Sniff‐Phish: A novel framework for resource intensive computation in cloud to detect email scam

Kumar, M. Satheesh; Srinivasagan, K. G.; Ben‐Othman, Jalel

doi:10.1002/ett.3590

Cited by 4 publications

References 27 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

Intelligent antiphishing framework to detect phishing scam: A hybrid classification approach

Marimuthu¹,

Gopalasamy²,

Ben‐Othman

2021

Softw Pract Exp

View full text Add to dashboard Cite

In the inevitably hi‐tech universe of cybercrimes, one of the major still prevailing methods is the usage of the malicious URLs and creating a Phishing link to obtain user credentials from the people. This method is highly subtle and has more effect on people's lives as well as corporate loss. To identify the malicious URLs, the security community has listed blacklists and benign links online. Still, as the technology is being developed day by day, the attackers try to create new phishing URLs using new social engineering methods that could be easily forged into the user's account. To improve the generality of malicious URL detectors, machine‐learning techniques have been explored with increasing attention in recent years. This article addresses the detection of malicious URLs combining the intelligence of both the heuristic‐based method and the machine learning process. It has been found that there are many possibilities for detecting zero‐day attacks and spear‐phishing attacks when incorporating both lexical features and machine learning methods. Out of the six‐batch learning process analyzed, we implement a decision tree algorithm in our framework with 99.47% accuracy during evaluation. The true positive values gained in our proposed hybrid framework is 99.2% and indicate <1% of the false‐positive values. The implementation shows a precision level higher than the previous model developed and by other antiphishing techniques. A high detection rate on zero‐day and spear‐phishing attacks and overall results reveal that our system outclasses the current approach to detecting phishing scams.

show abstract