With the advances in computing powers and increasing volumes of data, deep learning’s emergence has helped revitalize artificial intelligence research. There is a growing trend of applying deep ...learning techniques to image processing, speech recognition, self-driving cars, and even health-care. Recently, several deep learning models have been employed to detect a cyber threat such as network attack, malware infiltration, or phishing website; nevertheless, they suffer from not being explainable to security experts. Security experts not only do need to detect the incoming threat but also need to know the incorporating features that cause that particular security incident. To address this issue, in this paper, we propose a deep embedded neural network expert system (DeNNeS) that extracts refined rules from a trained deep neural network (DNN) architecture to substitute the knowledge base of an expert system. The knowledge base later is used to classify an unseen security incident and inform the final user of the corresponding rule that made that inference. We consider different rule extraction scenarios, and to prove the robustness of DeNNeS, we evaluate it on two cybersecurity datasets including UCI phishing websites dataset and Android malware dataset comprising more than 4000 Android APKs from several sources. The comparison results of DeNNeS with standalone DNN, JRip, and common machine learning algorithms show that DeNNeS with the retraining uncovered samples scenario outperforms other algorithms on both datasets. Furthermore, the extracted rules approximately reproduce the accuracy of the neural network from which they are derived. DeNNeS achieves an outstanding accuracy of
97.5
%
and a negligible false positive rate of
1.8
%
about
2.4
%
higher and
3.5
%
lower than the rule learner JRip on the phishing dataset. Moreover, DeNNeS outperforms random forest (RF), which produces the highest results among decision tree (DT), support vector machine, k-nearest neighbor, and Gaussian naive Bayes. Despite smaller training data in the malware dataset, DeNNeS achieves an accuracy of
95.8
%
and
F
1
s
c
o
r
e
of
91.1
%
, much higher than JRip and RF.
Internet of Things (IoT) enables day-to-day objects to connect with the Internet and transmit and receive data for meaningful purposes. Recently, IoT has resulted in many revolutions in all sectors. ...Nonetheless, security risks to IoT networks and devices are persistently disruptive due to the growth of Internet technology. Phishing becomes a common threat to Internet users, where the attacker aims to fraudulently extract confidential data of the system or user by using websites, fictitious emails, etc. Due to the dramatic growth in IoT devices, hackers target IoT gadgets, including smart cars, security cameras, and so on, and perpetrate phishing attacks to gain control over the vulnerable device for malicious purposes. These scams have been increasing and advancing over the last few years. To resolve these problems, this paper presents a binary Hunter–prey optimization with a machine learning-based phishing attack detection (BHPO-MLPAD) method in the IoT environment. The BHPO-MLPAD technique can find phishing attacks through feature selection and classification. In the presented BHPO-MLPAD technique, the BHPO algorithm primarily chooses an optimal subset of features. The cascaded forward neural network (CFNN) model is employed for phishing attack detection. To adjust the parameter values of the CFNN model, the variable step fruit fly optimization (VFFO) algorithm is utilized. The performance assessment of the BHPO-MLPAD method takes place on the benchmark dataset. The results inferred the betterment of the BHPO-MLPAD technique over compared approaches in different evaluation measures.
Majority of Internet users lack anti-phishing skills in identifying a phishing attack. This paper introduces a 3D-game prototype named Securix which simplifies and exaggerates real life scenario and ...conveys different game design principles. Securix is divided into three levels, depicted in scenarios, namely: URL, E-mail and Website which addresses different types of phishing attack. 3D characters and tools were designed to be imported into the game engine using C# programming language for scripting. A Technology Acceptance Model was used for evaluation of the game. To ascertain the liability and acceptability of this design, 50 questionnaires were administered. The results revealed perceived usefulness as the most significant determinant of adoption of Securix than all the other variables. All the relationships between Perceived Ease Of Use (PEOU), Perceived Usefulness (PU), Attitude Towards Using (ATU), and Actual Usage of the System (AUOS) were tested and found to be significant and positive. Analysis from the questionnaire revealed that PU was a strong predictor of actual usage with ninety-five percent (95%) of users as compared to PEOU which was sixty-eight percent (68%) and AUOS which had a result of seventy-four percent (74%). The overall game design enhances the user's avoidance behaviour through motivation to protect themselves against phishing threats.
This paper discusses a novel frame work approach of Software Defined Network based prevention on phishing attack with the help of the deep machine learning with CANTINA approach (DMLCA) in the ...cyberspace. Cyber security is a significant concern in the operations of coalition, and is a complex challenge because of some needs in operational effectiveness and also the trust relationship limit which exists over the coalition partners. In networking, new promising paradigms like Software Defined Networks (SDN), offer a method to deal more efficiently with their security constraints. This machine learning approach is to deal with the phishing attack problem based on the SVM (support vector machine) and this machine learning technique with SVM helps to effectively to solve classification problems. The CANTINA approach helps to support the robust hyperlinks with the help of evaluating the term frequency (TF) and inverse document frequency and (IDF). This information retrieval algorithm helps to compare, classify and retrieve various documents. The objective is to improve the detection accuracy with the help of the DMLCA method with the various parameters such as detection accuracy based on the true positive ratio and false positive ratio, precision and recall.
Phishing is described as the art of echoing a website of a creditable firm intending to grab user's private information such as usernames, passwords and social security number. Phishing websites ...comprise a variety of cues within its content-parts as well as the browser-based security indicators provided along with the website. Several solutions have been proposed to tackle phishing. Nevertheless, there is no single magic bullet that can solve this threat radically. One of the promising techniques that can be employed in predicting phishing attacks is based on data mining, particularly the ‘induction of classification rules’ since anti-phishing solutions aim to predict the website class accurately and that exactly matches the data mining classification technique goals. In this study, the authors shed light on the important features that distinguish phishing websites from legitimate ones and assess how good rule-based data mining classification techniques are in predicting phishing websites and which classification technique is proven to be more reliable.
An efficient phishing webpage detector He, Mingxing; Horng, Shi-Jinn; Fan, Pingzhi ...
Expert systems with applications,
09/2011, Volume:
38, Issue:
10
Journal Article
Peer reviewed
► A heuristic method is proposed to determine if a webpage is legal. ► The method can detect new phishing pages which feature based tools could not. ► Based on SVM, the proposed method is efficient ...compared to others.
Phishing attack is growing significantly each year and is considered as one of the most dangerous threats in the Internet which may cause people to lose confidence in e-commerce. In this paper, we present a heuristic method to determine whether a webpage is a legitimate or a phishing page. This scheme could detect new phishing pages which black list based anti-phishing tools could not. We first convert a web page into 12 features which are well selected based on the existing normal and fishing pages. A training set of web pages including normal and fishing pages are then input for a support vector machine to do training. A testing set is finally fed into the trained model to do the testing. Compared to the existing methods, the experimental results show that the proposed phishing detector can achieve the high accuracy rate with relatively low false positive and low false negative rates.
This paper explores machine learning techniques and evaluates their performances when trained to perform against datasets consisting of features that can differentiate between a Phishing Website and ...a safe one. This capability of telling these sites apart from one another is vital in the modern-day internet surfing. As more and more of our resources shift online, one vulnerability and a leak of sensitive information by someone could bring everything down in a connected network. This paper's objective through this research is to highlight the best technique for identifying one of the most commonly occurring cyberattacks and thus allow faster identification and blacklisting of such sites, therefore leading to a safer and more secure web surfing experience for everyone. To achieve this, we describe each of the techniques we look into in great detail and use different evaluation techniques to portray their performance visually. After pitting all of these techniques against each other, we have concluded with an explanation in this paper that Random Forest Classifier does indeed work best for Phishing Website Detection.
Internet has been dominating the world nearly a decade. Web application is known to be the most widespread platform of the internet especially when it comes to share resources, e-commerce services, ...education and business platforms. Since the usage of web applications are increasing dramatically, it's becoming more vulnerable for security attacks. Each year, organizations facing many security attacks towards their web applications. Although many security practices and mitigations have been applying in web application, however there are still some security loophole issues can be found in web application. For instance, these loopholes can be referred as lack of secure coding (standards) implemented in web application, lack of formal security training approach for web developers and improper security testing for their web application. Besides, social engineering attacks also tremendously increasing each year. Many organizations were compromised through phishing attacks due to lack of awareness among users (employees). As a solution to overcome the issues, a research project will be carried out to implement a system called Nscanner to detect Structured Query Language injection (SQLi) and Cross-Site Scripting (XSS) vulnerabilities for web application. Moreover, the developer also will design a malware detection feature based on machine learning approach to detect malware found in attachments from emails in order to prevent malware phishing attacks.