A Dynamic and Combined Phishing Detection Technique

With the quick advancement of web applications, internet users are spending more and more time with these applications .They utilize the benefits of the internet in doing all the day-to-day chores from reading newspaper to grocery shopping .This makes them prone to various kinds of cyber-attacks such as phishing , password attack , malwares etc...Phishing is one of the most common cyber-attack which is made by the attackers to take the users’ delicate data . In phishing attack the users are first tempted with attractive offers and are then redirected to illegitimate (phishing) websites which ask for their credentials .In spite of the alert and awareness spread against these types of cyber-attacks , people continue to fall prey and get affected .The attackers have evolved with time and craft the attacks in such a way that the phishing websites and emails may seem real .Many systems and algorithms have been developed to predict phishing attacks .However ,the achievement rate of phishing attacks stays high and it’s detection is prone towards high true negative and false positive ratio. Therefore ,to deal with this conundrum we are putting forward a generalized algorithm for phishing detection with improved accuracy.

Download Full-text

Detecting Phishing Website with Machine Learning

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.k1439.098319 ◽

2019 ◽

Vol 8 (3) ◽

pp. 5626-5629

Keyword(s):

Machine Learning ◽

Detection Rate ◽

Detection System ◽

Attack Detection ◽

Svm Classifier ◽

Cyber Attack ◽

Phishing Attacks ◽

Two Parameters ◽

Phishing Detection

Attacks are many types to disturb the network or any other websites. Phishing attacks (PA) are a type of attacks which attack the website and damage the website and may lose the data. Many types of research have been done to prevent the attacks. To overcome this, in this paper, the integrated phishing attack detection system which is adopted with SVM classifier is implemented to detect phishing websites. Phishing is the cyber attack that will destroy the website and may attack with the virus. There are two parameters that can detect the final phishing detection rate such as Identity, and security. Phishing attacks also occur in various banking and e-commerce websites. This paper deals with the UCL machine learning phishing dataset which consists of 32 attributes. The proposed algorithm implements on this dataset and shows the performance.

Download Full-text

A novel hybrid approach of SVM combined with NLP and probabilistic neural network for email phishing

International Journal of Electrical and Computer Engineering (IJECE) ◽

10.11591/ijece.v10i1.pp486-493 ◽

2020 ◽

Vol 10 (1) ◽

pp. 486 ◽

Cited By ~ 1

Author(s):

Abhishek Kumar ◽

Jyotir Moy Chatterjee ◽

Vicente García Díaz

Keyword(s):

Neural Network ◽

Feature Extraction ◽

Probabilistic Neural Network ◽

Hybrid Approach ◽

Cyber Attacks ◽

Hybrid Analysis ◽

Phishing Attacks ◽

Phishing Detection ◽

Hybrid Methodology

Phishing attacks are one of the slanting cyber-attacks that apply socially engineered messages that are imparted to individuals from expert hackers going for tricking clients to uncover their delicate data, the most mainstream correspondence channel to those messages is through clients' emails. Phishing has turned into a generous danger for web clients and a noteworthy reason for money related misfortunes. Therefore, different arrangements have been created to handle this issue. Deceitful emails, also called phishing emails, utilize a scope of impact strategies to convince people to react, for example, promising a fiscal reward or summoning a feeling of criticalness. Regardless of far reaching alerts and intends to instruct clients to distinguish phishing sends, these are as yet a pervasive practice and a worthwhile business. The creators accept that influence, as a style of human correspondence intended to impact others, has a focal job in fruitful advanced tricks. Cyber criminals have ceaselessly propelling their techniques for assault. The current strategies to recognize the presence of such malevolent projects and to keep them from executing are static, dynamic and hybrid analysis. In this work we are proposing a hybrid methodology for phishing detection incorporating feature extraction and classification of the mails using SVM. At last, alongside the chose features, the PNN characterizes the spam mails from the genuine mails with more exactness and accuracy.

Download Full-text

AppPerm Analyzer: Malware Detection System Based on Android Permissions and Permission Groups

International Journal of Software Engineering and Knowledge Engineering ◽

10.1142/s0218194020500175 ◽

2020 ◽

Vol 30 (03) ◽

pp. 427-450 ◽

Cited By ~ 2

Author(s):

İbrahim Alper Doğru ◽

Murat Önder

Keyword(s):

Mobile Devices ◽

Detection System ◽

Risk Scores ◽

True Positive ◽

Android Application ◽

Total Risk ◽

True Negative ◽

Android Malware ◽

Positive Ratio ◽

False Positive Ratio

Besides the applications aimed at increasing the efficiency of the Android mobile devices, also many malicious applications, millions of Android malware according to various security company reports, are being developed and uploaded into the application stores. In order to detect those applications, a malicious Android application detection system based on permission and permission groups namely, AppPerm Analyzer has been developed. The AppPerm Analyzer software extracts the manifest and code permissions of analyzed applications, creates duple and triple permission groups from them, calculates risk scores of these permissions and permission groups according to their usage rates in malicious and benign applications and calculates the total risk score of the analyzed application. After training the software with 7776 applications in total, it is tested with 1664 benign and 1664 malicious applications. In the tests, AppPerm Analyzer detected malicious applications with an accuracy of 96.19% at most. At this point, sensitivity (true-positive ratio) is 95.50% and specificity (true-negative ratio) is 96.88%. If a false-positive ratio up to 10% is accepted, the sensitivity increases to 99.04%.

Download Full-text

The Spatial Analysis of the Malicious Uniform Resource Locators (URLs): 2016 Dataset Case Study

Information ◽

10.3390/info12010002 ◽

2020 ◽

Vol 12 (1) ◽

pp. 2

Author(s):

Raid W. Amin ◽

Hakki Erhan Sevil ◽

Salih Kocak ◽

Guillermo Francia ◽

Philip Hoover

Keyword(s):

Spatial Analysis ◽

Disease Surveillance ◽

Monte Carlo Study ◽

Cyber Attacks ◽

Cyber Attack ◽

Internet Users ◽

Novel Approach ◽

Different Types ◽

Relative Risk Assessment

In this study, we aimed to identify spatial clusters of countries with high rates of cyber attacks directed at other countries. The cyber attack dataset was obtained from Canadian Institute for Cybersecurity, with over 110,000 Uniform Resource Locators (URLs), which were classified into one of 5 categories: benign, phishing, malware, spam, or defacement. The disease surveillance software SaTScanTM was used to perform a spatial analysis of the country of origin for each cyber attack. It allowed the identification of spatial and space-time clusters of locations with unusually high counts or rates of cyber attacks. Number of internet users per country obtained from the 2016 CIA World Factbook was used as the population baseline for computing rates and Poisson analysis in SaTScanTM. The clusters were tested for significance with a Monte Carlo study within SaTScanTM, where any cluster with p < 0.05 was designated as a significant cyber attack cluster. Results using the rate of the different types of malicious URL cyber attacks are presented in this paper. This novel approach of studying cyber attacks from a spatial perspective provides an invaluable relative risk assessment for each type of cyber attack that originated from a particular country.

Download Full-text

The invisible hole of information on SMB's cybersecurity

Online Journal of Applied Knowledge Management ◽

10.36965/ojakm.2019.7(1)14-26 ◽

2019 ◽

Vol 7 (1) ◽

pp. 14-26

Author(s):

Ruti Gafni ◽

Tal Pavel

Keyword(s):

Mass Communication ◽

Cyber Attacks ◽

Communication Media ◽

Specific Information ◽

Exploratory Research ◽

Cyber Attack ◽

Public Attention ◽

Cyber Threats ◽

Accessible Information ◽

Types Of Information

Small and Medium Businesses (SMB) use Internet and computer-based tools in their daily processes, sometimes without being aware to the cyber threats, or without knowing how to be prepared in case of a cyber-attack, although they are a major target for cyber-attacks. Specific information about cybersecurity needed by SMBs, in order to cope with cyber threats, is not always available or easily accessible. In this study, a vast search of different types of information about SMBs’ cybersecurity was performed, in order to find whether a hole of accessible information exists in this area. This exploratory research covered general mass communication media channels, technological and professional cybersecurity websites, and academic journals, and found that indeed very few studies, articles and news items were published in this matter. Leveraging knowledge and awareness, diminishing the shame for reporting cyber-attacks, and increasing mass communication media interest and public attention, may be activities to cover this “invisible hole”.

Download Full-text

Fully Automatic Fall Risk Assessment Based on a Fast Mobility Test

Sensors ◽

10.3390/s21041338 ◽

2021 ◽

Vol 21 (4) ◽

pp. 1338

Author(s):

Wojciech Tylman ◽

Rafał Kotas ◽

Marek Kamiński ◽

Paweł Marciniak ◽

Sebastian Woźniak ◽

...

Keyword(s):

Risk Assessment ◽

Fall Risk ◽

Low Cost ◽

Body Movement ◽

Sole Source ◽

Timed Up And Go ◽

True Negative ◽

Fall Risk Assessment ◽

Positive Ratio ◽

Mobility Test

This paper presents a fall risk assessment approach based on a fast mobility test, automatically evaluated using a low-cost, scalable system for the recording and analysis of body movement. This mobility test has never before been investigated as a sole source of data for fall risk assessment. It can be performed in a very limited space and needs only minimal additional equipment, yet provides large amounts of information, as the presented system can obtain much more data than traditional observation by capturing minute details regarding body movement. The readings are provided wirelessly by one to seven low-cost micro-electro-mechanical inertial measurement units attached to the subject’s body segments. Combined with a body model, these allow segment rotations and translations to be computed and for body movements to be recreated in software. The subject can then be automatically classified by an artificial neural network based on selected values in the test, and those with an elevated risk of falls can be identified. Results obtained from a group of 40 subjects of various ages, both healthy volunteers and patients with vestibular system impairment, are presented to demonstrate the combined capabilities of the test and system. Labelling of subjects as fallers and non-fallers was performed using an objective and precise sensory organization test; it is an important novelty as this approach to subject labelling has never before been used in the design and evaluation of fall risk assessment systems. The findings show a true-positive ratio of 85% and true-negative ratio of 63% for classifying subjects as fallers or non-fallers using the introduced fast mobility test, which are noticeably better than those obtained for the long-established Timed Up and Go test.

Download Full-text

The Structure of Cyber Attacks

International Journal of Information Security and Cybercrime ◽

10.19107/ijisc.2020.01.06 ◽

2020 ◽

Vol 9 (1) ◽

pp. 43-52

Author(s):

Silviu-Elian MITRĂ

Keyword(s):

Mode Of Action ◽

Cyber Attacks ◽

Cyber Attack ◽

Computer Viruses ◽

Unique Mode ◽

External Sources

The objective of this portfolio is to ensure a good understanding of the topic of the complex and unique mode of action of cyber attacks, as well as the study of the ways in which they occur. The content of this portfolio includes from the beginning of computer viruses to the specific modern mechanisms of cyber attack undertaken by cybercriminals in order to cause detriment, but also theft or damage to certain information. Furthermore, this paper also provides essential aspects regarding the protection methods that users must undertake so that they can prevent and at the same time face these dangers specific to our age. In the elaboration of this study, there were used both personal methods, by applying my own knowledge accumulated through the study, and accessing external sources containing information necessary to complete the insufficiently analyzed problems. In essence, the elaboration of this study ensured the coverage of all relevant domains and aspects that are based on the structure and conception of cyber attacks, as well as in the manner provided by their action and manifestation.

Download Full-text

Building a Cybersecurity Culture in the Industrial Control System Environment

International Journal of Information Security and Cybercrime ◽

10.19107/ijisc.2019.01.05 ◽

2019 ◽

Vol 8 (1) ◽

pp. 39-44

Author(s):

Claudia ARAUJO MACEDO ◽

Jos MENTING

Keyword(s):

Control System ◽

Control Systems ◽

Cyber Attacks ◽

Cyber Attack ◽

Industrial Control System ◽

Security Measures ◽

Industrial Control ◽

Industrial Control Systems ◽

System A ◽

Educational Processes

Cybersecurity in industrial control system environments has become a significant concern and is even more relevant in the context of critical infrastructures where control system disruption could have a profound impact on health, safety and the environment. This makes this type of system a major target for malicious activities. Notwithstanding an organization’s interest in protecting its industrial control systems against cyber-attacks, the implementation of security measures, whether technical, organizational or human, still faces resistance and is often seen as a constraint. Using the best technology to protect industrial control systems makes no sense if persons with access do not act attentively and protectively. Technical and human cybersecurity measures are intrinsically linked, and it is essential that all persons with access to these systems are fully aware of the inherent cyber risks. Organizations must also act so that staff receive appropriate training on how to keep systems continuously protected against cyber-attack when carrying out their daily tasks. These educational processes can contribute to building an effective cybersecurity culture fully reflective of management and staff attitudes, so that the availability, integrity and confidentiality of information in industrial control systems can be assured.

Download Full-text

SARCP - Exploiting Cyber-Attack Prediction Through Socially-Aware Recommendation

International Journal of Decision Support System Technology ◽

10.4018/ijdsst.286691 ◽

2022 ◽

Vol 14 (1) ◽

pp. 0-0

Keyword(s):

Social Network ◽

Real World ◽

Cyber Security ◽

Betweenness Centrality ◽

Cyber Attacks ◽

Experimental Results ◽

Cyber Attack ◽

Defence Mechanisms ◽

Network Measure ◽

Recommender Algorithm

In the domain of cyber security, the defence mechanisms of networks has traditionally been placed in a reactionary role. Cyber security professionals are therefore disadvantaged in a cyber-attack situation due to the fact that it is vital that they maneuver such attacks before the network is totally compromised. In this paper, we utilize the Betweenness Centrality network measure (social property) to discover possible cyber-attack paths and then employ computation of similar personality of nodes/users to generate predictions about possible attacks within the network. Our method proposes a social recommender algorithm called socially-aware recommendation of cyber-attack paths (SARCP), as an attack predictor in the cyber security defence domain. In a social network, SARCP exploits and delivers all possible paths which can result in cyber-attacks. Using a real-world dataset and relevant evaluation metrics, experimental results in the paper show that our proposed method is favorable and effective.

Download Full-text

Comparing Single Tier and Three Tier Infrastructure Designs against DDoS Attacks

International Journal of Cloud Applications and Computing ◽

10.4018/ijcac.2017070103 ◽

2017 ◽

Vol 7 (3) ◽

pp. 59-75 ◽

Cited By ~ 2

Author(s):

Akashdeep Bhardwaj ◽

Sam Goundar

Keyword(s):

Data Center ◽

Denial Of Service ◽

Cyber Attacks ◽

Cyber Attack ◽

Ddos Attacks ◽

Design Data ◽

Application Performance ◽

Server Virtualization ◽

Security Officers ◽

Cloud Environments

With the rise in cyber-attacks on cloud environments like Brute Force, Malware or Distributed Denial of Service attacks, information security officers and data center administrators have a monumental task on hand. Organizations design data center and service delivery with the aim of catering to maximize device provisioning & availability, improve application performance, ensure better server virtualization and end up securing data centers using security solutions at internet edge protection level. These security solutions prove to be largely inadequate in times of a DDoS cyber-attack. In this paper, traditional data center design is reviewed and compared to the proposed three tier data center. The resilience to withstand against DDoS attacks is measured for Real User Monitoring parameters, compared for the two infrastructure designs and the data is validated using T-Test.

Download Full-text