Search Results (28)

Despite the focus on improving cybersecurity awareness, the number of cyberattacks has increased significantly, leading to huge financial losses, with their risks spreading throughout the world. This is due to the techniques deployed in cyberattacks that mainly aim at exploiting humans, the weakest link in any defence system. The existing literature on human factors in phishing attacks is limited and does not live up to the witnessed advances in phishing attacks, which have become exponentially more dangerous with the introduction of generative artificial intelligence (GenAI). This paper studies the implications of AI advancement, specifically the exploitation of GenAI and human factors in phishing attacks. We conduct a systematic literature review to study different human factors exploited in phishing attacks, potential solutions and preventive measures, and the complexity introduced by GenAI-driven phishing attacks. This paper aims to address the gap in the research by providing a deeper understanding of the evolving landscape of phishing attacks with the application of GenAI and associated human implications, thereby contributing to the field of knowledge to defend against phishing attacks by creating secure digital interactions. Full article

With the rapid development of science and technology, attackers have invented more and more ways to hide malicious information. Hidden malicious information often contains a large number of malicious codes and malicious scripts, which can be hidden in legitimate software and reconstructed to be executed as the software is executed. In recent years, phishing software has become popular at home and abroad, causing fraud to occur frequently. Among various carriers with high redundancy, images are often used by attackers to hide malicious information because they are often used as information transmission carriers and highly redundant storage. This paper aims to explore how attackers hide malicious information in images and use a convolutional neural network (CNN) framework with acceleration based on the analysis of the Edge of Stability (EOS) phenomenon to detect mobile phishing software. To design a machine learning approach to solve the problem, we summarize the characteristics of nine presented mainstream malicious information hiding methods and present a CNN framework that maintains a high initial learning rate while preventing the gradient from exploding in EOS. R-tree is used to speed up the search for nearby pixels that contain malicious information. The CNN model generated by training under this framework can reach an accuracy of $98.53\%$ and has been well implemented in mobile terminals. Full article

Organizational security assurance is a complex and multi-dimensional task. One of the biggest threats to an organization is the credulity of phishing attacks for its employees. To prevent attacks, employees must maintain cyber security hygiene and increase their awareness of the cyberattack landscape. In this paper, we investigate how selected Lithuanian education system employees are vulnerable to spear-phishing attacks. In various education organizations, spear-phishing attacks were imitated, and user responses to received emails were monitored and analyzed. Each organization needs a different attention because employee behavior varies. Employees’ reaction time dimension is explored in the research. Based on these results, it appears that the organization has no time for delayed responses. Employees in the education system are highly affected by spear-phishing attacks and need less than one minute to provide attacker-requested data. This illustrates that automated e-mail filtering systems are a key element in the fight against these kinds of attacks. Full article

Vishing, a blend of “voice” and “phishing”, has evolved to include techniques like Call Redirection and Display Overlay Attacks, causing significant financial losses. Existing research has largely focused on user behavior and awareness, leaving gaps in addressing attacks originating from vishing applications. In this work, we present Ventinel, an Android-based defense system designed to detect these attacks without requiring OS modifications. Ventinel employs Optical Character Recognition (OCR) to compare phone numbers during calls, effectively preventing Call Redirection and Display Overlay Attacks. Additionally, it safeguards against Duplicated Contacts Attacks by cross-referencing call logs and SMS records. Ventinel achieves 100% detection accuracy, surpassing commercial applications, and operates with minimal data collection to ensure user privacy. We also describe malicious API behavior and demonstrate that the same behavior is possible for API levels 29 and higher. Furthermore, we analyze the limitations of existing solutions and propose new attack and defense strategies. Full article

The article presents an innovative approach for secure authentication in internet banking transactions, utilizing an Out-of-Band visual two-factor authorization protocol. With the increasing rise of cyber attacks and fraud, new security models are needed that ensure the integrity, authenticity, and confidentiality of financial transactions. The identified gap lies in the inability of traditional authentication methods, such as TANs and tokens, to provide security in untrusted terminals. The proposed solution is the Dynamic Authorization Protocol (DAP), which uses mobile devices to validate transactions through visual codes, such as QR codes. Each transaction is assigned a unique associated code, and the challenge must be responded to within 120 s. The customer initiates the transaction on a computer and independently validates it on their mobile device using an out-of-band channel to prevent attacks such as phishing and man-in-the-middle. The methodology involves implementing a prototype in Java ME for Android devices and a Java application server, creating a practical, low-computational-cost system, accessible for use across different operating systems and devices. The protocol was tested in real-world scenarios, focusing on ensuring transaction integrity and authenticity. The results show a successful implementation at Banco do Brasil, with 3.6 million active users, demonstrating the efficiency of the model over 12 years of use without significant vulnerabilities. The DAP protocol provides a robust and effective solution for securing banking transactions and can be extended to other authentication environments, such as payment terminals and point of sale devices. Full article

Phishing email assaults have been a prevalent cybercriminal tactic for many decades. Various detectors have been suggested over time that rely on textual information. However, to address the growing prevalence of phishing emails, more sophisticated techniques are required to use all aspects of emails to improve the detection capabilities of machine learning classifiers. This paper presents a novel approach to detecting phishing emails. The proposed methodology combines ensemble learning techniques with various variables, such as word frequency, the presence of specific keywords or phrases, and email length, to improve detection accuracy. We provide two approaches for the planned task; The first technique employs ensemble learning soft voting, while the second employs weighted ensemble learning. Both strategies use distinct machine learning algorithms to concurrently process the characteristics, reducing their complexity and enhancing the model’s performance. An extensive assessment and analysis are conducted, considering unique criteria designed to minimize biased and inaccurate findings. Our empirical experiments demonstrates that using ensemble learning to merge attributes in the evolution of phishing emails showcases the competitive performance of ensemble learning over other machine learning algorithms. This superiority is underscored by achieving an F1-score of 0.90 in the weighted ensemble method and 0.85 in the soft voting method, showcasing the effectiveness of this approach. Full article

Phishing is one of the most widely observed types of internet cyber-attack, through which hundreds of clients using different internet services are targeted every day through different replicated websites. The phishing attacker spreads messages containing false URL links through emails, social media platforms, or messages, targeting people to steal sensitive data like credentials. Attackers generate phishing URLs that resemble those of legitimate websites to gain these confidential data. Hence, there is a need to prevent the siphoning of data through the duplication of trustworthy websites and raise public awareness of such practices. For this purpose, many machine learning and deep learning models have been employed to detect and prevent phishing attacks, but due to the ever-evolving nature of these attacks, many systems fail to provide accurate results. In this study, we propose a deep learning-based system using a 1D convolutional neural network to detect phishing URLs. The experimental work was performed using datasets from Phish-Tank, UNB, and Alexa, which successfully generated 200 thousand phishing URLs and 200 thousand legitimate URLs. The experimental results show that the proposed system achieved 99.7% accuracy, which was better than the traditional models proposed for URL-based phishing detection. Full article

This paper presents a comprehensive model for cyber security risk assessment using the PIPRECIA-S method within decision theory, which enables organizations to systematically identify, assess and prioritize key cyber threats. The study focuses on the evaluation of malware, ransomware, phishing and DDoS attacks, using criteria such as severity of impact, financial losses, ease of detection and prevention, impact on reputation and system recovery. This approach facilitates decision making, as it enables the flexible adaptation of the risk assessment to the specific needs of an organization. The PIPRECIA-S model has proven to be useful for identifying the most critical threats, with a special emphasis on ransomware and DDoS attacks, which represent the most significant risks to businesses. This model provides a framework for making informed and strategic decisions to reduce risk and strengthen cyber security, which are critical in a digital environment where threats become more and more sophisticated. Full article

Academic research on the human element in phishing attacks is essential for developing effective prevention and detection strategies and guiding policymakers to protect individuals and organizations from cyber threats. This bibliometric study offers a comprehensive overview of international research on phishing and human factors from 2006 to 2024. Analysing 308 articles from the Web of Science database, a significant increase in publications since 2015 was identified, highlighting the growing importance of this field. The study revealed influential authors such as Vishwanath and Rao, leading journals like Computers & Security, and key contributing institutions including Carnegie Mellon University. The analysis uncovered strong collaborations between institutions and countries, with the USA being the most prolific and collaborative. Emerging research themes focus on psychological factors influencing phishing susceptibility, user-centric security measures, and the integration of technological solutions with human behaviour insights. The findings highlight the need for increased collaboration between academia and non-academic organizations and the exploration of industry-specific challenges. These insights offer valuable guidance for researchers, practitioners, and policymakers to advance their understanding of phishing attacks, human factors, and resource allocation in this critical aspect of digitalisation, which continues to have significant impacts across business and society at large. Full article

The exponential growth of the Internet of Things (IoT) sector has resulted in a surge of interconnected gadgets in smart households, thus exposing them to new cyber-attack susceptibilities. This systematic literature review investigates machine learning methodologies for detecting malware in smart homes, with a specific emphasis on identifying common threats such as denial-of-service attacks, phishing efforts, and zero-day vulnerabilities. By examining 56 publications published from 2019 to 2023, this analysis uncovers that users are the weakest link and that there is a possibility of attackers disrupting home automation systems, stealing confidential information, or causing physical harm. Machine learning approaches, namely, deep learning and ensemble approaches, are emerging as effective tools for detecting malware. In addition, this analysis highlights prevention techniques, such as early threat detection systems, intrusion detection systems, and robust authentication procedures, as crucial measures for improving smart home security. This study offers significant insights for academics and practitioners aiming to protect smart home settings from growing cybersecurity threats by summarizing the existing knowledge. Full article

The landscape of phishing email threats is continually evolving nowadays, making it challenging to combat effectively with traditional methods even with carrier-grade spam filters. Traditional detection mechanisms such as blacklisting, whitelisting, signature-based, and rule-based techniques could not effectively prevent phishing, spear-phishing, and zero-day attacks, as cybercriminals are using sophisticated techniques and trusted email service providers. Consequently, many researchers have recently concentrated on leveraging machine learning (ML) and deep learning (DL) approaches to enhance phishing email detection capabilities with better accuracy. To gain insights into the development of deep learning algorithms in the current research on phishing prevention, this study conducts a systematic literature review (SLR) following the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) guidelines. By synthesizing the 33 selected papers using the SLR approach, this study presents a taxonomy of DL-based phishing detection methods, analyzing their effectiveness, limitations, and future research directions to address current challenges. The study reveals that the adaptability of detection models to new behaviors of phishing emails is the major improvement area. This study aims to add details about deep learning used for security to the body of knowledge, and it discusses future research in phishing detection systems. Full article

Phishing attacks continue to pose a significant threat to cybersecurity, employing increasingly sophisticated techniques to deceive victims into revealing sensitive information or downloading malware. This paper presents a comprehensive study on the application of Machine Learning (ML) techniques for identifying phishing websites, with a focus on enhancing detection accuracy and efficiency. We propose an approach that integrates the CfsSubsetEval attribute evaluator with the K-Means Clustering algorithm to improve phishing detection capabilities. Our method was evaluated using datasets of varying sizes (2000, 7000, and 10,000 samples) from a publicly available repository. Simulation results demonstrate that our approach achieves an accuracy of 89.2% on the 2000-sample dataset, outperforming the traditional kernel K-Means algorithm, which achieved an accuracy of 51.5%. Further analysis using precision, recall, and F1-score metrics corroborates the effectiveness of our method. We also discuss the scalability and real-world applicability of our approach, addressing limitations and proposing future research directions. This study contributes to the ongoing efforts to develop robust, efficient, and adaptable phishing detection systems in the face of evolving cyber threats. Full article

In recent years, the importance of computer security has increased due to the rapid advancement of digital technology, widespread Internet use, and increased sophistication of cyberattacks. Machine learning has gained great interest in securing data systems because it offers the capability of automatically detecting and responding to security threats in real time, which is crucial for maintaining the security of computer systems and protecting data from malicious attacks. This study concentrates on phishing attack detection systems, a prevalent cyber-threat. These systems assess the features of the incoming requests to identify whether they are malicious or not. Although the number of features is increasing in these systems, feature selection has become an essential pre-processing phase that identifies the most important features of a set of available features to prevent overfitting problems, improve model performance, reduce computational cost, and decrease training and execution time. Leveraging genetic algorithms, known for simulating natural selection to identify optimal solutions, we propose a novel feature selection method, based on genetic algorithms and locally optimized, that is applied to a URL-based phishing detection system with machine learning models. Our research demonstrates that the proposed technique offers a promising strategy for improving the performance of machine learning models. Full article

With the development of sensor and communication technologies, the Internet of Things (IoT) subsystem is gradually becoming a crucial part in vehicles. It can effectively enhance functionalities of vehicles. However, new attack types are also emerging. For example, a driver with the smart key in their pocket can push the start button to start a car. At the same time, security issues in the push-to-start scenario are pervasive, such as smart key forgery. In this study, we propose a vehicle Passive Entry Passive Start (PEPS) system that adopts deep learning algorithms to recognize the driver using the electrocardiogram (ECG) signals measured on the driver’s smart watch. ECG signals are used for personal identification. Smart watches, serving as new smart keys of the PEPS system, can improve convenience and security. In the experiment, we consider commercial smart watches capable of sensing ECG signals. The sample rate and precision are typically lower than those of a 12-lead ECG used in hospitals. The experimental results show that Long Short-Term Memory (LSTM) models achieve the best accuracy score for identity recognition (91%) when a single ECG cycle is used. However, it takes at least 30 min for training. The training of a personalized Auto Encoder model takes only 5 min for each subject. When 15 continuous ECG cycles are sensed and used, this can achieve 100% identity accuracy. As the personalized Auto Encoder model is an unsupervised learning one-class recognizer, it can be trained using only the driver’s ECG signal. This will simplify the management of ECG recordings extremely, as well as the integration of the proposed technology into PEPS vehicles. A FIDO (Fast Identify Online)-like environment for the proposed PEPS system is discussed. Public key cryptography is adopted for communication between the smart watch and the PEPS car. The driver is first verified on the smart watch via local ECG biometric authentication, and then identified by the PEPS car. Phishing attacks, MITM (man in the middle) attacks, and replay attacks can be effectively prevented. Full article

Phishing email attacks are among the most common and most harmful cybersecurity attacks. With the emergence of generative AI, phishing attacks can be based on emails generated automatically, making it more difficult to detect them. That is, instead of a single email format sent to a large number of recipients, generative AI can be used to send each potential victim a different email, making it more difficult for cybersecurity systems to identify the scam email before it reaches the recipient. Here, we describe a corpus of AI-generated phishing emails. We also use different machine learning tools to test the ability of automatic text analysis to identify AI-generated phishing emails. The results are encouraging, and show that machine learning tools can identify an AI-generated phishing email with high accuracy compared to regular emails or human-generated scam emails. By applying descriptive analytics, the specific differences between AI-generated emails and manually crafted scam emails are profiled and show that AI-generated emails are different in their style from human-generated phishing email scams. Therefore, automatic identification tools can be used as a warning for the user. The paper also describes the corpus of AI-generated phishing emails that are made open to the public and can be used for consequent studies. While the ability of machine learning to detect AI-generated phishing emails is encouraging, AI-generated phishing emails are different from regular phishing emails, and therefore, it is important to train machine learning systems also with AI-generated emails in order to repel future phishing attacks that are powered by generative AI. Full article