Maria Sameen scite author profile

Maria Sameen

2Publications

29Citation Statements Received

46Citation Statements Given

How they've been cited

How they cite others

Affiliations

Gachon University

Publications

Order By: Most citations

PhishHaven—An Efficient Real-Time AI Phishing URLs Detection System

2020

View full text Add to dashboard Cite

Different machine learning and deep learning-based approaches have been proposed for designing defensive mechanisms against various phishing attacks. Recently, researchers showed that phishing attacks can be performed by employing a deep neural network-based phishing URL generating system called DeepPhish. To prevent this kind of attack, we design an ensemble machine learning-based detection system called PhishHaven to identify AI-generated as well as human-crafted phishing URLs. To the best of our knowledge, this is the first study to consider detecting phishing attacks by both AI and human attackers. PhishHaven employs lexical analysis for feature extraction. To further enhance lexical analysis, we introduce URL HTML Encoding to classify URL on-the-fly and proactively compare with some of the existing methods. We also introduce a URL Hit approach to deal with tiny URLs, which is an open problem yet to be solved. Moreover, the final classification of URLs is made on an unbiased voting mechanism in PhishHaven, which aims to avoid misclassification when the number of votes is equal. To speed up the ensemble-based machine learning models, PhishHaven employs a multi-threading approach to execute the classification in parallel, leading to real-time detection. Theoretical analysis of our solution shows that (1) it can always detect tiny URLs, and (2) it can detect future AI-generated Phishing URLs based on our selected lexical features with 100% accuracy. Through experiments, we analyze our solution with a benchmark dataset of 100,000 phishing and normal URLs. The results show that PhishHaven can achieve 98.00% accuracy, outperforming the existing lexical-based human-crafted phishing URLs detection systems. INDEX TERMS AI-generated phishing URLs, ensemble machine learning, human-crafted phishing URLs, lexical features, multi-threading, tiny URLs, URL HTML encoding, voting.

show abstract

TIMPANY—deTectIon of Model Poisoning Attacks usiNg accuracY

Sameen

Hwang²

2021

IEEE Access

View full text Add to dashboard Cite

Nowadays, Federated Learning has widely been adopted for data security in the Industrial IoTs. With Federated Learning, local Industrial IoTs devices download the current machine learning model and update it on their own local Industrial IoTs devices. Then, local Industrial IoTs devices transmit these locally trained models back to the Industrial Server. The Industrial Server aggregates all the locally trained models into a single consolidated and enhanced global model. On one side, Federated Learning secures the data; on the other side, Federated Learning itself is vulnerable to one subtle yet severe attack: the model poisoning attack. Model poisoning attack is difficult to detect, especially in Industrial IoTs applications, for two reasons: a) neither the Industrial Server nor the local Industrial IoTs devices in Federated Learning is capable of identifying poisoned local models, and b) every iteration of Federated Learning consists of many Industrial IoTs devices, and therefore, verification of every single device is computationally expensive. Thus, this study proposes an effective and efficient framework for deTectIon of Model Poisoning Attacks usiNg AccuracY (TIMPANY). TIMPANY is the first detection framework for the model poisoning attack that utilizes accuracy as a detection measure. We performed theoretical analysis of TIMPANY with other detection solutions (for model poisoning attack) concerning communication and computational efficiency, security, and detection accuracy. Our thorough theoretical comparative analysis showed that TIMPANY efficiently addresses these open research challenges that previous studies failed to address. In our thorough experimental analysis, error analysis from the first iteration shows that TIMPANY results in 0% error, leading to a True Positive Rate and accuracy of 100% with 0% False Positive Rate. Thus, TIMPANY outperformed some of the existing detection solutions for model poisoning attacks against Federated Learning. We conclude that TIMPANY is effective and efficient against model poisoning attacks in Federated Learning, even for resource-constrained Industrial IoTs devices widely used in various industrial applications.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

hi@scite.ai

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

Maria Sameen

PhishHaven—An Efficient Real-Time AI Phishing URLs Detection System

TIMPANY—deTectIon of Model Poisoning Attacks usiNg accuracY

Contact Info

Product

Resources

About