An In-Depth Benchmarking and Evaluation of Phishing Detection Research for Security Needs

Aassal, Ayman El; Baki, Shahryar; Das, Avisha; Verma, Rakesh M.

doi:10.1109/access.2020.2969780

Cited by 84 publications

(72 citation statements)

References 40 publications

(66 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In applications in which there is a computational bottleneck, the second approach may be preferable, with possible changes in the adversary's behaviour incorporated via retraining. This tension between the need to robustify algorithms against attacks (training phase, Section 5) and the fast adaptivity of attackers against defences (operational phase, Section 4) is well exemplified in the phishing detection domain as discussed in [2].…”

Section: Discussionmentioning

confidence: 99%

“…Classification is a major research area with important applications in security and cybersecurity, including fraud detection [1]: phishing detection [2], terrorism [3] or cargo screening [4]. An increasing number of processes are being automated through classification algorithms; it is essential that these are robust to trust key operations based on their output.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Perspectives on Adversarial Classification

2020

View full text Add to dashboard Cite

Adversarial classification (AC) is a major subfield within the increasingly important domain of adversarial machine learning (AML). So far, most approaches to AC have followed a classical game-theoretic framework. This requires unrealistic common knowledge conditions untenable in the security settings typical of the AML realm. After reviewing such approaches, we present alternative perspectives on AC based on adversarial risk analysis.

show abstract

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Perspectives on Adversarial Classification

2020

View full text Add to dashboard Cite

show abstract

“…Authors in El Aassal et al [ 22 ] proposed a benchmarking structure called PhishBench, which enables us to assess and analyze the existing features for phishing detection and completely understand indistinguishable test conditions, i.e., unified framework specification, datasets, classifiers, and performance measurements. The examinations indicated that the classification execution dropped when the proportion among phishing and authentic decreases towards 1 to 10.…”

Section: Literature Surveymentioning

confidence: 99%

A comprehensive survey of AI-enabled phishing attacks detection techniques

et al. 2020

View full text Add to dashboard Cite

In recent times, a phishing attack has become one of the most prominent attacks faced by internet users, governments, and service-providing organizations. In a phishing attack, the attacker(s) collects the client’s sensitive data (i.e., user account login details, credit/debit card numbers, etc.) by using spoofed emails or fake websites. Phishing websites are common entry points of online social engineering attacks, including numerous frauds on the websites. In such types of attacks, the attacker(s) create website pages by copying the behavior of legitimate websites and sends URL(s) to the targeted victims through spam messages, texts, or social networking. To provide a thorough understanding of phishing attack(s), this paper provides a literature review of Artificial Intelligence (AI) techniques: Machine Learning, Deep Learning, Hybrid Learning, and Scenario-based techniques for phishing attack detection. This paper also presents the comparison of different studies detecting the phishing attack for each AI technique and examines the qualities and shortcomings of these methodologies. Furthermore, this paper provides a comprehensive set of current challenges of phishing attacks and future research direction in this domain.

show abstract

“…Company representation fraud (aka job scam) attacks have increased in recent years [12,46,47]. Moreover, phishing detectors are not able to catch these frauds without retraining [1]. To gain an understanding of the parameters contributing to deception and action by the victim, we conduct a between-subjects study in which we take a well-known attack, viz., job scam, and parameterize it with signals such as surrounding context (facade) and customized content.…”

Section: Introductionmentioning

confidence: 99%

Scam Augmentation and Customization: Identifying Vulnerable Users and Arming Defenders

Baki

Verma

Gnawali

2020

Proceedings of the 15th ACM Asia Conference on Computer and Communications Security

Self Cite

View full text Add to dashboard Cite

Why do "classical" attacks such as phishing, IRS scams, etc., still succeed? How do attackers increase their chances of success? How do people reason about scams and frauds they face daily? More research is needed on these questions, which is the focus of this paper. We take a well-known attack, viz. company representative fraud, and study several parameters that bear on its effectiveness with a between-subjects study. We also study the effectiveness of a coherent language generation technique in producing phishing emails. We give ample room for the participants to demonstrate their reasoning and strategies. Unfortunately, our experiment indicates that participants are inadequately prepared for dealing with even the company representative fraud. Participants also could not differentiate between offers written by human or generated semi-automatically. Moreover, our results show attackers can easily increase their success rate by adding some basic information about the sender, so defenders should focus more on such attacks. We also observed that participants who paid attention to more clues were better in distinguishing legitimate messages from phishing, hence training regimes should check for reasoning strategies, not just who did not click on a link or download an attachment. Thus, insights from our work can help defenders in developing better strategies to evaluate their defenses and also in devising more effective training strategies. CCS CONCEPTS • Security and privacy → Phishing; Usability in security and privacy; • Human-centered computing → User studies.

show abstract

An In-Depth Benchmarking and Evaluation of Phishing Detection Research for Security Needs

Cited by 84 publications

References 40 publications

Perspectives on Adversarial Classification

Perspectives on Adversarial Classification

A comprehensive survey of AI-enabled phishing attacks detection techniques

Scam Augmentation and Customization: Identifying Vulnerable Users and Arming Defenders

Contact Info

Product

Resources

About