Piracema.io: A rules-based tree model for phishing prediction

“…The records extraction, which was carried out by Silva et al 18 in their work, started in August 2018 and ended in January 2019, with data from 2016 to 2018. Records from 2019 to 2021 were obtained between 2020 and 2022, completing this database.…”

“…In case the content of the source code is significant, you can analyze features such as cross-domain forwarding and clickjacking attempts and fake user errors 25 . This last feature is present in attacks aimed at mobile devices, where the fraud is developed according to the devices resolution and if the user tries to open the link through a desktop browser, an HTTP error is displayed that was simulated by the attacker 18 . Hosting service: Defines whether the page in question is hosted on a hosting service.…”

“…Given this, through social engineering, the attacker observes visual aspects of the content, context and URL of the page. The whole motivation for this effort, on the part of the attacker, is to create a greater susceptibility of the end user to phishing attacks 18 . It was possible to extract this feature using a Python script, supported by NLP and Regex.…”

“…Additionally, it is possible to link these subfeatures to certain phishing behaviors, whose some aspects are debated in the literature, such as spread and volatility. Based on studies by Silva et al 17 , 18 , see the nomenclatures and definitions adopted by this study to explain the behaviors commonly observed in phishing: Trustworthiness , describes the high richness of fraud details compared to the genuine page. In view of this, the attacker extracts profiles of each target involved, which translate into a set of behaviors that serve as a subsidy for the elaboration of the malicious page 26 .…”

“…To address this problem, this article presents a public phishing database, organized and consistent, to help studies that need to build a dataset. The base was used previously in the study by Silva et al 17 , 18 , analyzing static and dynamic aspects of phishing, which justifies its relevance for data reuse. By storing information such as WHOIS and page content, the base includes details regarding temporal aspects, i.e., phishing behaviors that can be loosed over time due to their volatile nature, which is why this base receives the term snapshot.…”

Piracema: a Phishing snapshot database for building dataset features

“…The records extraction, which was carried out by Silva et al 18 in their work, started in August 2018 and ended in January 2019, with data from 2016 to 2018. Records from 2019 to 2021 were obtained between 2020 and 2022, completing this database.…”

“…In case the content of the source code is significant, you can analyze features such as cross-domain forwarding and clickjacking attempts and fake user errors 25 . This last feature is present in attacks aimed at mobile devices, where the fraud is developed according to the devices resolution and if the user tries to open the link through a desktop browser, an HTTP error is displayed that was simulated by the attacker 18 . Hosting service: Defines whether the page in question is hosted on a hosting service.…”

“…Given this, through social engineering, the attacker observes visual aspects of the content, context and URL of the page. The whole motivation for this effort, on the part of the attacker, is to create a greater susceptibility of the end user to phishing attacks 18 . It was possible to extract this feature using a Python script, supported by NLP and Regex.…”

“…Additionally, it is possible to link these subfeatures to certain phishing behaviors, whose some aspects are debated in the literature, such as spread and volatility. Based on studies by Silva et al 17 , 18 , see the nomenclatures and definitions adopted by this study to explain the behaviors commonly observed in phishing: Trustworthiness , describes the high richness of fraud details compared to the genuine page. In view of this, the attacker extracts profiles of each target involved, which translate into a set of behaviors that serve as a subsidy for the elaboration of the malicious page 26 .…”

“…To address this problem, this article presents a public phishing database, organized and consistent, to help studies that need to build a dataset. The base was used previously in the study by Silva et al 17 , 18 , analyzing static and dynamic aspects of phishing, which justifies its relevance for data reuse. By storing information such as WHOIS and page content, the base includes details regarding temporal aspects, i.e., phishing behaviors that can be loosed over time due to their volatile nature, which is why this base receives the term snapshot.…”

Piracema: a Phishing snapshot database for building dataset features

Phishing URL Detection with Prototypical Neural Network Disentangled by Triplet Sampling

INNES: An intelligent network penetration testing model based on deep reinforcement learning