Phishing Classification Techniques: A Systematic Literature Review

Abdillah, Rahmad; Shukur, Zarina; Mohd, Masnizah; Murah, Mohd Zamri

doi:10.1109/access.2022.3166474

Cited by 10 publications

(3 citation statements)

References 83 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Reference [6] focuses on the role of human factors in phishing attacks and presents human factors-based solutions to reduce phishing attacks. [7] describes common phishing attack vectors, data sources, and identi cation methods used to mitigate phishing attacks and [8] delves into the technical and individual attributes of phishing attacks, motivations behind them, and user characteristics. Authors [9] review deep learning algorithms for phishing mitigation, while [10] presents a literature review of phishing and antiphishing techniques, [11] and [12] focus on using natural language processing (NLP) techniques for detecting phishing emails and websites, respectively.…”

Section: Literature Reviewmentioning

confidence: 99%

A Machine Learning Model for Predicting Phishing Websites

Boussi,

Gupta,

Hossain

2023

Preprint

View full text Add to dashboard Cite

There are various types of cybercrime, and hackers often target specific ones for different reasons, such as financial gain, recognition, or even revenge. Cybercrimes can occur anywhere in the world, as the location of both the victim and the criminal is not a limiting factor. Different countries may have different common types of cybercrime, influenced by factors such as the country's economic situation, level of internet activity, and overall development. Phishing is a prevalent type of cybercrime in the financial sector, regardless of the country's circumstances. While the phishing techniques used in developed countries may differ from those in developing countries, the impact remains the same, resulting in financial losses. In our work, a dataset consisting of 48 features extracted from 5,000 phishing webpages and 5,000 legitimate webpages was used to predict whether a website is phishing or not, achieving an accuracy of 98%.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

A Machine Learning Model for Predicting Phishing Websites

Boussi,

Gupta,

Hossain

2023

Preprint

View full text Add to dashboard Cite

show abstract

“…Adebowale et al employed convolutional neural networks and long short-term memory networks to build a hybrid classification model for phishing website detection [35]. Additionally, several studies have conducted a comprehensive review of recent literature on phishing website detection [36][37][38].…”

Section: Related Workmentioning

confidence: 99%

Improved Phishing Attack Detection with Machine Learning: A Comprehensive Evaluation of Classifiers and Features

Kapan,

Sora Gunal

2023

Applied Sciences

View full text Add to dashboard Cite

In phishing attack detection, machine learning-based approaches are more effective than simple blacklisting strategies, as they can adapt to new types of attacks and do not require manual updates. However, for these approaches, the choice of features and classifiers directly influences detection performance. Therefore, in this work, the contributions of various features and classifiers to detecting phishing attacks were thoroughly analyzed to find the best classifier and feature set in terms of different performance metrics including accuracy, precision, recall, F1-score, and classification time. For this purpose, a brand-new phishing dataset was prepared and made publicly available. Using an exhaustive strategy, every combination of the feature groups was fed into various classifiers to detect phishing websites. Two existing benchmark datasets were also used in addition to ours for further analysis. The experimental results revealed that the features based on the uniform resource locator (URL) and hypertext transfer protocol (HTTP), rather than all features, offered the best performance. Also, the decision tree classifier surpassed the others, achieving an F1-score of 0.99 and being one of the fastest classifiers overall.

show abstract

“…Phishing attacks are one of the most widespread cyberattacks, with spear-phishing being a more targeted version with a much higher devastating effect [32,33]. The Anti-Phishing Working Group (APWG) has been documenting the increase in phishing attacks as early as 2004; their latest quarterly report shows the increasing trend in phishing attacks [3].…”

Section: Literature Reviewmentioning

confidence: 99%

Study of Student Personality Trait on Spear-Phishing Susceptibility Behavior

Alhaddad¹,

Mohd²,

Qamar³

et al. 2023

IJACSA

View full text Add to dashboard Cite

Spear-phishing emails are an effective cyber-attack method due to the fact that the emails sent are highly personalized to look like a regular legitimate email. Recently, it was discovered that personality traits of the victim have an impact on a person's susceptibility to spear-phishing. This study aims to identify which personality traits affect spear-phishing susceptibility besides other traits such as Information Technology background, gender, and age. In addition, measure of the effectiveness of embedded training systems and see whether message framing can further help increase its effectiveness. A personality trait survey was sent to 100 participants, followed by a real-life spear-phishing simulation to measure a certain personality trait's influence on phishing susceptibility. After a two-week period, the second round of spear-phishing emails was sent again to measure message framing effectiveness. The personality traits analysis results show that users with higher levels of Internet anxiety are less susceptible to spear-phishing emails. While the message framing did not show any significant results, the embedded training program reduced the click rate. Findings revealed that certain people are more susceptible to spear-phishing emails than others. Thus, this work can guide an institution or organizations to identify which group of people are more vulnerable to spearphishing.

show abstract

Phishing Classification Techniques: A Systematic Literature Review

Cited by 10 publications

References 83 publications

A Machine Learning Model for Predicting Phishing Websites

A Machine Learning Model for Predicting Phishing Websites

Improved Phishing Attack Detection with Machine Learning: A Comprehensive Evaluation of Classifiers and Features

Study of Student Personality Trait on Spear-Phishing Susceptibility Behavior

Contact Info

Product

Resources

About