International Journal of Computer Science & Network Security

International Journal of Computer Science & Network Security (국제컴퓨터통신보호논문지학회)
권호 표지
DOI QR코드

DOI QR Code

Phishing Attack Detection Using Deep Learning

  • Alzahrani, Sabah M. (Department of Computer Science, College of Computers and Information Technology, Taif University)
  • Received : 2021.12.05
  • Published : 2021.12.30
Download PDF
⟨ Previous Next ⟩

Abstract

This paper proposes a technique for detecting a significant threat that attempts to get sensitive and confidential information such as usernames, passwords, credit card information, and more to target an individual or organization. By definition, a phishing attack happens when malicious people pose as trusted entities to fraudulently obtain user data. Phishing is classified as a type of social engineering attack. For a phishing attack to happen, a victim must be convinced to open an email or a direct message [1]. The email or direct message will contain a link that the victim will be required to click on. The aim of the attack is usually to install malicious software or to freeze a system. In other instances, the attackers will threaten to reveal sensitive information obtained from the victim. Phishing attacks can have devastating effects on the victim. Sensitive and confidential information can find its way into the hands of malicious people. Another devastating effect of phishing attacks is identity theft [1]. Attackers may impersonate the victim to make unauthorized purchases. Victims also complain of loss of funds when attackers access their credit card information. The proposed method has two major subsystems: (1) Data collection: different websites have been collected as a big data corresponding to normal and phishing dataset, and (2) distributed detection system: different artificial algorithms are used: a neural network algorithm and machine learning. The Amazon cloud was used for running the cluster with different cores of machines. The experiment results of the proposed system achieved very good accuracy and detection rate as well.

Keywords

References

  1. Atkins, B., & Huang, W. (2013). A study of social engineering in online frauds. Open Journal of Social Sciences, 1(03), 23. https://doi.org/10.4236/jss.2013.13004
  2. Parra, G. D. L. T., Rad, P., Choo, K. K. R., & Beebe, N. (2020). Detecting Internet of Things attacks using distributed deep learning. Journal of Network and Computer Applications, 163, 102662. https://doi.org/10.1016/j.jnca.2020.102662
  3. Korkmaz, M., Sahingoz, O. K., & Diri, B. (2020, July). Detection of Phishing Websites by Using Machine Learning-Based URL Analysis. In 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT) (pp. 1-7). IEEE.
  4. Wei, W., Ke, Q., Nowak, J., Korytkowski, M., Scherer, R., & Wozniak, M. (2020). Accurate and fast URL phishing detector: a convolutional neural network approach. Computer Networks, 178, 107275. https://doi.org/10.1016/j.comnet.2020.107275
  5. Sanchez-Paniagua, M., Fidalgo, E., Gonzalez-Castro, V., & Alegre, E. (2020, September). Impact of current phishing strategies in machine learning models for phishing detection. In Conference on Complex, Intelligent, and Software Intensive Systems (pp. 87-96). Springer, Cham.
  6. Shie, E. W. S. (2020). Critical analysis of current research aimed at improving detection of phishing attacks. Selected computing research papers, 45.
  7. Wang, Zhilong, et al. "To detect stack buffer overflow with polymorphic canaries." 2018 48th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN). IEEE, 2018.
  8. Kalaharsha, P., & Mehtre, B. M. (2021). Detecting Phishing Sites--An Overview. arXiv preprint arXiv:2103.12739.
  9. Azeez, N., Misra, S., Margaret, I. A., & Fernandez-Sanz, L. (2021). Adopting Automated Whitelist Approach for Detecting Phishing Attacks. Computers & Security, 102328.
  10. Khan, S. A., Khan, W., & Hussain, A. (2020, October). Phishing attacks and websites classification using machine learning and multiple datasets (A comparative analysis). In International Conference on Intelligent Computing (pp. 301-313). Springer, Cham.
  11. Alsariera, Y. A., Elijah, A. V., & Balogun, A. O. (2020). Phishing website detection: forest by penalizing attributes algorithm and its enhanced variations. Arabian Journal for Science and Engineering, 45(12), 10459-10470. https://doi.org/10.1007/s13369-020-04802-1
  12. Bell, S., & Komisarczuk, P. (2020, February). An analysis of phishing blacklists: Google safe browsing, OpenPhish, and PhishTank. In Proceedings of the Australasian Computer Science Week Multiconference (pp. 1-11). https://doi.org/10.1145/3373017.3373020
  13. Ahmad, J., Farman, H., & Jan, Z. (2018). Deep learning methods and applications. Deep Learning: Convergence to Big Data Analytics, 31-42. https://doi.org/10.1007/978-981-13-3459-7_3
  14. Pradhananga, Y., Karande, S., & Karande, C. (2015, February). CBA: cloud-based bigdata analytics. In 2015 International Conference on Computing Communication Control and Automation (pp. 47-51). IEEE. https://doi.org/10.1109/iccubea.2015.18
  15. Albawi, S., Mohammed, T. A., & Al-Zawi, S. (2017, August). Understanding of a convolutional neural network. In 2017 International Conference on Engineering and Technology (ICET) (pp. 1-6). IEEE.
  16. Connelly, L. (2020). Logistic regression. Medsurg Nursing, 29(5), 353-354.