Detecting malicious Uniform Resource Locators(URLs)is crucially important to prevent attackers from committing cybercrimes.Recent researches have investigated the role of machine learning(ML)models to detect malicious...Detecting malicious Uniform Resource Locators(URLs)is crucially important to prevent attackers from committing cybercrimes.Recent researches have investigated the role of machine learning(ML)models to detect malicious URLs.By using ML algorithms,rst,the features of URLs are extracted,and then different ML models are trained.The limitation of this approach is that it requires manual feature engineering and it does not consider the sequential patterns in the URL.Therefore,deep learning(DL)models are used to solve these issues since they are able to perform featureless detection.Furthermore,DL models give better accuracy and generalization to newly designed URLs;however,the results of our study show that these models,such as any other DL models,can be susceptible to adversarial attacks.In this paper,we examine the robustness of these models and demonstrate the importance of considering this susceptibility before applying such detection systems in real-world solutions.We propose and demonstrate a black-box attack based on scoring functions with greedy search for the minimum number of perturbations leading to a misclassication.The attack is examined against different types of convolutional neural networks(CNN)-based URL classiers and it causes a tangible decrease in the accuracy with more than 56%reduction in the accuracy of the best classier(among the selected classiers for this work).Moreover,adversarial training shows promising results in reducing the inuence of the attack on the robustness of the model to less than 7%on average.展开更多
The data in the cloud is protected by various mechanisms to ensure security aspects and user’s privacy.But,deceptive attacks like phishing might obtain the user’s data and use it for malicious purposes.In Spite of m...The data in the cloud is protected by various mechanisms to ensure security aspects and user’s privacy.But,deceptive attacks like phishing might obtain the user’s data and use it for malicious purposes.In Spite of much techno-logical advancement,phishing acts as thefirst step in a series of attacks.With technological advancements,availability and access to the phishing kits has improved drastically,thus making it an ideal tool for the hackers to execute the attacks.The phishing cases indicate use of foreign characters to disguise the ori-ginal Uniform Resource Locator(URL),typosquatting the popular domain names,using reserved characters for re directions and multi-chain phishing.Such phishing URLs can be stored as a part of the document and uploaded in the cloud,providing a nudge to hackers in cloud storage.The cloud servers are becoming the trusted tool for executing these attacks.The prevailing software for blacklisting phishing URLs lacks the security for multi-level phishing and expects security from the client’s end(browser).At the same time,the avalanche effect and immut-ability of block-chain proves to be a strong source of security.Considering these trends in technology,a block-chain basedfiltering implementation for preserving the integrity of user data stored in the cloud is proposed.The proposed Phish Block detects the homographic phishing URLs with accuracy of 91%which assures the security in cloud storage.展开更多
Phishing websites present a severe cybersecurity risk since they can lead to financial losses,data breaches,and user privacy violations.This study uses machine learning approaches to solve the problem of phishing webs...Phishing websites present a severe cybersecurity risk since they can lead to financial losses,data breaches,and user privacy violations.This study uses machine learning approaches to solve the problem of phishing website detection.Using artificial intelligence,the project aims to provide efficient techniques for locating and thwarting these dangerous websites.The study goals were attained by performing a thorough literature analysis to investigate several models and methods often used in phishing website identification.Logistic Regression,K-Nearest Neighbors,Decision Trees,Random Forests,Support Vector Classifiers,Linear Support Vector Classifiers,and Naive Bayes were all used in the inquiry.This research covers the benefits and drawbacks of several Machine Learning approaches,illuminating how well-suited each is to overcome the difficulties in locating and countering phishing website predictions.The insights gained from this literature review guide the selection and implementation of appropriate models and methods in future research and real-world applications related to phishing detections.The study evaluates and compares accuracy,precision and recalls of several machine learning models in detecting phishing website URL’s detection.展开更多
Cybersecurity-related solutions have become familiar since it ensures security and privacy against cyberattacks in this digital era.Malicious Uniform Resource Locators(URLs)can be embedded in email or Twitter and used...Cybersecurity-related solutions have become familiar since it ensures security and privacy against cyberattacks in this digital era.Malicious Uniform Resource Locators(URLs)can be embedded in email or Twitter and used to lure vulnerable internet users to implement malicious data in their systems.This may result in compromised security of the systems,scams,and other such cyberattacks.These attacks hijack huge quantities of the available data,incurring heavy financial loss.At the same time,Machine Learning(ML)and Deep Learning(DL)models paved the way for designing models that can detect malicious URLs accurately and classify them.With this motivation,the current article develops an Artificial Fish Swarm Algorithm(AFSA)with Deep Learning Enabled Malicious URL Detection and Classification(AFSADL-MURLC)model.The presented AFSADL-MURLC model intends to differentiate the malicious URLs from genuine URLs.To attain this,AFSADL-MURLC model initially carries out data preprocessing and makes use of glove-based word embedding technique.In addition,the created vector model is then passed onto Gated Recurrent Unit(GRU)classification to recognize the malicious URLs.Finally,AFSA is applied to the proposed model to enhance the efficiency of GRU model.The proposed AFSADL-MURLC technique was experimentally validated using benchmark dataset sourced from Kaggle repository.The simulation results confirmed the supremacy of the proposed AFSADL-MURLC model over recent approaches under distinct measures.展开更多
Cyber Attacks are critical and destructive to all industry sectors.They affect social engineering by allowing unapproved access to a Personal Computer(PC)that breaks the corrupted system and threatens humans.The defen...Cyber Attacks are critical and destructive to all industry sectors.They affect social engineering by allowing unapproved access to a Personal Computer(PC)that breaks the corrupted system and threatens humans.The defense of security requires understanding the nature of Cyber Attacks,so prevention becomes easy and accurate by acquiring sufficient knowledge about various features of Cyber Attacks.Cyber-Security proposes appropriate actions that can handle and block attacks.A phishing attack is one of the cybercrimes in which users follow a link to illegal websites that will persuade them to divulge their private information.One of the online security challenges is the enormous number of daily transactions done via phishing sites.As Cyber-Security have a priority for all organizations,Cyber-Security risks are considered part of an organization’s risk management process.This paper presents a survey of different modern machine-learning approaches that handle phishing problems and detect with high-quality accuracy different phishing attacks.A dataset consisting of more than 11000 websites from the Kaggle dataset was utilized and studying the effect of 30 website features and the resulting class label indicating whether or not it is a phishing website(1 or−1).Furthermore,we determined the confusion matrices of Machine Learning models:Neural Networks(NN),Na飗e Bayes,and Adaboost,and the results indicated that the accuracies achieved were 90.23%,92.97%,and 95.43%,respectively.展开更多
The social engineering cyber-attack is where culprits mislead the users by getting the login details which provides the information to the evil server called phishing.The deep learning approaches and the machine learn...The social engineering cyber-attack is where culprits mislead the users by getting the login details which provides the information to the evil server called phishing.The deep learning approaches and the machine learning are compared in the proposed system for presenting the methodology that can detect phishing websites via Uniform Resource Locator(URLs)analysis.The legal class is composed of the home pages with no inclusion of login forms in most of the present modern solutions,which deals with the detection of phishing.Contrarily,the URLs in both classes from the login page due,considering the representation of a real case scenario and the demonstration for obtaining the rate of false-positive with the existing approaches during the legal login pages provides the test having URLs.In addition,some model reduces the accuracy rather than training the base model and testing the latest URLs.In addition,a feature analysis is performed on the present phishing domains to identify various approaches to using the phishers in the campaign.A new dataset called the MUPD dataset is used for evaluation.Lastly,a prediction model,the Dense forward-backwards Long Short Term Memory(LSTM)model(d−FBLSTM),is presented for combining the forward and backward propagation of LSMT to obtain the accuracy of 98.5%on the initiated login URL dataset.展开更多
基金supported by Korea Electric Power Corporation(Grant Number:R18XA02).
文摘Detecting malicious Uniform Resource Locators(URLs)is crucially important to prevent attackers from committing cybercrimes.Recent researches have investigated the role of machine learning(ML)models to detect malicious URLs.By using ML algorithms,rst,the features of URLs are extracted,and then different ML models are trained.The limitation of this approach is that it requires manual feature engineering and it does not consider the sequential patterns in the URL.Therefore,deep learning(DL)models are used to solve these issues since they are able to perform featureless detection.Furthermore,DL models give better accuracy and generalization to newly designed URLs;however,the results of our study show that these models,such as any other DL models,can be susceptible to adversarial attacks.In this paper,we examine the robustness of these models and demonstrate the importance of considering this susceptibility before applying such detection systems in real-world solutions.We propose and demonstrate a black-box attack based on scoring functions with greedy search for the minimum number of perturbations leading to a misclassication.The attack is examined against different types of convolutional neural networks(CNN)-based URL classiers and it causes a tangible decrease in the accuracy with more than 56%reduction in the accuracy of the best classier(among the selected classiers for this work).Moreover,adversarial training shows promising results in reducing the inuence of the attack on the robustness of the model to less than 7%on average.
文摘The data in the cloud is protected by various mechanisms to ensure security aspects and user’s privacy.But,deceptive attacks like phishing might obtain the user’s data and use it for malicious purposes.In Spite of much techno-logical advancement,phishing acts as thefirst step in a series of attacks.With technological advancements,availability and access to the phishing kits has improved drastically,thus making it an ideal tool for the hackers to execute the attacks.The phishing cases indicate use of foreign characters to disguise the ori-ginal Uniform Resource Locator(URL),typosquatting the popular domain names,using reserved characters for re directions and multi-chain phishing.Such phishing URLs can be stored as a part of the document and uploaded in the cloud,providing a nudge to hackers in cloud storage.The cloud servers are becoming the trusted tool for executing these attacks.The prevailing software for blacklisting phishing URLs lacks the security for multi-level phishing and expects security from the client’s end(browser).At the same time,the avalanche effect and immut-ability of block-chain proves to be a strong source of security.Considering these trends in technology,a block-chain basedfiltering implementation for preserving the integrity of user data stored in the cloud is proposed.The proposed Phish Block detects the homographic phishing URLs with accuracy of 91%which assures the security in cloud storage.
文摘Phishing websites present a severe cybersecurity risk since they can lead to financial losses,data breaches,and user privacy violations.This study uses machine learning approaches to solve the problem of phishing website detection.Using artificial intelligence,the project aims to provide efficient techniques for locating and thwarting these dangerous websites.The study goals were attained by performing a thorough literature analysis to investigate several models and methods often used in phishing website identification.Logistic Regression,K-Nearest Neighbors,Decision Trees,Random Forests,Support Vector Classifiers,Linear Support Vector Classifiers,and Naive Bayes were all used in the inquiry.This research covers the benefits and drawbacks of several Machine Learning approaches,illuminating how well-suited each is to overcome the difficulties in locating and countering phishing website predictions.The insights gained from this literature review guide the selection and implementation of appropriate models and methods in future research and real-world applications related to phishing detections.The study evaluates and compares accuracy,precision and recalls of several machine learning models in detecting phishing website URL’s detection.
基金the Deanship of Scientific Research at King Khalid University for funding this work through Large Groups Project under grant number(45/43)Princess Nourah bint Abdulrahman University Researchers Supporting Project number(PNURSP2022R140)Princess Nourah bint Abdulrahman University,Riyadh,Saudi Arabia.The authors would like to thank the Deanship of Scientific Research at Umm Al-Qura University for supporting this work by Grant Code:22UQU4310373DSR21.
文摘Cybersecurity-related solutions have become familiar since it ensures security and privacy against cyberattacks in this digital era.Malicious Uniform Resource Locators(URLs)can be embedded in email or Twitter and used to lure vulnerable internet users to implement malicious data in their systems.This may result in compromised security of the systems,scams,and other such cyberattacks.These attacks hijack huge quantities of the available data,incurring heavy financial loss.At the same time,Machine Learning(ML)and Deep Learning(DL)models paved the way for designing models that can detect malicious URLs accurately and classify them.With this motivation,the current article develops an Artificial Fish Swarm Algorithm(AFSA)with Deep Learning Enabled Malicious URL Detection and Classification(AFSADL-MURLC)model.The presented AFSADL-MURLC model intends to differentiate the malicious URLs from genuine URLs.To attain this,AFSADL-MURLC model initially carries out data preprocessing and makes use of glove-based word embedding technique.In addition,the created vector model is then passed onto Gated Recurrent Unit(GRU)classification to recognize the malicious URLs.Finally,AFSA is applied to the proposed model to enhance the efficiency of GRU model.The proposed AFSADL-MURLC technique was experimentally validated using benchmark dataset sourced from Kaggle repository.The simulation results confirmed the supremacy of the proposed AFSADL-MURLC model over recent approaches under distinct measures.
文摘Cyber Attacks are critical and destructive to all industry sectors.They affect social engineering by allowing unapproved access to a Personal Computer(PC)that breaks the corrupted system and threatens humans.The defense of security requires understanding the nature of Cyber Attacks,so prevention becomes easy and accurate by acquiring sufficient knowledge about various features of Cyber Attacks.Cyber-Security proposes appropriate actions that can handle and block attacks.A phishing attack is one of the cybercrimes in which users follow a link to illegal websites that will persuade them to divulge their private information.One of the online security challenges is the enormous number of daily transactions done via phishing sites.As Cyber-Security have a priority for all organizations,Cyber-Security risks are considered part of an organization’s risk management process.This paper presents a survey of different modern machine-learning approaches that handle phishing problems and detect with high-quality accuracy different phishing attacks.A dataset consisting of more than 11000 websites from the Kaggle dataset was utilized and studying the effect of 30 website features and the resulting class label indicating whether or not it is a phishing website(1 or−1).Furthermore,we determined the confusion matrices of Machine Learning models:Neural Networks(NN),Na飗e Bayes,and Adaboost,and the results indicated that the accuracies achieved were 90.23%,92.97%,and 95.43%,respectively.
文摘The social engineering cyber-attack is where culprits mislead the users by getting the login details which provides the information to the evil server called phishing.The deep learning approaches and the machine learning are compared in the proposed system for presenting the methodology that can detect phishing websites via Uniform Resource Locator(URLs)analysis.The legal class is composed of the home pages with no inclusion of login forms in most of the present modern solutions,which deals with the detection of phishing.Contrarily,the URLs in both classes from the login page due,considering the representation of a real case scenario and the demonstration for obtaining the rate of false-positive with the existing approaches during the legal login pages provides the test having URLs.In addition,some model reduces the accuracy rather than training the base model and testing the latest URLs.In addition,a feature analysis is performed on the present phishing domains to identify various approaches to using the phishers in the campaign.A new dataset called the MUPD dataset is used for evaluation.Lastly,a prediction model,the Dense forward-backwards Long Short Term Memory(LSTM)model(d−FBLSTM),is presented for combining the forward and backward propagation of LSMT to obtain the accuracy of 98.5%on the initiated login URL dataset.
