Robust Phishing Detection Against Adversaries

Phishing websites have grown more recently than ever, and they become more intelligent, even against well-designed phishing detection techniques. Formerly, we have proposed in the literature a state-of-the-art URL-exclusive phishing detection solution based on Convolutional Neural Network (CNN) model, which we referred as PUCNN model. Phishing detection is adversarial as the phisher may attempt to avoid the detection. This adversarial nature makes standard evaluations less useful in predicting model performance in such adversarial situations. We aim to improve PUCNN by addressing the adversarial nature of phishing detection with a restricted adversarial scenario, as PUCNN has shown that an unrestricted attacker dominates. To evaluate this adversarial scenario, we present a parameterized text-based mutation strategy used for generating adversarial samples. These parameters tune the attacker’s restrictions. We have focused on text-based mutation due to our focus on URL-exclusive models. The PUCNN model generally showed robustness and performed well when the parameters were low, which indicates a more restricted attacker.

Phish Derby: Shoring the Human Shield Through Gamified Phishing Attacks

To better understand employees’ reporting behaviors in relation to phishing emails, we gamified the phishing security awareness training process by creating and conducting a month-long “Phish Derby” competition at a large university in the U.S. The university’s Information Security Office challenged employees to prove they could detect phishing emails as part of the simulated phishing program currently in place. Employees volunteered to compete for prizes during this special event and were instructed to report suspicious emails as potential phishing attacks. Prior to the beginning of the competition, we collected demographics and data related to the concepts central to two theoretical foundations: the Big Five personality traits and goal orientation theory. We found several notable relationships between demographic variables and Phish Derby performance, which was operationalized from the number of phishing attacks reported and employee report speed. Several key findings emerged, including past performance on simulated phishing campaigns positively predicted Phish Derby performance; older participants performed better than their younger colleagues, but more educated participants performed poorer; and individuals who used a mix of PCs and Macs at work performed worse than those using a single platform. We also found that two of the Big Five personality dimensions, extraversion and agreeableness, were both associated with poorer performance in phishing detection and reporting. Likewise, individuals who were driven to perform well in the Phish Derby because they desired to learn from the experience (i.e., learning goal orientation) performed at a lower level than those driven by other goals. Interestingly, self-reported levels of computer skill and the perceived ability to detect phishing messages failed to exhibit a significant relationship with Phish Derby performance. We discuss these findings and describe how focusing on motivating the good in employee cyber behaviors is a necessary yet too often overlooked component in organizations whose training cyber cultures are rooted in employee click rates alone.

Understanding Deep Learning Architecture to Various Problems of Cyber Security

Traditional machine learning has evolved into deep learning. It's capable of extracting the best feature representation from raw input samples. Intrusion detection, malware classification, Android malware detection, spam and phishing detection, and binary analysis are just a few examples of how this has been used in cyber security. Deep auto encoders, limited Boltzmann machines, recurrent neural networks, generative adversarial networks, and other DL methods are all described in this study in a brief tutorial-style method. After that, we'll go over how each of the DL methods is employed in security applications. Keywords: Machine, Cyber, Security, Architecture, Technology.

Phisher Fighter: Website Phishing Detection System Based on URL and Term Frequency-Inverse Document Frequency Values

Fundamentally, phishing is a common cybercrime that is indulged by the intruders or hackers on naive and credible individuals and make them to reveal their unique and sensitive information through fictitious websites. The primary intension of this kind of cybercrime is to gain access to the ad hominem or classified information from the recipients. The obtained data comprises of information that can very well utilized to recognize an individual. The purloined personal or sensitive information is commonly marketed in the online dark market and subsequently these information will be bought by the personal identity brigands. Depending upon the sensitivity and the importance of the stolen information, the price of a single piece of purloined information would vary from few dollars to thousands of dollars. Machine learning (ML) as well as Deep Learning (DL) are powerful methods to analyse and endeavour against these phishing attacks. A machine learning based phishing detection system is proposed to protect the website and users from such attacks. In order to optimize the results in a better way, the TF-IDF (Term Frequency-Inverse Document Frequency) value of webpages is employed within the system. ML methods such as LR (Logistic Regression), RF (Random Forest), SVM (Support Vector Machine), NB (Naive Bayes) and SGD (Stochastic Gradient Descent) are applied for training and testing the obtained dataset. Henceforth, a robust phishing website detection system is developed with 90.68% accuracy.