodate a comprehensive simulation in order to figure out and detect DDoS attacks. Using the well-known simulator technique of NS-2, the experiments showed that different types of DDoS have been characterized, examined and detected. This implies the efficacy of the comprehensive simulation proposed by this study.
AN INTELLIGENT CLASSIFICATION MODEL FOR PHISHING EMAIL DETECTIONIJNSA Journal
Phishing attacks are one of the trending cyber-attacks that apply socially engineered messages that are communicated to people from professional hackers aiming at fooling users to reveal their sensitive information, the most popular communication channel to those messages is through users’ emails. This paper presents an intelligent classification model for detecting phishing emails using knowledge discovery, data mining and text processing techniques. This paper introduces the concept of phishing terms weighting which evaluates the weight of phishing terms in each email. The pre-processing phase is enhanced by applying text stemming and WordNet ontology to enrich the model with word synonyms. The model applied the knowledge discovery procedures using five popular classification algorithms and achieved a notable enhancement in classification accuracy; 99.1% accuracy was achieved using the Random Forest algorithm and 98.4% using J48, which is –to our knowledge- the highest accuracy rate for an accredited data set. This paper also presents a comparative study with similar proposed classification techniques.
AN INTELLIGENT CLASSIFICATION MODEL FOR PHISHING EMAIL DETECTIONIJNSA Journal
Phishing attacks are one of the trending cyber-attacks that apply socially engineered messages that are communicated to people from professional hackers aiming at fooling users to reveal their sensitive information, the most popular communication channel to those messages is through users’ emails. This
paper presents an intelligent classification model for detecting phishing emails using knowledge discovery, data mining and text processing techniques. This paper introduces the concept of phishing terms weighting which evaluates the weight of phishing terms in each email. The pre-processing phase is enhanced by
applying text stemming and WordNet ontology to enrich the model with word synonyms. The model applied
the knowledge discovery procedures using five popular classification algorithms and achieved a notable
enhancement in classification accuracy; 99.1% accuracy was achieved using the Random Forest algorithm
and 98.4% using J48, which is –to our knowledge- the highest accuracy rate for an accredited data set. This paper also presents a comparative study with similar proposed classification techniques.
PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...ijistjournal
User ignorance towards the use of communication services like Instant Messengers, emails, websites, social networks etc. is becoming the biggest advantage for phishers. It is required to create technical awareness in users by educating them to create a phishing detection application which would generate phishing alerts for the user so that phishing messages are not ignored. The lack of basic security features to detect and prevent phishing has had a profound effect on the IM clients, as they lose their faith in e-banking and e-commerce transactions, which will have a disastrous impact on the corporate and banking sectors and businesses which rely heavily on the internet. Very little research contributions were available in for phishing detection in Instant messengers. A context based, dynamic and intelligent phishing detection methodology in IMs is proposed, to analyze and detect phishing in Instant Messages with relevance to domain ontology (OBIE) and utilizes the Classification based on Association (CBA) for generating phishing rules and alerting the victims. A PDS Monitoring system algorithm is used to identify the phishing activity during exchange of messages in IMs, with high ratio of precision and recall. The results have shown improvement by the increased percentage of precision and recall when compared to the existing methods.
Physical and Cyber Crime Detection using Digital Forensic Approach: A Complet...IJARIIT
Criminalization may be a general development that has significantly extended in previous few years. In
order, to create the activity of the work businesses easy, use of technology is important. Crime investigation analysis
is a section records in data mining plays a crucial role in terms of predicting and learning the criminals. In our
paper, we've got planned an incorporated version for physical crime as well as cybercrime analysis. Our approach
uses data mining techniques for crime detection and criminal identity for physical crimes and digitized forensic tools
(DFT) for evaluating cybercrimes. The presented tool named as Comparative Digital Forensic Process tool
(CDFPT) is entirely based on digital forensic model and its stages named as Comparative Digital Forensic Process
Model (CDFPM). The primary step includes accepting the case details, categorizing the crime case as physical crime
or cybercrime and sooner or later storing the data in particular databases. For physical crime analysis we've used kmeans
approach cluster set of rules to make crime clusters. The k-means method effects are a lot advantageous by the
utilization of GMAPI generation. This provides advanced and consumer-friendly visual-aid to k-means approach for
tracing the region of the crime. we have applied KNN for criminal identification with the
help of observing beyond crimes and finding similar ones that suit this crime, if no past document is discovered then
the new crime sample are introduced to the crime data-set. With the advancements of web, the network form has
become much more complicated and attacking methods are further more than that as well. For crime analysis
we're detecting the attacks executed on host system through an outsider the usage of
assorted digitized forensic tools to produce information security with the help of generating reports for an
event which could need any investigation. Our digitized technique aids the development of the society
by helping the investigation businesses to follow a custom-built investigative technique in crime analysis and criminal
identification as opposed to manually looking the database to analyze criminal activities, and as a
result facilitate them in combating crimes.
A COMPARATIVE ANALYSIS OF DIFFERENT FEATURE SET ON THE PERFORMANCE OF DIFFERE...ijaia
Reducing the risk pose by phishers and other cybercriminals in the cyber space requires a robust and automatic means of detecting phishing websites, since the culprits are constantly coming up with new techniques of achieving their goals almost on daily basis. Phishers are constantly evolving the methods they used for luring user to revealing their sensitive information. Many methods have been proposed in past for phishing detection. But the quest for better solution is still on. This research covers the development of phishing website model based on different algorithms with different set of features in order to investigate the most significant features in the dataset
Classification of Malware Attacks Using Machine Learning In Decision TreeCSCJournals
Predicting cyberattacks using machine learning has become imperative since cyberattacks have increased exponentially due to the stealthy and sophisticated nature of adversaries. To have situational awareness and achieve defence in depth, using machine learning for threat prediction has become a prerequisite for cyber threat intelligence gathering. Some approaches to mitigating malware attacks include the use of spam filters, firewalls, and IDS/IPS configurations to detect attacks. However, threat actors are deploying adversarial machine learning techniques to exploit vulnerabilities. This paper explores the viability of using machine learning methods to predict malware attacks and build a classifier to automatically detect and label an event as “Has Detection or No Detection”. The purpose is to predict the probability of malware penetration and the extent of manipulation on the network nodes for cyber threat intelligence. To demonstrate the applicability of our work, we use a decision tree (DT) algorithms to learn dataset for evaluation. The dataset was from Microsoft Malware threat prediction website Kaggle. We identify probably cyberattacks on smart grid, use attack scenarios to determine penetrations and manipulations. The results show that ML methods can be applied in smart grid cyber supply chain environment to detect cyberattacks and predict future trends.
A novel hybrid approach of SVM combined with NLP and probabilistic neural ne...IJECEIAES
Phishing attacks are one of the slanting cyber-attacks that apply socially engineered messages that are imparted to individuals from expert hackers going for tricking clients to uncover their delicate data, the most mainstream correspondence channel to those messages is through clients' emails. Phishing has turned into a generous danger for web clients and a noteworthy reason for money related misfortunes. Therefore, different arrangements have been created to handle this issue. Deceitful emails, also called phishing emails, utilize a scope of impact strategies to convince people to react, for example, promising a fiscal reward or summoning a feeling of criticalness. Regardless of far reaching alerts and intends to instruct clients to distinguish phishing sends, these are as yet a pervasive practice and a worthwhile business. The creators accept that influence, as a style of human correspondence intended to impact others, has a focal job in fruitful advanced tricks. Cyber criminals have ceaselessly propelling their techniques for assault. The current strategies to recognize the presence of such malevolent projects and to keep them from executing are static, dynamic and hybrid analysis. In this work we are proposing a hybrid methodology for phishing detection incorporating feature extraction and classification of the mails using SVM. At last, alongside the chose features, the PNN characterizes the spam mails from the genuine mails with more exactness and accuracy.
Distributed Digital Artifacts on the Semantic WebEditor IJCATR
Distributed digital artifacts incorporate cryptographic hash values to URI called trusty URIs in a distributed environment
building good in quality, verifiable and unchangeable web resources to prevent the rising man in the middle attack. The greatest
challenge of a centralized system is that it gives users no possibility to check whether data have been modified and the communication
is limited to a single server. As a solution for this, is the distributed digital artifact system, where resources are distributed among
different domains to enable inter-domain communication. Due to the emerging developments in web, attacks have increased rapidly,
among which man in the middle attack (MIMA) is a serious issue, where user security is at its threat. This work tries to prevent MIMA
to an extent, by providing self reference and trusty URIs even when presented in a distributed environment. Any manipulation to the
data is efficiently identified and any further access to that data is blocked by informing user that the uniform location has been
changed. System uses self-reference to contain trusty URI for each resource, lineage algorithm for generating seed and SHA-512 hash
generation algorithm to ensure security. It is implemented on the semantic web, which is an extension to the world wide web, using
RDF (Resource Description Framework) to identify the resource. Hence the framework was developed to overcome existing
challenges by making the digital artifacts on the semantic web distributed to enable communication between different domains across
the network securely and thereby preventing MIMA.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
With the development and rapid growth in IT infrastructure, malicious code attacks are considered as the
main threat to cybersecurity. Malicious JavaScript’s which are intentionally crafted by the attackers inside the web page
over the web as an emerging security issue affecting millions of users. In past few years, a number of studies have been
conducted based on machine learning for detection of malicious JavaScript code attacks has demonstrated a poor
detection accuracy and increased performance overheads. In this paper, an effective interceptor approach for detection of
multivariate and novel malicious JavaScript’s based on deep learning is proposed and evaluated. Hybrid feature set based
on static and dynamic analysis were used. The dataset which was used in this study consists of 32,000 benign webpages
and 12,900 malicious pages. The experimental results show that this approach was able to detect 99.01% of new malicious
code variants.
International Journal of Computer Science and Information Security,IJCSIS ISSN 1947-5500, Pittsburgh, PA, USA
Email: ijcsiseditor@gmail.com
http://sites.google.com/site/ijcsis/
https://google.academia.edu/JournalofComputerScience
https://www.linkedin.com/in/ijcsis-research-publications-8b916516/
http://www.researcherid.com/rid/E-1319-2016
An Indistinguishability Model for Evaluating Diverse Classes of Phishing Atta...CSCJournals
Phishing is a growing threat to Internet users and causes billions of dollars in damage every year. While there are a number of research articles that study the tactics, techniques and procedures employed by phishers in the literature, in this paper, we present a theoretical yet practical model to study this menacing threat in a formal manner. While it is common folklore knowledge that a successful phishing attack entails creating messages that are indistinguishable from the natural, expected messages by the intended victim, this concept has not been formalized. Our model attempts to capture a phishing attack in terms of this indistinguishability between the natural and phishing message probability distributions. We view the actions performed by a phisher as an attempt to create messages that are indistinguishable to the victim from that of “normal” messages. To the best of our knowledge, this is the first study that places phishing on a concrete theoretical framework and offers a new perspective to analyze this threat. We propose metrics to analyze the success probability of a phishing attack taking into account the input used by a phisher and the work involved in creating deceptive email messages. Finally, we study and apply our model to a new class of phishing attacks called collaborative spear phishing that is gaining momentum. Recent examples include Operation Woolen-Goldfish in 2015, Rocket Kitten in 2014 and Epsilon email breach in 2011. We point out fundamental flaws in the current email-based marketing business model which enables such targeted spear phishing collaborative attacks. In this sense, our study is very timely and presents new and emerging trends in phishing.
Secure system based on recombined fingerprints for sharing multimedia files i...eSAT Journals
Abstract In this paper the execution time is less when compared to previous algorithm. And also it provide security between the merchant and buyer The traitor tracing protocol is used to detect the illegal transaction. Here we used fingerprinting solution to avoid illegal redistribution of multimedia contents. Here we convert the multimedia video file into image then encrypting the image after the encrypted image will be transferred from merchant to buyer. The buyer receives the copyright protection from merchant, he decrypts the image then converts it into video. After that, the copyright protection of file is transferred to child buyer. Then tracing traitor protocol is used to checks the fingerprints for merchant to buyer and buyer to child buyer. Traitor tracing protocol is used to detect the illegal transaction of the content. The Blowfish algorithm is used to encrypt and decrypt the multimedia files. Finally we detect the performance of our work based on efficiency, accuracy and we achieve security. Keywords: Fingerprint, Multimedia files, Blowfish algorithm, Merchant, Buyer, Child Buyer, Copyright Protection
Access Policy Management For OSN Using Network RelationshipsIJMTST Journal
In the online social networks (OSN) users and resources are interconnected via various types of
relationships. The relationships are one-to-one, one-to-many, many-to-one, and many-to-many like that. Now
a day’s online social networks plays crucial role to monitor and to control the access of the resources. In the
OSN, online provider should be enabled to specify which access permission can be granted in terms of
existing relationships. In this work we used user-to-user relationship based access control model. Access
control policies decide which permissions can be granted to the requested users based on their requests and
we are using two path checking algorithms namely DFS and BFS to determine the path existence between
users as well as the requested user is authenticated user or not.
Social network has become so popular with overwhelming high rate of growth, due to this popularity the online social networks is facing the issues of spamming, which has leads to unsubstantial economic loss to this menace of spam and spammers activities. It has leads to uncontrollable dissemination of viruses and malwares, promotional ads, phishing, and scams. spam activities has enter a new dangerous dimension, the spammers have step up their games and tactics online social networks, it consumes large amounts of network bandwidth leading to less revenue and significant economic loss to both private and public sectors. From the previous scholars work on spammer classification taxonomy, various machine learning techniques have been extensively used to detect spam activities and spammers in online social networks. There are various classifier that are learn over content-based features extracted from the user's interactions and profiles to label them as spam/spammers or legitimate. But recently, new network structural bench mark features have been proposed for spammer detection task, but their importance using structural bench mark learning methods has not been extensively evaluated yet. In this research work, we evaluate the the metric performance of some structural bench mark learning methods using scientific and strategic approach based attributes extracted from an interaction network for the task of spammer detection in online social network.
A COMPARATIVE STUDY OF SOCIAL NETWORKING APPROACHES IN IDENTIFYING THE COVERT...ijwscjournal
This paper categories and compares various works done in the field of social networking for covert networks. It uses criminal network analysis to categorize various approaches in social engineering like dynamic network analysis, destabilizing covert networks, counter terrorism, key player, subgroup detection
and homeland security. The terrorist network has been taken for study because of its network of individuals who spread from continents to continents and have an effective influence of their ideology throughout the globe. It also presents various metrics based on which the centrality of nodes in the graphs could be
identified and it’s illustrated based on a synthetic dataset for 9/11 attack. This paper will also discuss various open problems in this area.
A comprehensive study of distributed Denial-of-Service attack with the detect...IJECEIAES
With the dramatic evolution in networks nowadays, an equivalent growth of challenges has been depicted toward implementing and deployment of such networks. One of the serious challenges is the security where wide range of attacks would threat these networks. Denial-of-Service (DoS) is one of the common attacks that targets several types of networks in which a huge amount of information is being flooded into a specific server for the purpose of turning of such server. Many research studies have examined the simulation of networks in order to observe the behavior of DoS. However, the variety of its types hinders the process of configuring the DoS attacks. In particular, the Distributed DoS (DDoS) is considered to be the most challenging threat to various networks. Hence, this paper aims to accommodate a comprehensive simulation in order to figure out and detect DDoS attacks. Using the well-known simulator technique of NS-2, the experiments showed that different types of DDoS have been characterized, examined and detected. This implies the efficacy of the comprehensive simulation proposed by this study.
AN INTELLIGENT CLASSIFICATION MODEL FOR PHISHING EMAIL DETECTIONIJNSA Journal
Phishing attacks are one of the trending cyber-attacks that apply socially engineered messages that are communicated to people from professional hackers aiming at fooling users to reveal their sensitive information, the most popular communication channel to those messages is through users’ emails. This paper presents an intelligent classification model for detecting phishing emails using knowledge discovery, data mining and text processing techniques. This paper introduces the concept of phishing terms weighting which evaluates the weight of phishing terms in each email. The pre-processing phase is enhanced by applying text stemming and WordNet ontology to enrich the model with word synonyms. The model applied the knowledge discovery procedures using five popular classification algorithms and achieved a notable enhancement in classification accuracy; 99.1% accuracy was achieved using the Random Forest algorithm and 98.4% using J48, which is –to our knowledge- the highest accuracy rate for an accredited data set. This paper also presents a comparative study with similar proposed classification techniques.
AN INTELLIGENT CLASSIFICATION MODEL FOR PHISHING EMAIL DETECTIONIJNSA Journal
Phishing attacks are one of the trending cyber-attacks that apply socially engineered messages that are communicated to people from professional hackers aiming at fooling users to reveal their sensitive information, the most popular communication channel to those messages is through users’ emails. This
paper presents an intelligent classification model for detecting phishing emails using knowledge discovery, data mining and text processing techniques. This paper introduces the concept of phishing terms weighting which evaluates the weight of phishing terms in each email. The pre-processing phase is enhanced by
applying text stemming and WordNet ontology to enrich the model with word synonyms. The model applied
the knowledge discovery procedures using five popular classification algorithms and achieved a notable
enhancement in classification accuracy; 99.1% accuracy was achieved using the Random Forest algorithm
and 98.4% using J48, which is –to our knowledge- the highest accuracy rate for an accredited data set. This paper also presents a comparative study with similar proposed classification techniques.
PHISHING DETECTION IN IMS USING DOMAIN ONTOLOGY AND CBA – AN INNOVATIVE RULE ...ijistjournal
User ignorance towards the use of communication services like Instant Messengers, emails, websites, social networks etc. is becoming the biggest advantage for phishers. It is required to create technical awareness in users by educating them to create a phishing detection application which would generate phishing alerts for the user so that phishing messages are not ignored. The lack of basic security features to detect and prevent phishing has had a profound effect on the IM clients, as they lose their faith in e-banking and e-commerce transactions, which will have a disastrous impact on the corporate and banking sectors and businesses which rely heavily on the internet. Very little research contributions were available in for phishing detection in Instant messengers. A context based, dynamic and intelligent phishing detection methodology in IMs is proposed, to analyze and detect phishing in Instant Messages with relevance to domain ontology (OBIE) and utilizes the Classification based on Association (CBA) for generating phishing rules and alerting the victims. A PDS Monitoring system algorithm is used to identify the phishing activity during exchange of messages in IMs, with high ratio of precision and recall. The results have shown improvement by the increased percentage of precision and recall when compared to the existing methods.
OPTIMIZING HYPERPARAMETERS FOR ENHANCED EMAIL CLASSIFICATION AND FORENSIC ANA...IJNSA Journal
Electronic mail, commonly known as email, is a crucial technology that enables streamlined operations and communications in corporate environments. Empowering swift and dependable transactions, email is a driving force behind heightened productivity and organizational effectiveness. However, its versatility also renders it susceptible to misuse by cybercriminals engaging in activities such as hacking, spoofing, phishing, email bombing, whaling, and spamming. As a result, effective and efficient data analysis is important in avoiding and detecting cyber-attacks and crime on times. To overcome the above challenges, a novel approach named Aquila Optimization (AO) is used in this paper to find the best set of hyperparameters of the Stacked Auto Encoder (SAE) classifier. The purpose of increasing the hyperparameters of the SAE using the AO is to obtain a higher text classification accuracy. Then the optimized SAE classifies the selected features into different classes. The experimental results showed that the proposed AO-SAE model outperforms the existing models such as Logistic Regression (LR) and Long Short-Term Model based Gated Current Unit (LSTM based GRU) in terms of Accuracy.
Phishing URL Detection using LSTM Based Ensemble Learning ApproachesIJCNCJournal
Increasing incidents of phishing attacks tempt a significant challenge for cybersecurity personals. Phishing is a deceitful venture with an intention to steal confidential information of an organization or an individual. Many works have been performed to build anti-phishing solutions over the years, but attackers are coming with new manoeuvres from time to time. Many of the existing techniques are experimented based on limited set of URLs and dependent on other software to collect domain related information of the URLs. In this paper, with an aim to build a more accurate and effective phishing attack detection system, we used the concept of ensemble learning using Long Short-Term Memory (LSTM) models. We proposed ensemble of LSTM models using bagging approach and stacking approach. For performing classification using LSTM method, no separate feature extraction is done. Ensemble models are built integrating the predictions of multiple LSTM models. Performances of proposed ensemble LSTM methods are compared with five different machine learning classification methods. To implement these machine learning algorithms, different URL based lexical features are extracted. Mutual Information based feature selection algorithm is used to select more relevant features to perform classifications. Both the bagging and the stacking approaches of ensemble learning using LSTM models outperform other machine learning techniques. The results are compared with other anti-phishing solutions implemented using deep learning methods. Our approaches have proved to be the more accurate one with a low false positive rate of less than 0.15% performed comparatively on a larger dataset.
PHISHING URL DETECTION USING LSTM BASED ENSEMBLE LEARNING APPROACHESIJCNCJournal
Increasing incidents of phishing attacks tempt a significant challenge for cybersecurity personals. Phishing
is a deceitful venture with an intention to steal confidential information of an organization or an
individual. Many works have been performed to build anti-phishing solutions over the years, but attackers
are coming with new manoeuvres from time to time. Many of the existing techniques are experimented
based on limited set of URLs and dependent on other software to collect domain related information of the
URLs. In this paper, with an aim to build a more accurate and effective phishing attack detection system,
we used the concept of ensemble learning using Long Short-Term Memory (LSTM) models. We proposed
ensemble of LSTM models using bagging approach and stacking approach. For performing classification
using LSTM method, no separate feature extraction is done. Ensemble models are built integrating the
predictions of multiple LSTM models. Performances of proposed ensemble LSTM methods are compared
with five different machine learning classification methods. To implement these machine learning
algorithms, different URL based lexical features are extracted. Mutual Information based feature selection
algorithm is used to select more relevant features to perform classifications. Both the bagging and the
stacking approaches of ensemble learning using LSTM models outperform other machine learning
techniques. The results are compared with other anti-phishing solutions implemented using deep learning
methods. Our approaches have proved to be the more accurate one with a low false positive rate of less
than 0.15% performed comparatively on a larger dataset.
User identification based on short text using recurrent deep learningIAESIJAI
Technological development is a revolutionary process by this time, it is mainly depending on electronic applications in our daily routines like (business management, banking, financial transfers, health, and other essential traits of life). Identification or approving identity is one of the complicated issues within online electronic applications. Person’s writing style can be employed as an identifying biological characteristic in order to recognize the identity. This paper presents a new way for identifying a person in a social media group using comments and based on the Deep Neural Network. The text samples are short text comments collected from Telegram group in Arabic language (Iraqi dialect). The proposed model is able to extract the person's writing style features in group comments based on pre-saved dataset. The analysis of this information and features forms the identification decision. This model exhibits a range of prolific and favorable results, the accuracy that comes with the proposed system reach to 92.88% (+/-0.16%).
CERT STRATEGY TO DEAL WITH PHISHING ATTACKScsandit
Every day, internet thieves employ new ways to obtain personal identity people and get access
to their personal information. Phishing is a somehow complex method that has recently been
considered by internet thieves. First, the present study aims to explain phishing, and why an
organization should deal with it and its challenges of providing. In addition, different kinds of
this attack and classification of security approaches for organizational and lay users are
addressed in this article. Finally, the CERT strategy – which relies on three principles of
informing, supporting and helping- is presented to deal with phishing and studying some antiphishing.
Phishing detection in ims using domain ontology and cba an innovative rule ...ijistjournal
User ignorance towards the use of communication services like Instant Messengers, emails, websites, social networks etc. is becoming the biggest advantage for phishers. It is required to create technical awareness in users by educating them to create a phishing detection application which would generate phishing alerts for the user so that phishing messages are not ignored. The lack of basic security features to detect and prevent phishing has had a profound effect on the IM clients, as they lose their faith in e-banking and e-commerce transactions, which will have a disastrous impact on the corporate and banking sectors and businesses which rely heavily on the internet.Very little research contributions were available in for phishing detection in Instant messengers. A context
based, dynamic and intelligent phishing detection
methodology in IMs is proposed, to analyze and detect phishing in Instant Messages with relevance to domain ontology (OBIE) and utilizes the Classification based on Association (CBA) for generating phishing rules and alerting the victims. A PDS Monitoring system algorithm is used to identify the phishing activity during exchange of messages in IMs, with high ratio of precision and recall. The results have shown improvement by the increased percentage of precision and recall when compared to the existing methods.
SQL Vulnerability Prevention in Cybercrime using Dynamic Evaluation of Shell and Remote File Injection Attacks R. Ravi,
Department of Computer Science & Engineering,
Francis Xavier Engineering College, Tamil Nadu, India
Dr. Beulah Shekhar,
Department of Criminology,
Manonmanium Sundaranar University, Tamil Nadu, India
Contemporary Cyber Security Social Engineering Solutions, Measures, Policies,...CSCJournals
Social engineering is a major threat to organizations as more and more companies digitize operations and increase connectivity through the internet. After defining social engineering and the problems it presents, this study offers a critical review of existing protection measures, tools, and policies for organizations to combat cyber security social engineering. Through a systematic review of recent studies published on the subject, our analysis identifies the need to provide training for employees to ensure they understand the risks of social engineering and how best to avoid becoming a victim. Protection measures include awareness programs, training of non-technical staff members, new security networks, software usage, and security protocols to address social engineering threats.
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
A multi classifier prediction model for phishing detectioneSAT Journals
Abstract Phishing is the technique of stealing personal and sensitive information from an email client by sending emails that impersonates like the ones from some trustworthy organizations. Phishing mails are a specific type of spam mails; however the effects of them are much more terrible than alternate sorts. Mostly the phishing attackers aim the clients of the financial organizations, so its detection needs high priority. Lots of research activities are done to detect the phished emails, in the proposed methodology a multi-classifier prediction model is introduced for detecting phished emails. Our contention is that solitary classifier prediction might not be satisfactory to urge the clearest picture of the phishing email; multi-classifier prediction has accuracy 99.8% with an FP rate of 0.8%. Keywords: Phishing email detection, Machine learning techniques, Multi-classifier prediction model, Majority voting
Social media websites are becoming more prevalent on the Internet. Sites, such as Twitter, Facebook, and Instagram, spend significantly more of their time on users online. People in social media share thoughts, views, and facts and create new acquaintances. Social media sites supply users with a great deal of useful information. This enormous quantity of social media information invites hackers to abuse data. These hackers establish fraudulent profiles for actual people and distribute useless material. The material on spam might include commercials and harmful URLs that disrupt natural users. This spam content is a massive problem in social networks. Spam identification is a vital procedure on social media networking platforms. In this paper, we have proposed a spam detection artificial intelligence technique for Twitter social networks. In this approach, we employed a vector support machine, a neural artificial network, and a random forest technique to build a model. The results indicate that, compared with RF and ANN algorithms, the suggested support vector machine algorithm has the greatest precision, recall, and Fmeasure. The findings of this paper would be useful in monitoring and tracking social media shared photos for the identification of inappropriate content and forged images and to safeguard social media from digital threats and attacks.
Similar to PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY (20)
Hierarchical Digital Twin of a Naval Power SystemKerry Sado
A hierarchical digital twin of a Naval DC power system has been developed and experimentally verified. Similar to other state-of-the-art digital twins, this technology creates a digital replica of the physical system executed in real-time or faster, which can modify hardware controls. However, its advantage stems from distributing computational efforts by utilizing a hierarchical structure composed of lower-level digital twin blocks and a higher-level system digital twin. Each digital twin block is associated with a physical subsystem of the hardware and communicates with a singular system digital twin, which creates a system-level response. By extracting information from each level of the hierarchy, power system controls of the hardware were reconfigured autonomously. This hierarchical digital twin development offers several advantages over other digital twins, particularly in the field of naval power systems. The hierarchical structure allows for greater computational efficiency and scalability while the ability to autonomously reconfigure hardware controls offers increased flexibility and responsiveness. The hierarchical decomposition and models utilized were well aligned with the physical twin, as indicated by the maximum deviations between the developed digital twin hierarchy and the hardware.
Explore the innovative world of trenchless pipe repair with our comprehensive guide, "The Benefits and Techniques of Trenchless Pipe Repair." This document delves into the modern methods of repairing underground pipes without the need for extensive excavation, highlighting the numerous advantages and the latest techniques used in the industry.
Learn about the cost savings, reduced environmental impact, and minimal disruption associated with trenchless technology. Discover detailed explanations of popular techniques such as pipe bursting, cured-in-place pipe (CIPP) lining, and directional drilling. Understand how these methods can be applied to various types of infrastructure, from residential plumbing to large-scale municipal systems.
Ideal for homeowners, contractors, engineers, and anyone interested in modern plumbing solutions, this guide provides valuable insights into why trenchless pipe repair is becoming the preferred choice for pipe rehabilitation. Stay informed about the latest advancements and best practices in the field.
Water scarcity is the lack of fresh water resources to meet the standard water demand. There are two type of water scarcity. One is physical. The other is economic water scarcity.
PHISHING MITIGATION TECHNIQUES: A LITERATURE SURVEY
1. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.2, March 2021
DOI: 10.5121/ijnsa.2021.13205 63
PHISHING MITIGATION TECHNIQUES: A
LITERATURE SURVEY
Wosah Peace Nmachi and Thomas Win
School of Computing & Engineering University of Gloucestershire, Park Campus,
Cheltenham GL50 2RH United Kingdom
ABSTRACT
Email is a channel of communication which is considered to be a confidential medium of communication
for exchange of information among individuals and organisations. The confidentiality consideration about
e-mail is no longer the case as attackers send malicious emails to users to deceive them into disclosing
their private personal information such as username, password, and bank card details, etc. In search of a
solution to combat phishing cybercrime attacks, different approaches have been developed. However, the
traditional exiting solutions have been limited in assisting email users to identify phishing emails from
legitimate ones. This paper reveals the different email and website phishing solutions in phishing attack
detection. It first provides a literature analysis of different existing phishing mitigation approaches. It then
provides a discussion on the limitations of the techniques, before concluding with an explorationin to how
phishing detection can be improved.
KEYWORDS
Cyber-security, Phishing Email Attack, Deep Learning, Stylometric Analysis, Cyber Human Behaviour
1. INTRODUCTION
Phishing is one of the specific types of social engineering attacks that are well known globally for
bypassing deploy technical defenses by manipulating object characteristics such as system
applications or platforms to deceive, rather than directly attack the targeted user (Ryan & George,
2015). It is common among other security threats, use as the initial step to gain access to an
electronic device for further exploitation without the user awareness. Phishers deceive people and
obtain secret information [1], such as usernames, passwords, credit card numbers, and IDs from a
victim[36]. It targets the human element of cyber-securitywhich[37]account for 95% of cyber
incidents and is used as the initial stages usedin cyber-security breaches [38],[21],[39].According
to the UK Cyber-security and Strategy 2016-2021 and world statistics, almost all the successful
cyber-attacks have a contributing human influence [40] which is to say that cyber-security is not
just about the technology as human knowledge on security is also required for cyber-security
stability. When an email gets to a user email-box, it is the user that reads and responds to it and
where a malicious email is ignored by the user the attack is killed instantly and no loss. The
security of cyber environment is not stable as attackers are messing the environment up at will
making the goal of cyber-security look like it is unachievable. There have been different
countermeasures which have been proposed to mitigate phishing attacks. However, these
solutions have not achieved the expected decrease of phishing attacks due to the fact that the
human security factors that phishers exploit often have not received an easy to use and identify
phishing emails among genuine ones[17]. Human contributions in form of knowledge will go a
long way in curbing cyber-attacks asknowledgeis said to be power. Therefore, thetrainingusers
approach has been adopted by many organisations and research [16], [42] with the aim of
improving the human knowledge on cyber-security through raising awareness. However,
2. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.2, March 2021
64
retention of the knowledge gained is a challenge to this approach as users seem to forget some of
the knowledge and information related to security awareness [21][22]. Therefore, email users
need to be assisted in identifying phishing emails. This paper provides a literature review of the
different approaches and techniques which are proposed in existing research in phishing
detection.
This paper is organized as follows: Section 2talks about thestate of the art of the different
phishing detection approaches in existing research. Section 3 discusses the strengths and
limitations of each approach in this research and Section 4concludes the paper.
2. STATE OF THE ART
The increase in phishing attacks attracted much attention of researchers to this area of interest. To
mitigate phishing attacks the existing approaches can be categorised into four groups namely:
stylometric analysis, rule-based, classification-based, and user education. Figure 1 provides a
graphical overview of how a topical phishing attack operates.
Figure 1.Overview of a phishing attack
3. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.2, March 2021
65
2.1. Stylometric Analysis
The stylometric analysis involves analyzing the unique writing behaviour and linguistic styles of
users to ascertain authorship. It assumes that an individual author displays a specific writing habit
that will be captured as features, such as phraseology, core vocabulary usage, and sentence
complexity [4]. In[6] their work presented a model to detect spear-phishing emails which the
authors sent to employees of 14 international organisations, by using a combination of
stylometric features extracted from email subjects, bodies, and attachments, andsocial features
from LinkedIn profiles and according to the evaluated results, both achieved an overall accuracy
of 97.76% in detecting spear-phishing emails. However, email features achieved a slightly better
accuracy of 98.28% without the social features. It was noted that the features obtained from
LinkedIn did not help in identifying spear-phishing emails. The approach proposed in
[22]clearlyinformed the users of possible mismatches between the writing styles of a received
email body and of trusted authors by going through the email received and study the email body
itself to capture the writing style of the sender. The experimental implementation was conducted
using the source-code authorship technique, called Source Code Author Profiles (SCAP), and the
dataset used for the assessment was created from email messages extracted from 12 authors’
email inbox which amounted to 289 emails and it gave an accuracy of 87% of authorship
prediction accuracy of email messages. This SCAP method used in this framework gave a high
false negative rate as it is originally designed for software source codes authorship. Hence, the
authors suggested the use of alternative methods as no mandated specific method is tied to the
implementation of this work. The framework complemented the user ID-based authentication
techniques and further enhanced the security in an easy to use manner. In[23] their work mined
the writing styles of email users from a collection of e-mails written by multiple unknown
authors. The whole idea behind their work is to first cluster the anonymous e-mails by the
stylometric features and then extract the writing style of authors from each cluster. They argued
that the presented problem together with their proposed solution is different from the traditional
problem of authorship, which assumes training data is always available for building classifiers.
The proposed technique specifically helps out in the initial stage of investigating any case
involving anonymous emails, in which the investigator has little information on the case and the
authors of the suspicious email. The experiment conducted on a real dataset suggested that
clustering by writing style is a promising approach for grouping emails authored by the same
user.
In [3]a novel automated approach to defend users against spear-phishing attacksispresented. This
approach involves building probabilistic models of both email metadata and stylometric features
of email content using natural language processing. Subsequent emails are compared to these
models which are developed using a Support Vector Machine for classification. [2]improved it by
combining stylometric features, gender features, and personality features.Their approach uses
feature extraction to build and keep an identity profile model of a sender; hence subsequent
emails of the sender are compared against the profile, and in a case where the profile of an
uncertain email is consistent with the legitimate profile of the sender, the sender of the uncertain
email is identified as legitimate and the email is considered normal mail. However, if the profile
of an uncertain email is inconsistent with the legitimate profile of the sender, the sender is
masked, and the email is classified asaspear-phishing email. The experimental result showed the
detection accuracy of 95.05% using the Enron email dataset which was gathered through
theaCognitive Assistant that Learns and Organizes (CALO) project.The stylometric analysis
focuses on the email sender’s writing pattern and the mail sender is discriminated based on the
similarity of mails characterized with stylometric features.
4. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.2, March 2021
66
2.2. Rule-Based Approaches
Rule-basedsolutions include Blacklist and Whitelist technologies: both blacklist and whitelist are
used to prevent phishing attacks by keeping a dataset of trusted and untrusted websites[19], and
email addresses. Blacklists block content based on pre-defined malicious IP address, Universal
Resource Allocator (URL), email address and a few keywords, as well as user behaviours such as
click, update, provide, follow, link, etc. With blacklist, every requested URL and sender
addressesare being compared to a listed phishing blacklist and where an internet user tries to visit
a fake website which is already known or exiting in the blacklist, the web browser stops the user
from visiting by denying access, and unsolicited emails are blocked by blacklist based on fake
sender addresses.Whitelists on the other hand only keep list of trusted websites and user can only
be allowed to access a website which is approved to be a legitimate site[19].Whitelistsrecognise
trusted sender email addresses as well. Both whitelists and blacklists perform well with a well-
known or identified phishing website, etc. A trusted website which is not listed in the whitelist
and a user tries to access it the whitelistwill consider it to be a phishing site because it is not
known by the whitelist making the false negative rate of this approach to be very high. DNS-
based blacklist, this approach blacklists a range of IP addresses and domain names [5]. Google
Safe Browsing API provides a blacklist and browser blocks page if there are any hits
[12].PhishNet exploits the observation that attackers frequently employ simple modifications,
changing top level domain to URLs. The authors in their work proposed five heuristics to
enumerate simple combinations of known phishing websites to discover new phishing URLs and
applied a matching algorithm to analyze a URL by taking it apart into multiple components that
are matched individually against all entries in the blacklist [44]. Spoof Guard detects spoofed
pages based on URLs with the help of set rules [43]. Domain-level authentication is utilised by
sending Domain Key, and for it to work both sides, sender and receiver must use the same
technology[45]. Sender ID is implemented on Microsoft sender ID and it works when both sides
have the same technology. It is used at domain level authentication for sending Domain Key [24].
PhishGuard: with this, phishing websites do not respond correctly while requesting
credentials.Phish-wish: it is a stateless phishing channel using negligible principle, it has low
false positive [25]. The rule-based approaches are among the earliest solutions which are
proposed for spam detection [47].This approach performs well on known set rules. However, it
has high false alarm rates and its difficulty in updating rules in case of big data is also a challenge
to this approach [2].Therefore, a research in the area of rule-based to reduce the time it takes to
update rules would definitely help in combat phishing attack as black and whitelists have proven
to be effective approaches to phishing attacks but the manual updating did not help it, hence a
need for automatic rule update system in the organizations for the safety of the users.
2.3. Classification-Based Approaches
Classification-based solutions involve using machine learning techniques such as classification or
clustering for phishing detection. A classification approach featuring Support Vector
Machine(SVM) is used to develop a classification model using structural properties found in
Mail Transfer Agent (MTA) and Mail User Agent(MUA) [20][7].Theproposed approach
intercepts each ongoing email and checks for any phishing attribute and characteristic using the
trained SVM classifier. Similarly [18]also adopted the idea of using an SVM to read the email
messages and explore the email attributes and characteristics furthermore to detect spear-phishing
emails. K-Nearest Neighbour (KNN)is used to rank emails as either spam, ham, or phishing. It
detects emails based on similarities in k-sample phishing emails[5]. Decision Tree Algorithm
(DTA) is implemented to detect malicious attachment files of phishing websites in the email
bodies to prevent the user from falling for such attack [8]. To detect phishing attacks, [19]
combined the reinforcement learning with neural network approach for the classification of
5. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.2, March 2021
67
emails. In [26]Natural Language Processing (NLP) is usedto detect phishing emails. The authors
focused their approach on the natural language text in the attack to perform a semantic analysis of
the email textin order to detect malicious intend. [27], proposed a real-time phishing detection
system, which uses seven different classification algorithms, such as, Random Forest, Naive
Bayes, Adaboost, k-Nearest Neighbours (kNN), K-star, Decision Tree, and Sequential Minimal
Optimisation (SMO)andNatural Language Processing (NLP) based features.[46], proposed a
semantic-based classification approach to improve the spam detection accuracy. The authors
composed this approach in two stages where the first stage classifies contents of email by subject
domains, and the second stage builds domain-specific semantic features on which spam
classification is carried out. The authors used and compared different machine learning
classification algorithms and the best classifier giving the most precise email classification is
identified. The experimental results of this approach have shown to outperformed several existing
methods based on Bag of Word (BoW) and latent semantic analysis.
CANTINA Searches top Term Frequency-Inverse Document Frequency (TF-IDF) in Search
Engine (SE) like Goggleand finds current URLs in the top list. It has a high false positive rate
when Term Frequency (TF) of any other term is high [28] as only the top N-terms with highest
values are used to represent any document. Visual similaritycomparison is considered to be an
effective anti-phishing approach for phishing attack detection by comparing the visual
appearance and similarity between the spoofed site andaphishing webpage using, images
embedded in the page, features-text pieces, and visual appearance of the page are considered for
comparing the similarity. However, it compares only content on the websites and has a high false
positive rate [29]. In [33]an anti-phishing approach is proposed which uses deep semantic
analysis, and used both machine learning, and deep learning techniques, to capture inherent
users’ email texts and classify them as either phishing or legitimate email. The result of their
work shows that deep learning models performed a little better than the machine learning models.
Apart fromtheSupport Vector Machine which the accuracy was lightly better with word phrasing
than without word phrasing. It was found that the context of the email language is important in
identifying phishing emails from legitimate ones.Jain and Gupta [34] proposed a client-side and
no third-party services required approach to detect phishing attacks by analysing the hyperlinks
found in the HTML source code of the website. It is language-independent and can detect
websites written in any textual language. The approach used hyperlink features and grouped the
features into 12 different categories and used the same features to train the machine algorithms.
The methodisevaluatedonvarious classification algorithms using legitimate and non-legitimate
websites dataset to see which classifier achieves a better result and logistic regression classifier
was stated to have achieved a better accuracy of 98.42% which is more than other classifiers in
the detection of phishing websites.In[35]a deep-spam-phish-net, a framework for phishing and
spam detectionisproposed. The framework has two sub-modules. The first sub-module detects
phishing and spam emails and the second sub-module detects phishing and spam URLs using
various deep learning architectures for both Phishing and Spam detection with emails and URL
data sources. They used various datasets collected from both public and private data sources and
the datasets were used for experiments with deep learning architectures. All the experiments
conducted ran to 1,000 epochs with different learning rates ranging from 0.01 to 0.5.
Classical machine learning algorithms and deep learning architectures are compared in the
conversion of text data into numeric representation and various natural language processing text
representation methods were used. The performances of machine learning and deep learning
architectures algorithms were evaluated in each module and in most of the cases it showed that
the deep learning architectures outperformed the machine learning algorithms when compared.
However, this work was focused on phishing and spam emails and URLs detections in cyber-
6. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.2, March 2021
68
security. Machine learning technique can effectively detect phishing emails by deleting or adding
the features extracted from the email. Attackers utilise email services like Yahoo, Gmail, etc. to
achieve communication with malware using Domain Generation Algorithms to generate new
domain names [31]. However, deep learning architectures are being applied for the Domain
Generation Algorithm (DGA) detection to mitigate theattack[32]. Although some of the machine
learning types require a large amount of dataset and computational power for better performance,
such as deep learning architectures. Knowing that deep learning can learn from a vast amount of
data is a good thing and it can be used to tackle the issues of phishing attacks just as some recent
researches have used it and when compared with traditional machine learning, deep learning
actually outperformed the traditional machine. Seeing the way phishing attack is affecting
organisation security by stealing information from them and downloading malware into their
system, and making online customers to have less trust on e-commerce, deep learning is a sure
way out of this problem. And with the fact that businesses are moving to virtual world because of
the pandemic, the need to protect internet users’ security is paramount.
2.4. User Education
Alongside technical solutions, user education is one of the approaches used to combat cyber
threats such as phishing attacks [9] by improving users’ ability to detect phishing attempts [10] in
order to avoid it when the trained users get confronted by either phishing emails or URLs.
According to[16] ordinary web browsing users are not aware of how phishing attacks start or how
to visually recognize illegitimate webpage from legitimate ones. In [13] a phishing detection
application called NoPhish to detect phishing URLs is proposed. It is an application, where the
users can lose or win points and the result showed promising at the time of the research.
However, it is only useful to the users and knowledge retention is also a challenge to this
approach. Therefore, the researchers in[11]developedHuman-as-a-Security-Sensor (HaaSS)
which uses the ability of human-users as sensors that can detect and report information (security
threats) accordingly and the users’ reports are encouraged and taking into account to strengthen
organisation cyber-security awareness. The user education technique helps internet users to be
aware of the circumstances about phishing attacks, that they may be able to minimise or avoid
this risk, perhaps stop it as early as possible [16]. However, it is found that users’ knowledge
retention is a general challenge to the user-educationapproaches[21], and the internet users need
to be up to date about the new kinds of attackandalso need to read a significant amount [19]of
educative security information to be safe online. In addition, there is high monetary cost demand
with this approach [41]. Therefore, a solution that can mitigate phishing attacks without internet
users’ intervention is what organizations need to keep their customers secured in the internet
space.
Existing literature works have discussed humans’ inability to interact with the systems to be one
of the major reasons why people still fall for phishing attacks [14],[15], and the existing solutions
have not achieved the expected decrease of phishing attacks because the human security factors
that phishers exploit often have not received an easy to use and identify phishing email[17]. Also,
a phishing website is known forits short life span. It lasts normally about two days by leveraging
DGA (Domain Generation Algorithms), which makes the phisher to disappear immediately the
fraud is committed, and because of this reason, law enforcement finds it difficult to achieve its
aim [16]. According to [17], email users are not well assisted by email clients in identifying
phishing emails and advised that email clients should consider using feedback mechanisms to
present security-related aspects to the users to make them aware of the characteristics of phishing
attacks. The email users however need all the assistance possible from their email clients to avoid
phishing attack because when a phishing attack occurs, all the technical protection systems
deployed cannot stop a user from disclosing requested information to the phisher over the phone
or email.
7. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.2, March 2021
69
3. CRITICAL EVALUATION
Table 1. Summary of existing approaches and their strengths/limitations
Approaches Strengths Limitations
Stylometric Analysis -Reveals identity
-Useful for spear phishing
and whaling phishing
attacks detection
-Change in writing could
cause misclassification
-Small email size affects
accuracy
Rule-Based Approach -Performs well on known
set rules
-Easy to manage
-It has high false alarm rate
-Difficulty in updating rules
Classification-Based
Approach
-Can effectively detect
phishing emails
-Can catch newly created
phishing URLs
-It requires a large amount
of data and high
computational power
User Education -Improves users’ ability to
detect phishing emails
-It educates novice users
about phishing attacks
-Lack of knowledge
retention
-It attracts expense
StylometricAnalysisis an identity revealer as it involves analysing the unique writing behaviours
and linguistic styles of users to ascertain authorship. It assumes that an individual author displays
a specific writing habit that will be captured as features, such as phraseology, core vocabulary
usage and sentence complexity [4].Spear-phishing and whalingare more akin to impersonation
and identity hiding type of cyber-attacks which makes it harder to identify by users when trapped
in this kind of attack. In order to reveal the impersonators’ true identity, the use of stylometry
approach is a good step to unmask the attackersby displaying their writing
behavioursimmediately without delay. Therefore, the use of stylometric to fight phishing attacks
is very much in order[3]. However, the approach has only been used much in authorship
identifications. The stylometric analysis approach in email focuses on the email sender’s writing
pattern and the mail sender is discriminated based on the similarity of mails characterised with
stylometric features. Therefore, where a user’s writing pattern changed it could cause
misclassification of mail.An intelligent system that can identify a user’sdifferent written styles
would go a long way toward mitigating phishing attacks. Therefore, more research is highly
required in this area and availability of big email datasets should also beconsidered for the use of
better classifiers for better results
Rule-based approacheswork based on set rules and the approach mainly focused on blacklist and
heuristic-bases. Blacklists always compare a requested URL to the existing URLs in the lists, and
where there is a match the browser sends a warning to the user not to consent to the request, and
if there isno match, blacklists consider it genuine even when it is harmful because blacklists are
limited in deleting newly created phishing websites. The limitations of blacklists brought about
the heuristic-based approach andthe heuristic-based approaches came with the ability to
recognize newly phishing websites which blacklist is not able to do[30], and the ability of the
heuristic-based improved the rule-based method of combating phishing attacks. In general, the
rule-based approaches perform well on known set rules. However, it has high false alarm rates
and its difficulty in updating rules in case of big data is also a challenge to this approach [2]. The
updating issue with rule-based approaches if solved would reduce if not eliminated the false-
alarm rate of this approach and the performance accuracy would as well increase. Therefore,
more research in this area using Deep Learning (DL) should be considered to improve this
approach and enhance cyber-security.
8. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.2, March 2021
70
The most now use approach is classification-based approach. It involves using machine learning
techniques such as classification or clustering for phishing detection. The machine learning
techniques can effectively detect phishing emails by deleting or adding the features extracted
from the email. However, the features are manually selected which is one of the limitations of
machine learning techniques, and Deep Learning which is a subfield of machine learning,
requires a large amount of data for better results but it does not require manual feature
engineering and can catch newly created phishing URLs. Deep Learning delivers what it
promised when there is a big dataset to apply the Deep classifiers on.It has proven to perform
well than the known traditional methods. However, its performance is still tied to a large amount
of data and this single issue of data has limited the use of it because ofdata needed for and
suitable to a problem a user intends to solve at a particular time.
Having seen the human contributions to the successful phishing attacks, the user education
approach is introduced and used as one of the approaches needed to combat cyber threats such as
phishing attacks [9] by improving users’ ability to detect phishing emails and websites to
overcome the attack.The email users however need all the assistance available from their email
clients to avoid phishing attacks because when a phishing attack occurs, all the technical
protection systems deployed cannot stop a user from disclosing personal sensitive information to
the phisher over the phone or email, and of course, this attack cannot be successful without
human. Therefore, much attention on human element of cyber-security is required to avoid this
attack. Educating users’ regularly is a good step but that would still not be enough if the same
users are not tested on a regular basis which is costlierfortheorganisation.
Therefore, there is a need to adopt a holistic approach to mitigating phishing attacks because with
that every security factor would be improved and secured.
4. CONCLUSION
The existing phishing mitigation techniques are reviewed in thispaper.Based on the literature
reviewed, it can be seen as it is evident that the existing solutions have not achieved the expected
decrease of phishing attacks due to the fact that the human security factors that phishers exploit
often have not received an easy to use and identify phishing email. Users fall for this attack as
ordinary web browsing users are not aware of how phishing attacks start or how to visually
recognize illegitimate websites to differentiate them from legitimate ones[16]. The existing
solutions are either residing in the serversor installed in the users’ system and what the systems
do are not known to the user, only the decision of the system would determine whether the user
will continue or not, such as blacklist and whitelist which checks the requested URL by
comparing it to what is listed in. However, with the identified downside of Blacklist, it cannot
detect correctly if the URL is not listed and in such cases, the users still believe this system
because the decision of the system is not visible to them. The user education technique which
was introduced to help novice users to be aware of the circumstances of phishing attacks, that
they may be able to minimise or avoid this risk, perhaps stop it as early as possible, also has a
limitation in that, users’ knowledge retention on what is taught about phishing attack and how to
protect themselves from such attack. Therefore, phishing detection research should be geared
towards users ease of use and identify phishing attack by developing a system that can display
originality and malicious nature of both email and website. An intelligent system that can handle
every factor of cyber-security should be considered. Improving the rule-based approach using
Deep Learning should be considered to improve its detection.Researchers should focus on
stylometric approach to reveal authors of emails that go to users ‘inboxes. This paper reveals both
the email and website phishing solution in phishing attack detection and provides a literature
analysis of different existing phishing mitigation approaches.
9. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.2, March 2021
71
REFERENCES
[1] Leite C., Gondim J. J. C., Barreto P. S., and Alchieri E. A., (2019). Waste flooding: A phishing
retaliation tool
[2] Xiujuan W., Chenxi Z., Kangfeng Z., Haoyang T., &Yuanrui T.(2019)detecting spear-phishing
emails based on authentication
[3] Duman S, Kalkan-Cakmakci K, Egele M. (2016)EmailProfiler: Spear phishing filtering with header
and stylometric features of emails.
[4] Calix K., Connors M., Levy D., Manzar H., McCabe G., & Westcott S. (2008). Stylometry for E-mail
author identification and authentication
[5] Gupta B. B., Arachchilage N A.G., &Psannis K. E. (2018).Defending against phishing attacks:
taxonomy of methods, current issues and future direction
[6] Dewan P, Kashyap A, &Kumaraguru P. (2014). Analysingsocial and stylometric features to identify
spear phishing emails
[7] AbahussainO. &Harrath Y. (2019). Detection of malicious emails through regular expressions and
databases
[8] Helmi R. A. A., Ren C. S.&Jamal A. (2019). Email anti-phishing detection application
[9] Asanka N. G.A.,Steve L.&Beznosov K. (2016) Phishing threat avoidance behaviour: An empirical
investigation
[10] Mohammad R., Thabtah F. & McCluskey L. (2015): Tutorial and critical analysis of phishing
websites methods
[11] Heartfield Ryan& George Loukas, (2018) Detecting semantic social engineering attacks with the
weakest link: Implementation and empirical evaluation of a human-as-a-security-sensor framework
[12] Baniya T., Gautam D.& Kim Y. (2015). Safeguarding web surfing with URL blacklisting
[13] Canova G., Volkamer M., Bergmann C., &Borza R. (2014). NoPhish: An anti-phishing education app
[14] Bottazzi G., Casalicchio E., Marturana F., &Piu M. (2015). MP-shield: A framework for phishing
detection in mobile devices.
[15] Li, J., Li, J., Chen, X., Jia, C., & Lou, W. (2015) Identity-based encryption without sourced
revocation incloud computing
[16] Qabajeh I.,Thabtah F.,&Chiclana F. (2018) A recent review of conventional vs. automated
cybersecurity anti-phishing techniques
[17] Lötter Andrés.&Futcher Lynn, (2015) A framework to Assist Email Users in the Identification of
Phishing Attacks
[18] Gascon H., Ullrich S., Stritter B. &Rieck K. (2018) Reading between the lines: content-agnostic
detection of spear-phishing emails
[19] Smadi S., Aslam N., & Zhang L. (2018). Detection of online phishing email using dynamic evolving
neural network based on reinforcement learning
[20] Chandrasekaran M., Narayanan K., andUpadhayayaS. (2006) Phishing e-mail detection based on
structural properties.
[21] Ghafir I., Saleem J., Hammoudeh M., Faour H., Prenosil V., Jaf S., Jabbar S. & Baker T. (2018).
Security threats to critical infrastructure: the human factor
[22] Khonji M, Iraqi Y& Jones A. (2011). Mitigation of spear phishing attacks: A Content-based
Authorship Identification framework
[23] Iqbal F, BinsalleehH&Fung B C M. (2010). Mining writeprints from anonymous e-mails for forensic
investigation
[24] Lyon, J.& Wong M. (2006). Sender ID: authenticating e-mail,” RFC 4406.
[25] KunjuM.V., Esther D., Anthony H. C. &BhelwaS. (2019) Evaluation of phishing techniques based on
machine learning
[26] Peng T., Harris I., &Sawa Y. (2018).Detecting phishing attacks using natural language processing
and machine learning
[27] SahingozO.K.,Buber E., Demir O., &Diri B. (2019). Machine learning based phishing detection from
URLs
[28] Zhang, Y., Hong, J. I., &Cranor, L. F.(2007). Cantina: A content based approach to detecting
phishing web sites.
[29] Suganya V. (2016): A review on phishing attacks and various anti-phishing techniques
10. International Journal of Network Security & Its Applications (IJNSA) Vol.13, No.2, March 2021
72
[30] Abdelhamid N., Ayesh A. &Thabtah F. (2014) Phishing detection based associative classification
data mining
[31] SternfeldUri&Striem-Amit Yonatan. (2019) Prevention of rendezvous generation algorithm (RGA)
and domain generation algorithm (DGA) malware over exiting internet services.
[32] Akarsh S., Sriram S., &Poornachandran P.(2019) Deep learning framework for domain generation
algorithms prediction using long short-term memory.
[33] Bagui S., Nandi D.,Subhash B. & White J.R (2019) Classifying phishing email using machine
learning and deep learning
[34] Jain Kumar Ankit. & Gupta B.B. (2018). A machine learning based approach for phishing detection
using hyperlinks information
[35] Vinayakumar R., Soman K. P., Poornachandran P., Akarsh S. &Elhoseny M. (2019) Deep learning
framework for cyber threat situational awareness based on email and url data analysis.
[36] Park Gilchan and Rayz Julia (2018).Ontological detection of phishing emails
[37] Surbhi G., Abhishek S.&Akanksha K. (2016). A literature survey on social engineering attacks:
phishing attack
[38] Jamil A., Asif K.& Ghulam Z. (2018) MPMPA: A mitigation and prevention model for social
engineering based phishing attacks on facebook
[39] Platsis George, (2018) Thehuman factor: Cyber security's greatest challenge
[40] NaimBaftiu. (2017).Cyber security in Kosovo
[41] Abdelhamid N., Thabtah F. & Abdel-jaber H. (2017) Phishing detection: A recent intelligent machine
learning comparison based on models content and features
[42] Alsharnouby M., Alaca F., Chiasson S. (2015)Why phishing still works: User strategies for
combating phishing attacks
[43] Chou N., Ledesma R., Teraguchi Y., Boneh D., and Mitchell J. C. (2004) “Client-side defence against
web-based identity theft”.
[44] Prakash P., Kumar M., Rao R. K. and Gupta M. (2010) PhishNet: Predictive blacklisting to detect
phishing attacks
[45] Delany Mark, (2007) Domain-based email authentication using public keys advertised in the DNS
(Domain Keys).
[46] Saidani N., Adi K. and AlliliM. S. (2020)A semantic-based classification approach for an enhanced
spam detection.
[47] Bhowmick A. and Hazarika S.M. (2016) Machine learning for e-mail spam filtering: review
techniques and trends