Multilayer hybrid strategy for phishing email zero‐day filtering

Chowdhury, Mihir; Abawajy, Jemal; Kelarev, AV; Hochin, Teruhisa

doi:10.1002/cpe.3929

Cited by 12 publications

(17 citation statements)

References 49 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A phishing attack that uses sophisticated techniques that direct online customers to a new web page that has not yet been included in the black-list is called a zero-day attack [131]. Chowdhury et al [132] in their overview of the work on the filtering of phishing emails and pruning techniques, proposed a multilayer hybrid strategy (MHS) for the zero-day filtering of phishing emails that emerge during a separate time span, which uses the training data collected previously during another time span. MHS was based on a new pruning method, the multilayer hybrid pruning (MHP).…”

Section: Email Miningmentioning

confidence: 99%

Text Mining in Big Data Analytics

Hassani

Beneki

Unger

et al. 2020

BDCC

188

View full text Add to dashboard Cite

Text mining in big data analytics is emerging as a powerful tool for harnessing the power of unstructured textual data by analyzing it to extract new knowledge and to identify significant patterns and correlations hidden in the data. This study seeks to determine the state of text mining research by examining the developments within published literature over past years and provide valuable insights for practitioners and researchers on the predominant trends, methods, and applications of text mining research. In accordance with this, more than 200 academic journal articles on the subject are included and discussed in this review; the state-of-the-art text mining approaches and techniques used for analyzing transcripts and speeches, meeting transcripts, and academic journal articles, as well as websites, emails, blogs, and social media platforms, across a broad range of application areas are also investigated. Additionally, the benefits and challenges related to text mining are also briefly outlined.

show abstract

Section: Email Miningmentioning

confidence: 99%

Text Mining in Big Data Analytics

Hassani

Beneki

Unger

et al. 2020

BDCC

188

View full text Add to dashboard Cite

show abstract

“…Misspelled/Bad domain name 8 U [36], [42], [43], [56], [69], [72], [80], [89] Top Level Domain features 22 U,W,E [36], [38], [43], [46], [65], [69], [70], [78], [85], uW: [105], [107], [110], [113], [138], [139], [152], [154], [157], uE: [163], [170], [182], [194] TTL c value of DNS 9 U,W,E [28], [43], [47], [70], uW: [93], [102], [132], [144], uE: [186] Age of Domain 13 U,W,E [52], uW: [107], [113], [119], [120], [124], [125], [127], [132], [150],…”

Section: Dns Basedmentioning

confidence: 99%

SoK: A Comprehensive Reexamination of Phishing Research From the Security Perspective

Das

Baki

Aassal

et al. 2020

IEEE Commun. Surv. Tutorials

102

View full text Add to dashboard Cite

Phishing and spear phishing are typical examples of masquerade attacks since trust is built up through impersonation for the attack to succeed. Given the prevalence of these attacks, considerable research has been conducted on these problems along multiple dimensions. We reexamine the existing research on phishing and spear phishing from the perspective of the unique needs of the security domain, which we call security challenges: real-time detection, active attacker, dataset quality and baserate fallacy. We explain these challenges and then survey the existing phishing/spear phishing solutions in their light. This viewpoint consolidates the literature and illuminates several opportunities for improving existing solutions. We organize the existing literature based on detection techniques for different attack vectors (e.g., URLs, websites, emails) along with studies on user awareness. For detection techniques we examine properties of the dataset, feature extraction, detection algorithms used, and performance evaluation metrics. This work can help guide the development of more effective defenses for phishing, spear phishing and email masquerade attacks of the future, as well as provide a framework for a thorough evaluation and comparison.

show abstract

“…An empirical study by [46] used a layered process to strengthen an ensemble of classifiers by pruning, a technique to remove minor contributions to classification. Despite efforts to enhance the pruning process and achieving a higher F-measure compared to other non-pruned techniques, the dataset in use was very small.…”

Section: Related Workmentioning

confidence: 99%

Towards a Multi-Layered Phishing Detection

Rendall

Nisioti

Mylonas

2020

Sensors

View full text Add to dashboard Cite

Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this threat, many data-driven approaches have been proposed, which mostly rely on the use of supervised machine learning under a single-layer approach. However, such approaches are resource-demanding and, thus, their deployment in production environments is infeasible. Moreover, most previous works utilise a feature set that can be easily tampered with by adversaries. In this paper, we investigate the use of a multi-layered detection framework in which a potential phishing domain is classified multiple times by models using different feature sets. In our work, an additional classification takes place only when the initial one scores below a predefined confidence level, which is set by the system owner. We demonstrate our approach by implementing a two-layered detection system, which uses supervised machine learning to identify phishing attacks. We evaluate our system with a dataset consisting of active phishing attacks and find that its performance is comparable to the state of the art.

show abstract

Multilayer hybrid strategy for phishing email zero‐day filtering

Cited by 12 publications

References 49 publications

Text Mining in Big Data Analytics

Text Mining in Big Data Analytics

SoK: A Comprehensive Reexamination of Phishing Research From the Security Perspective

Towards a Multi-Layered Phishing Detection

Contact Info

Product

Resources

About