scholarly journals Towards Lightweight URL-Based Phishing Detection

2021 ◽  
Vol 13 (6) ◽  
pp. 154
Author(s):  
Andrei Butnaru ◽  
Alexios Mylonas ◽  
Nikolaos Pitropakis
Keyword(s):  
Situational Awareness ◽  
Initial Step ◽  
Cyber Attacks ◽  
Supervised Machine Learning ◽  
Web Browsers ◽  
Web Browsing ◽  
Security Risks ◽  
Phishing Attacks ◽  
Target Individual ◽  
One Year

Nowadays, the majority of everyday computing devices, irrespective of their size and operating system, allow access to information and online services through web browsers. However, the pervasiveness of web browsing in our daily life does not come without security risks. This widespread practice of web browsing in combination with web users’ low situational awareness against cyber attacks, exposes them to a variety of threats, such as phishing, malware and profiling. Phishing attacks can compromise a target, individual or enterprise, through social interaction alone. Moreover, in the current threat landscape phishing attacks typically serve as an attack vector or initial step in a more complex campaign. To make matters worse, past work has demonstrated the inability of denylists, which are the default phishing countermeasure, to protect users from the dynamic nature of phishing URLs. In this context, our work uses supervised machine learning to block phishing attacks, based on a novel combination of features that are extracted solely from the URL. We evaluate our performance over time with a dataset which consists of active phishing attacks and compare it with Google Safe Browsing (GSB), i.e., the default security control in most popular web browsers. We find that our work outperforms GSB in all of our experiments, as well as performs well even against phishing URLs which are active one year after our model’s training.

scholarly journals Study on Cyber-Attacks Based on E-mails

2014 ◽  
Author(s):  
Florian-Cosmin BUTOI
Keyword(s):  
Social Security ◽  
White Paper ◽  
Common Type ◽  
Cyber Attacks ◽  
Financial Information ◽  
Sensitive Data ◽  
Phishing Attacks ◽  
The Future ◽  
Banking Institutions ◽  
Account Information

A particularly dangerous and now common type of spam known as "Phishing” attempts to trick recipients into revealing personal and sensitive data, such as passwords, login ID’s, financial information or social security numbers. Recipients are directed to counterfeit and fraudulent websites that are exact duplicates of well-known and respected companies such as eBay, PayPal or large banking institutions and prompted to enter account information. This white paper addresses current issues associated with phishing scams and argues the most probable and likely direction phishing scams will follow in the future. Recommended safe user guidelines are included to help protect users from both current and future phishing attacks.

scholarly journals UNIVERSITY CYBER SECURITY AS A METHOD FOR ANTI-FISHING FRAUD

2020 ◽  
pp. 59-67
Author(s):  
Irina Tatomur
Keyword(s):  
Cyber Security ◽  
Educational Institution ◽  
Visual Presentation ◽  
Academic Community ◽  
Cyber Attacks ◽  
Asia Pacific ◽  
Economic Losses ◽  
Educational Institutions ◽  
Security Measures ◽  
Phishing Attacks

Introduction. With the rapid adoption of computer and networking technologies, educational institutions pay insufficient attention to the implementation of security measures to ensure the confidentiality, integrity and accessibility of data, and thus fall prey to cyber-attacks. Methods. The following methods were used in the process of writing the article: methods of generalization, analogy and logical analysis to determine and structure the motives for phishing attacks, ways to detect and prevent them; statistical analysis of data – to build a chronological sample of the world's largest cyber incidents and determine the economic losses suffered by educational institutions; graphical method – for visual presentation of results; abstraction and generalization – to make recommendations that would help reduce the number of cyber scams. Results. The article shows what role cyber security plays in counteracting phishing scams in the educational field. The motives for the implementation of phishing attacks, as well as methods for detecting and preventing them, have been identified and regulated. The following notions as "phishing", "submarine" and "whaling" are evaluated as the most dangerous types of fraud, targeting both small and large players in the information chain of any educational institution. An analytical review of the educational services market was conducted and a chronological sampling of the largest cyber incidents that occurred in the period 2010-2019 was made. The economic losses incurred by colleges, research institutions and leading universities in the world were described. It has been proven that the US and UK educational institutions have been the most attacked by attackers, somewhat inferior to Canada and countries in the Asia-Pacific region. It is found that education has become the top industry in terms of the number of Trojans detected on devices belonging to educational institutions and the second most listed among the most affected by the ransomware. A number of measures have been proposed to help reduce the number of cyber incidents. Discussion. The obtained results should be taken into account when formulating a strategy for the development of educational institutions, as well as raising the level of awareness of the representatives of the academic community in cybersecurity. Keywords: phishing, cyber security, cyber stalkers, insider threat, rootkit, backdoor.

Cyber Security Assessment of NPP I&C Systems

2020 ◽  
pp. 221-238
Author(s):  
Oleksandr Klevtsov ◽  
Artem Symonov ◽  
Serhii Trubchaninov
Keyword(s):  
Control Systems ◽  
Cyber Security ◽  
Nuclear Power ◽  
Power Plants ◽  
Cyber Attacks ◽  
Security Assessment ◽  
Nuclear Facilities ◽  
Security Risks ◽  
Cyber Threats ◽  
And Control

The chapter is devoted to the issues of cyber security assessment of instrumentation and control systems (I&C systems) of nuclear power plants (NPP). The authors examined the main types of potential cyber threats at the stages of development and operation of NPP I&C systems. Examples of real incidents at various nuclear facilities caused by intentional cyber-attacks or unintentional computer errors during the maintenance of the software of NPP I&C systems are given. The approaches to vulnerabilities assessment of NPP I&C systems are described. The scope and content of the assessment and periodic reassessment of cyber security of NPP I&C systems are considered. An approach of assessment to cyber security risks is described.

scholarly journals Towards Near-Real-Time Intrusion Detection for IoT Devices using Supervised Learning and Apache Spark

Electronics ◽  
2020 ◽  
Vol 9 (3) ◽  
pp. 444 ◽  
Author(s):  
Valerio Morfino ◽  
Salvatore Rampone
Keyword(s):  
Machine Learning ◽  
Random Forest ◽  
Learning Algorithms ◽  
Hybrid Approach ◽  
Cyber Attacks ◽  
Machine Learning Algorithms ◽  
Apache Spark ◽  
Identification Accuracy ◽  
Supervised Machine Learning ◽  
Iot Devices

In the fields of Internet of Things (IoT) infrastructures, attack and anomaly detection are rising concerns. With the increased use of IoT infrastructure in every domain, threats and attacks in these infrastructures are also growing proportionally. In this paper the performances of several machine learning algorithms in identifying cyber-attacks (namely SYN-DOS attacks) to IoT systems are compared both in terms of application performances, and in training/application times. We use supervised machine learning algorithms included in the MLlib library of Apache Spark, a fast and general engine for big data processing. We show the implementation details and the performance of those algorithms on public datasets using a training set of up to 2 million instances. We adopt a Cloud environment, emphasizing the importance of the scalability and of the elasticity of use. Results show that all the Spark algorithms used result in a very good identification accuracy (>99%). Overall, one of them, Random Forest, achieves an accuracy of 1. We also report a very short training time (23.22 sec for Decision Tree with 2 million rows). The experiments also show a very low application time (0.13 sec for over than 600,000 instances for Random Forest) using Apache Spark in the Cloud. Furthermore, the explicit model generated by Random Forest is very easy-to-implement using high- or low-level programming languages. In light of the results obtained, both in terms of computation times and identification performance, a hybrid approach for the detection of SYN-DOS cyber-attacks on IoT devices is proposed: the application of an explicit Random Forest model, implemented directly on the IoT device, along with a second level analysis (training) performed in the Cloud.

scholarly journals A Review of Cyber-Ranges and Test-Beds: Current and Future Trends

Sensors ◽  
2020 ◽  
Vol 20 (24) ◽  
pp. 7148
Author(s):  
Elochukwu Ukwandu ◽  
Mohamed Amine Ben Farah ◽  
Hanan Hindy ◽  
David Brosset ◽  
Dimitris Kavallieros ◽  
...  
Keyword(s):  
Decision Making ◽  
Situational Awareness ◽  
Cyber Attacks ◽  
Future Trends ◽  
Accurate Assessment ◽  
Comprehensive Understanding ◽  
The Future ◽  
Test Beds

Cyber situational awareness has been proven to be of value in forming a comprehensive understanding of threats and vulnerabilities within organisations, as the degree of exposure is governed by the prevailing levels of cyber-hygiene and established processes. A more accurate assessment of the security provision informs on the most vulnerable environments that necessitate more diligent management. The rapid proliferation in the automation of cyber-attacks is reducing the gap between information and operational technologies and the need to review the current levels of robustness against new sophisticated cyber-attacks, trends, technologies and mitigation countermeasures has become pressing. A deeper characterisation is also the basis with which to predict future vulnerabilities in turn guiding the most appropriate deployment technologies. Thus, refreshing established practices and the scope of the training to support the decision making of users and operators. The foundation of the training provision is the use of Cyber-Ranges (CRs) and Test-Beds (TBs), platforms/tools that help inculcate a deeper understanding of the evolution of an attack and the methodology to deploy the most impactful countermeasures to arrest breaches. In this paper, an evaluation of documented CRs and TBs platforms is evaluated. CRs and TBs are segmented by type, technology, threat scenarios, applications and the scope of attainable training. To enrich the analysis of documented CRs and TBs research and cap the study, a taxonomy is developed to provide a broader comprehension of the future of CRs and TBs. The taxonomy elaborates on the CRs/TBs dimensions, as well as, highlighting a diminishing differentiation between application areas.

Bring your own device to work: How serious is the risk?

2020 ◽  
Vol ahead-of-print (ahead-of-print) ◽  
Author(s):  
Fenio Annansingh
Keyword(s):  
Organizational Performance ◽  
Mobile Devices ◽  
Regulatory Compliance ◽  
Cyber Attacks ◽  
Security And Privacy ◽  
Bring Your Own Device ◽  
Security Risks ◽  
Content Type ◽  
Knowledge Leakage ◽  
Policies And Practices

Purpose Currently, one of the most significant challenges organizations face is that corporate data is being delivered to mobile devices that are not managed by the information technology department. This has security implications regarding knowledge leakage, data theft, and regulatory compliance. With these unmanaged devices, companies have less control and visibility, and fewer mitigation options when protecting against the risks of cyber-attacks. Therefore, the purpose of this study is to investigate how millennials' use of personal mobile devices for work contributes to increased exposure to cyber-attacks and, consequently, security and knowledge leakage risks. Design/methodology/approach This research used a mixed-method approach by using survey questionnaires to elicit the views of millennials regarding the cybersecurity risks associated with bring your own device policies and practices. Interviews were done with security personnel. Data analysis consisted of descriptive analysis and open coding. Findings The results indicate that millennials expect to have ready access to technology and social media at all times, irrespective of security and privacy concerns. Companies also need to improve and enforce bring your own device policies and practices to mitigate against knowledge leakage and security risks. Millennials increasingly see the use of personal devices as a right and not a convenience. They are expecting security measures to be more seamless within the full user experience. Originality/value This paper can help organizations and millennials to understand the security risks entering the workforce if the threats of using privately owned devices on the job are ignored and to improve organizational performance.

scholarly journals Towards a Multi-Layered Phishing Detection

Sensors ◽  
2020 ◽  
Vol 20 (16) ◽  
pp. 4540
Author(s):  
Kieran Rendall ◽  
Antonia Nisioti ◽  
Alexios Mylonas
Keyword(s):  
Machine Learning ◽  
State Of The Art ◽  
Detection System ◽  
Single Layer ◽  
Supervised Machine Learning ◽  
Data Driven ◽  
Feature Sets ◽  
Phishing Attacks ◽  
Production Environments ◽  
Phishing Detection

Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this threat, many data-driven approaches have been proposed, which mostly rely on the use of supervised machine learning under a single-layer approach. However, such approaches are resource-demanding and, thus, their deployment in production environments is infeasible. Moreover, most previous works utilise a feature set that can be easily tampered with by adversaries. In this paper, we investigate the use of a multi-layered detection framework in which a potential phishing domain is classified multiple times by models using different feature sets. In our work, an additional classification takes place only when the initial one scores below a predefined confidence level, which is set by the system owner. We demonstrate our approach by implementing a two-layered detection system, which uses supervised machine learning to identify phishing attacks. We evaluate our system with a dataset consisting of active phishing attacks and find that its performance is comparable to the state of the art.

scholarly journals Registered Nurse Strain Detection Using Ambient Data: An Exploratory Study of Underutilized Operational Data Streams in the Hospital Workplace

2020 ◽  
Vol 11 (04) ◽  
pp. 598-605
Author(s):  
Dana M. Womack ◽  
Michelle R. Hribar ◽  
Linsey M. Steege ◽  
Nancy H. Vuckovic ◽  
Deborah H. Eldredge ◽  
...  
Keyword(s):  
Data Streams ◽  
Communication Systems ◽  
Care Delivery ◽  
Initial Step ◽  
Supervised Machine Learning ◽  
Dynamic Monitoring ◽  
Work Shift ◽  
Communication Device ◽  
Communication Devices ◽  
Ambient Data

Abstract Background Registered nurses (RNs) regularly adapt their work to ever-changing situations but routine adaptation transforms into RN strain when service demand exceeds staff capacity and patients are at risk of missed or delayed care. Dynamic monitoring of RN strain could identify when intervention is needed, but comprehensive views of RN work demands are not readily available. Electronic care delivery tools such as nurse call systems produce ambient data that illuminate workplace activity, but little is known about the ability of these data to predict RN strain. Objectives The purpose of this study was to assess the utility of ambient workplace data, defined as time-stamped transaction records and log file data produced by non-electronic health record care delivery tools (e.g., nurse call systems, communication devices), as an information channel for automated sensing of RN strain. Methods In this exploratory retrospective study, ambient data for a 1-year time period were exported from electronic nurse call, medication dispensing, time and attendance, and staff communication systems. Feature sets were derived from these data for supervised machine learning models that classified work shifts by unplanned overtime. Models for three timeframes —8, 10, and 12 hours—were created to assess each model's ability to predict unplanned overtime at various points across the work shift. Results Classification accuracy ranged from 57 to 64% across three analysis timeframes. Accuracy was lowest at 10 hours and highest at shift end. Features with the highest importance include minutes spent using a communication device and percent of medications delivered via a syringe. Conclusion Ambient data streams can serve as information channels that contain signals related to unplanned overtime as a proxy indicator of RN strain as early as 8 hours into a work shift. This study represents an initial step toward enhanced detection of RN strain and proactive prevention of missed or delayed patient care.

Sign in / Sign up

Export Citation Format

Share Document