Phishing Attacks Detection Using EnsembleMachine Learning Algorithms

Phishing,an Internet fraudwhere individuals are deceived into revealing critical personal and account information,poses a significant risk to both consumers and web-based institutions.Data indicates a persistent rise in phishing attacks.Moreover,these fraudulent schemes are progressively becoming more intricate,thereby rendering them more challenging to identify.Hence,it is imperative to utilize sophisticated algorithms to address this issue.Machine learning is a highly effective approach for identifying and uncovering these harmful behaviors.Machine learning(ML)approaches can identify common characteristics in most phishing assaults.In this paper,we propose an ensemble approach and compare it with six machine learning techniques to determine the type of website and whether it is normal or not based on two phishing datasets.After that,we used the normalization technique on the dataset to transform the range of all the features into the same range.The findings of this paper for all algorithms are as follows in the first dataset based on accuracy,precision,recall,and F1-score,respectively:Decision Tree(DT)(0.964,0.961,0.976,0.968),Random Forest(RF)(0.970,0.964,0.984,0.974),Gradient Boosting(GB)(0.960,0.959,0.971,0.965),XGBoost(XGB)(0.973,0.976,0.976,0.976),AdaBoost(0.934,0.934,0.950,0.942),Multi Layer Perceptron(MLP)(0.970,0.971,0.976,0.974)and Voting(0.978,0.975,0.987,0.981).So,the Voting classifier gave the best results.While in the second dataset,all the algorithms gave the same results in four evaluation metrics,which indicates that each of them can effectively accomplish the prediction process.Also,this approach outperformed the previous work in detecting phishing websites with high accuracy,a lower false negative rate,a shorter prediction time,and a lower false positive rate.

Assessing Secure OpenID-Based EAAA Protocol to Prevent MITM and Phishing Attacks in Web Apps

To secure web applications from Man-In-The-Middle(MITM)and phishing attacks is a challenging task nowadays.For this purpose,authen-tication protocol plays a vital role in web communication which securely transfers data from one party to another.This authentication works via OpenID,Kerberos,password authentication protocols,etc.However,there are still some limitations present in the reported security protocols.In this paper,the presented anticipated strategy secures both Web-based attacks by leveraging encoded emails and a novel password form pattern method.The proposed OpenID-based encrypted Email’s Authentication,Authorization,and Accounting(EAAA)protocol ensure security by relying on the email authenticity and a Special Secret Encrypted Alphanumeric String(SSEAS).This string is deployed on both the relying party and the email server,which is unique and trustworthy.The first authentication,OpenID Uniform Resource Locator(URL)identity,is performed on the identity provider side.A second authentication is carried out by the hidden Email’s server side and receives a third authentication link.This Email’s third SSEAS authentication link manages on the relying party(RP).Compared to existing cryptographic single sign-on protocols,the EAAA protocol ensures that an OpenID URL’s identity is secured from MITM and phishing attacks.This study manages two attacks such as MITM and phishing attacks and gives 339 ms response time which is higher than the already reported methods,such as Single Sign-On(SSO)and OpenID.The experimental sites were examined by 72 information technology(IT)specialists,who found that 88.89%of respondents successfully validated the user authorization provided to them via Email.The proposed EAAA protocol minimizes the higher-level risk of MITM and phishing attacks in an OpenID-based atmosphere.

Development of Two-Factor Authentication to Mitigate Phishing Attack

The two-factor authentication mechanism is gaining popularity as more people are becoming aware of the need to secure their identities. In the current form, existing 2FA systems are defenseless against phishing attacks. They do not provide any visual indicator to the user to check the website’s validity before logging in during phishing attacks. This exposes the user’s password during the phishing attack. Two-factor authentication needs to be enhanced to provide a mechanism to detect phishing attacks without adding a significant burden on the user. This research paper will propose a novel 2-FA TOTP mechanism to provide a subconscious indicator during a phishing attack. In comparison, the new proposed novel approach provides better security against phishing attack. Lastly, the mathematical analysis is performed to understand the TOTP variance and validate the security considerations against the existing 2FA systems with respect to adversary attack.

Machine Learning Techniques for Detecting Phishing URL Attacks

Cyber Attacks are critical and destructive to all industry sectors.They affect social engineering by allowing unapproved access to a Personal Computer(PC)that breaks the corrupted system and threatens humans.The defense of security requires understanding the nature of Cyber Attacks,so prevention becomes easy and accurate by acquiring sufficient knowledge about various features of Cyber Attacks.Cyber-Security proposes appropriate actions that can handle and block attacks.A phishing attack is one of the cybercrimes in which users follow a link to illegal websites that will persuade them to divulge their private information.One of the online security challenges is the enormous number of daily transactions done via phishing sites.As Cyber-Security have a priority for all organizations,Cyber-Security risks are considered part of an organization’s risk management process.This paper presents a survey of different modern machine-learning approaches that handle phishing problems and detect with high-quality accuracy different phishing attacks.A dataset consisting of more than 11000 websites from the Kaggle dataset was utilized and studying the effect of 30 website features and the resulting class label indicating whether or not it is a phishing website(1 or−1).Furthermore,we determined the confusion matrices of Machine Learning models:Neural Networks(NN),Na飗e Bayes,and Adaboost,and the results indicated that the accuracies achieved were 90.23%,92.97%,and 95.43%,respectively.

Modelling an Efficient URL Phishing Detection Approach Based on a Dense Network Model

The social engineering cyber-attack is where culprits mislead the users by getting the login details which provides the information to the evil server called phishing.The deep learning approaches and the machine learning are compared in the proposed system for presenting the methodology that can detect phishing websites via Uniform Resource Locator(URLs)analysis.The legal class is composed of the home pages with no inclusion of login forms in most of the present modern solutions,which deals with the detection of phishing.Contrarily,the URLs in both classes from the login page due,considering the representation of a real case scenario and the demonstration for obtaining the rate of false-positive with the existing approaches during the legal login pages provides the test having URLs.In addition,some model reduces the accuracy rather than training the base model and testing the latest URLs.In addition,a feature analysis is performed on the present phishing domains to identify various approaches to using the phishers in the campaign.A new dataset called the MUPD dataset is used for evaluation.Lastly,a prediction model,the Dense forward-backwards Long Short Term Memory(LSTM)model(d−FBLSTM),is presented for combining the forward and backward propagation of LSMT to obtain the accuracy of 98.5%on the initiated login URL dataset.

Detection of Phishing in Internet-of-Things Using Hybrid Deep Belief Network

Increase in the use of internet of things owned devices is one of the reasonsforincreasednetworktraffic.Whileconnectingthesmartdeviceswith publicly available network many kinds of phishing attacks are able to enter into the mobile devices and corrupt the existing system.The Phishing is the slow and resilient attack stacking techniques probe the users.The proposed model is focused on detecting phishing attacks in internet of things enabled devices through a robust algorithm called Novel Watch and Trap Algorithm(NWAT).Though Predictive mapping,Predictive Validation and Predictive analysis mechanism is developed.For the test purpose Canadian Institute of cyber security(CIC)dataset is used for creating a robust prediction model.This attack generates a resilience corruption works that slowly gathers the credential information from the mobiles.The proposed Predictive analysis model(PAM)enabled NWAT algorithm is used to predict the phishing probes in the form of suspicious process happening in the IoT networks.The prediction system considers the peer-to-peer communication window open for the established communication,the suspicious process and its pattern is identified by the new approach.The proposed model is validated by finding thepredictionaccuracy,Precision,recallsF1score,errorrate,Mathew’sCorre-lationCoefficient(MCC)andBalancedDetectionRate(BDR).Thepresented approach is comparatively analyzed with the state-of-the-art approach of existing system related to various types of Phishing probes.

PhishGuard: Integrating Fine-Tuned Large Language Models (LLMs) into Password Management

In the digital age, phishing attacks have been a persistent security threat leveraged by traditional password management systems that are not able to verify the authenticity of websites. This paper presents an approach to embedding sophisticated phishing detection within a password manager’s framework, called PhishGuard. PhishGuard uses a Large Language Model (LLM), specifically a fine-tuned BERT algorithm that works in real time, where URLs fed by the user in the credentials are analyzed and authenticated. This approach enhances user security with its provision of real-time protection from phishing attempts. Through rigorous testing, this paper illustrates how PhishGuard has scored well in tests that measure accuracy, precision, recall, and false positive rates.

Impact of Human Vulnerabilities on Cybersecurity

Today,security is a major challenge linked with computer network companies that cannot defend against cyber-attacks.Numerous vulnerable factors increase security risks and cyber-attacks,including viruses,the internet,communications,and hackers.Internets of Things(IoT)devices are more effective,and the number of devices connected to the internet is constantly increasing,and governments and businesses are also using these technologies to perform business activities effectively.However,the increasing uses of technologies also increase risks,such as password attacks,social engineering,and phishing attacks.Humans play a major role in the field of cybersecurity.It is observed that more than 39%of security risks are related to the human factor,and 95%of successful cyber-attacks are caused by human error,with most of them being insider threats.The major human factor issue in cybersecurity is a lack of user awareness of cyber threats.This study focuses on the human factor by surveying the vulnerabilities and reducing the risk by focusing on human nature and reacting to different situations.This study highlighted that most of the participants are not experienced with cybersecurity threats and how to protect their personal information.Moreover,the lack of awareness of the top three vulnerabilities related to the human factor in cybersecurity,such as phishing attacks,passwords,attacks,and social engineering,are major problems that need to be addressed and reduced through proper awareness and training.

Development of anti-phishing browser based on random forest and rule of extraction framework

Phishing is a technique under Social Engineering attacks which is most widely used to get user sensitive information,such as login credentials and credit and debit card information,etc.It is carried out by a person masquerading as an authentic individual.To protect web users from these attacks,various anti-phishing techniques are developed,but they fail to protect the user from these attacks in various ways.In this paper,we propose a novel technique to identify phishing websites effortlessly on the client side by proposing a novel browser architecture.In this system,we use the rule of extraction framework to extract the properties or features of a website using the URL only.This list consists of 30 different properties of a URL,which will later be used by the Random Forest Classification machine learning model to detect the authenticity of the website.A dataset consisting of 11,055 tuples is used to train the model.These processes are carried out on the client-side with the help of a redesigned browser architecture.Today Researches have come up with machine learning frameworks to detect phishing sites,but they are not in a state to be used by individuals having no technical knowledge.To make sure that these tools are accessible to every individual,we have improvised and introduced detection methods into the browser architecture named as‘Embedded Phishing Detection Browser’(EPDB),which is a novel method to preserve the existing user experience while improving the security.The newly designed browser architecture introduces a special segment to perform phishing detection operations in real-time.We have prototyped this technique to ensure maximum security,better accuracy of 99.36%in the identification of phishing websites in realtime.

Development of anti-phishing browser based on random forest and rule of extraction framework

Phishing is a technique under Social Engineering attacks which is most widely used to get user sensitive information,such as login credentials and credit and debit card information,etc.It is carried out by a person masquerading as an authentic individual.To protect web users from these attacks,various anti-phishing techniques are developed,but they fail to protect the user from these attacks in various ways.In this paper,we propose a novel technique to identify phishing websites effortlessly on the client side by proposing a novel browser architecture.In this system,we use the rule of extraction framework to extract the properties or features of a website using the URL only.This list consists of 30 different properties of a URL,which will later be used by the Random Forest Classification machine learning model to detect the authenticity of the website.A dataset consisting of 11,055 tuples is used to train the model.These processes are carried out on the client-side with the help of a redesigned browser architecture.Today Researches have come up with machine learning frameworks to detect phishing sites,but they are not in a state to be used by individuals having no technical knowledge.To make sure that these tools are accessible to every individual,we have improvised and introduced detection methods into the browser architecture named as‘Embedded Phishing Detection Browser’(EPDB),which is a novel method to preserve the existing user experience while improving the security.The newly designed browser architecture introduces a special segment to perform phishing detection operations in real-time.We have prototyped this technique to ensure maximum security,better accuracy of 99.36% in the identification of phishing websites in realtime.

TIFAflow: Enhancing Traffic Archiving System with Flow Granularity for Forensic Analysis in Network Security

The archiving of Internet traffic is an essential function for retrospective network event analysis and forensic computer communication. The state-of-the-art approach for network monitoring and analysis involves storage and analysis of network flow statistic. However, this approach loses much valuable information within the Internet traffic. With the advancement of commodity hardware, in particular the volume of storage devices and the speed of interconnect technologies used in network adapter cards and multi-core processors, it is now possible to capture 10 Gbps and beyond real-time network traffic using a commodity computer, such as n2disk. Also with the advancement of distributed file system （such as Hadoop, ZFS, etc.） and open cloud computing platform （such as OpenStack, CloudStack, and Eucalyptus, etc.）, it is practical to store such large volume of traffic data and fully in-depth analyse the inside communication within an acceptable latency. In this paper, based on well- known TimeMachine, we present TIFAflow, the design and implementation of a novel system for archiving and querying network flows. Firstly, we enhance the traffic archiving system named TImemachine＋FAstbit （TIFA） with flow granularity, i.e., supply the system with flow table and flow module. Secondly, based on real network traces, we conduct performance comparison experiments of TIFAflow with other implementations such as common database solution, TimeMachine and TIFA system. Finally, based on comparison results, we demonstrate that TIFAflow has a higher performance improvement in storing and querying performance than TimeMachine and TIFA, both in time and space metrics.