MACHINE LEARNING TECHNIQUES FOR IDENTIFYING AND MITIGATING PHISHING ATTACKS

Authors

  • Venkata Sai Swaroop Reddy Senior Software Engineer, Microsoft Corporation, USA. Author
  • Nallapa Reddy Author

Keywords:

Security, Phishing Attacks, Machine Learning

Abstract

One of the most prevalent forms of social engineering, phishing attempts to fraudulently get sensitive information from users' email accounts. Their usage can be integrated into larger-scale assaults aimed at penetrating government or business networks. To identify and lessen the impact of these attacks, several antiphishing methods have been suggested within the past ten years. Nevertheless, they continue to be inaccurate and inefficient. Many different channels can be used for phishing, including email, phone, instant messaging, advertisements, website pop-up windows, and DNS poisoning. Significant damages, such as the disclosure of sensitive information, theft of personal or company identities, or even state secrets, can be inflicted upon victims of phishing attempts. This essay aims to evaluate these attacks by looking at how phishing is done now and how it is currently perceived. This article presents a new, comprehensive model of phishing that considers various aspects of attacks, including stages, threats, targets, media, and tactics. Here, we use machine learning methods like Logistic Regression, Random Forest, and XGBoost to classify websites as either legitimate or phishing. In addition to helping readers understand the lifecycle of a phishing assault, the proposed anatomy will make people more aware of these attacks, the tactics used, and how to build a thorough anti-phishing system.

References

Andryukhin, A.A. Phishing attacks and preventions in blockchain based projects. In Proceedings of the 2019 International Conference on Engineering Technologies and Computer Science (EnT), Moscow, Russia, 26–27 March 2019; IEEE: Piscataway, NJ, USA; pp. 15–19. [Google Scholar]

Wen, H.; Fang, J.; Wu, J.; Zheng, Z. Transaction-Based Hidden Strategies against General Phishing Detection Framework on Ethereum. In Proceedings of the 2021 IEEE International Symposium on Circuits and Systems (ISCAS), Daegu, Republic of Korea, 22–28 May 2021; pp. 1–5. [Google Scholar] [CrossRef]

Oyinloye, D.P.; Teh, J.S.; Jamil, N.; Alawida, M. Blockchain consensus: An overview of alternative protocols. Symmetry 2021, 13, 1363. [Google Scholar] [CrossRef]

Alevizos, L.; Ta, V.T.; Hashem Eiza, M. Augmenting zero trust architecture to endpoints using blockchain: A state-of-the-art review. Secur. Priv. 2022, 5, e191. [Google Scholar] [CrossRef]

Ye, C.; Li, G.; Cai, H.; Gu, Y.; Fukuda, A. Analysis of security in blockchain: Case study in 51%-attack detecting. In Proceedings of the 2018 5th International Conference on Dependable Systems and Their Applications (DSA), Dalian, China, 22–23 September 2018; IEEE: Piscataway, NJ, USA; pp. 15–24. [Google Scholar]

Zhang, R.; Xue, R.; Liu, L. Security and Privacy on Blockchain. ACM Comput. Surv. 2019, 52, 1–34. [Google Scholar] [CrossRef] [Green Version]

Aggarwal, S.; Kumar, N. Attacks on blockchain. In Advances in Computers; Elsevier: Amsterdam, The Netherlands, 2021; Volume 121, pp. 399–410. [Google Scholar]

Phillips, R.; Wilder, H. Tracing Cryptocurrency Scams: Clustering Replicated Advance-Fee and Phishing Websites. In Proceedings of the 2020 IEEE International Conference on Blockchain and Cryptocurrency (ICBC), Toronto, ON, Canada, 3–6 May 2020; IEEE: Piscataway, NJ, USA; pp. 15–24. [Google Scholar] [CrossRef]

Holub, A.; O’Connor, J. COINHOARDER: Tracking a ukrainian bitcoin phishing ring DNS style. In Proceedings of the 2018 APWG Symposium on Electronic Crime Research (eCrime), San Diego, CA, USA, 15–17 May 2018; IEEE: Piscataway, NJ, USA; pp. 1–5. [Google Scholar]

Fu, B.; Yu, X.; Feng, T. CT-GCN: A phishing identification model for blockchain cryptocurrency transactions. Int. J. Inf. Secur. 2022, 21, 1223–1232. [Google Scholar] [CrossRef]

Yuan, Z.; Yuan, Q.; Wu, J. Phishing Detection on Ethereum via Learning Representation of Transaction Subgraphs. In International Conference on Blockchain and Trustworthy Systems; Springer: Singapore, 2020; pp. 178–191. [Google Scholar]

Zhang, D.; Chen, J.; Lu, X. Blockchain Phishing Scam Detection via Multi-channel Graph Classification. In International Conference on Blockchain and Trustworthy Systems; Springer: Singapore, 2021; pp. 241–256. [Google Scholar]

Bhowmik, M.; Chandana, T.S.S.; Rudra, B. Comparative Study of Machine Learning Algorithms for Fraud Detection in Blockchain. In Proceedings of the 2021 5th International Conference on Computing Methodologies and Communication (ICCMC), Erode, India, 8–10 April 2021; IEEE: Piscataway, NJ, USA; pp. 539–541. [Google Scholar]

Arshey, M.; Viji, K.A. Thwarting cyber crime and phishing attacks with machine learning: A study. In Proceedings of the 2021 7th International Conference on Advanced Computing and Communication Systems (ICACCS), Coimbatore, India, 19–20 March 2021; IEEE: Piscataway, NJ, USA; Volume 1, pp. 353–357. [Google Scholar]

Catal, C.; Giray, G.; Tekinerdogan, B.; Kumar, S.; Shukla, S. Applications of deep learning for phishing detection: A systematic literature review. Knowl. Inf. Syst. 2022, 64, 1457–1500. [Google Scholar] [CrossRef] [PubMed]

Parra, G.D.L.T.; Rad, P.; Choo, K.-K.R.; Beebe, N. Detecting Internet of Things attacks using distributed deep learning. J. Netw. Comput. Appl. 2020, 163, 102662. [Google Scholar] [CrossRef]

Kim, J.; Lee, S.; Kim, Y.; Cho, S. A Graph Embedding-based Identity Inference Attack on Blockchain Systems. In Proceedings of the 2022 International Conference on Electronics, Information, and Communication (ICEIC), Jeju, Republic of Korea, 6–9 February 2022; pp. 1–3. [Google Scholar] [CrossRef]

Ali, A.; Pasha, M.F.; Guerrieri, A.; Guzzo, A.; Sun, X.; Saeed, A.; Hussain, A.; Fortino, G. A Novel Homomorphic Encryption and Consortium Blockchain-based Hybrid Deep Learning Model for Industrial Internet of Medical Things. IEEE Trans. Netw. Sci. Eng. 2023, 1–18. [Google Scholar] [CrossRef]

Roy, K.S.; Karim, E.; Udas, P.B. Exploiting Deep Learning Based Classification Model for Detecting Fraudulent Schemes over Ethereum Blockchain. In Proceedings of the 2022 4th International Conference on Sustainable Technologies for Industry 4.0 (STI), Dhaka, Bangladesh, 17–18 December 2022; pp. 1–6. [Google Scholar] [CrossRef]

Yazdinejad, A.; Dehghantanha, A.; Parizi, R.M.; Srivastava, G.; Karimipour, H. Secure Intelligent Fuzzy Blockchain Framework: Effective Threat Detection in IoT Networks. Comput. Ind. 2023, 144, 103801. [Google Scholar] [CrossRef]

Downloads

Published

2024-09-05

Issue

Vol. 3 No. 02 (2024): INTERNATIONAL JOURNAL OF ARTIFICIAL INTELLIGENCE & MACHINE LEARNING (IJAIML)

Section

Articles

License

Copyright (c) 2024 Venkata Sai Swaroop Reddy, Nallapa Reddy (Author)

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.

How to Cite

MACHINE LEARNING TECHNIQUES FOR IDENTIFYING AND MITIGATING PHISHING ATTACKS. (2024). INTERNATIONAL JOURNAL OF ARTIFICIAL INTELLIGENCE & MACHINE LEARNING (IJAIML), 3(02), 116-129. https://iaeme-library.com/index.php/IJAIML/article/view/IJAIML_03_02_009