Phishing Attacks Detection -- A Machine Learning-Based Approach

Phishing attacks are one of the most common social engineering attacks targeting users emails to fraudulently steal confidential and sensitive information. They can be used as a part of more massive attacks launched to gain a foothold in corporate or government networks. Over the last decade, a numb...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:arXiv.org 2022-01
Hauptverfasser: Salahdine, Fatima, Zakaria El Mrabet, Kaabouch, Naima
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
container_end_page
container_issue
container_start_page
container_title arXiv.org
container_volume
creator Salahdine, Fatima
Zakaria El Mrabet
Kaabouch, Naima
description Phishing attacks are one of the most common social engineering attacks targeting users emails to fraudulently steal confidential and sensitive information. They can be used as a part of more massive attacks launched to gain a foothold in corporate or government networks. Over the last decade, a number of anti-phishing techniques have been proposed to detect and mitigate these attacks. However, they are still inefficient and inaccurate. Thus, there is a great need for efficient and accurate detection techniques to cope with these attacks. In this paper, we proposed a phishing attack detection technique based on machine learning. We collected and analyzed more than 4000 phishing emails targeting the email service of the University of North Dakota. We modeled these attacks by selecting 10 relevant features and building a large dataset. This dataset was used to train, validate, and test the machine learning algorithms. For performance evaluation, four metrics have been used, namely probability of detection, probability of miss-detection, probability of false alarm, and accuracy. The experimental results show that better detection can be achieved using an artificial neural network.
doi_str_mv 10.48550/arxiv.2201.10752
format Article
fullrecord <record><control><sourceid>proquest_arxiv</sourceid><recordid>TN_cdi_arxiv_primary_2201_10752</recordid><sourceformat>XML</sourceformat><sourcesystem>PC</sourcesystem><sourcerecordid>2623197966</sourcerecordid><originalsourceid>FETCH-LOGICAL-a526-e48e95ad16bc3b0d66cad458776a89215febd4dbdd009101ac5949831267698f3</originalsourceid><addsrcrecordid>eNotjztPwzAURi0kJKrSH8CEJWYHv2NPKJSnFARD9-jGdmgKpMFOEfx7TMt0h-_o6hyEzhgtpFGKXkL87r8KzikrGC0VP0IzLgQjRnJ-ghYpbSilXJdcKTFDVy_rPq374RVX0wTuLeGbMAU39dsBE4Ir_AQuzwHXAeKQOXINKXhcjWPc5ukUHXfwnsLi_87R6u52tXwg9fP947KqCSiuSZAmWAWe6daJlnqtHXipTFlqMJYz1YXWS996T6lllIFTVlojWPbU1nRijs4Pb_d1zRj7D4g_zV9ls6_MxMWByF6fu5CmZrPdxSE7NVxzwWxptRa_YahSug</addsrcrecordid><sourcetype>Open Access Repository</sourcetype><iscdi>true</iscdi><recordtype>article</recordtype><pqid>2623197966</pqid></control><display><type>article</type><title>Phishing Attacks Detection -- A Machine Learning-Based Approach</title><source>arXiv.org</source><source>Free E- Journals</source><creator>Salahdine, Fatima ; Zakaria El Mrabet ; Kaabouch, Naima</creator><creatorcontrib>Salahdine, Fatima ; Zakaria El Mrabet ; Kaabouch, Naima</creatorcontrib><description>Phishing attacks are one of the most common social engineering attacks targeting users emails to fraudulently steal confidential and sensitive information. They can be used as a part of more massive attacks launched to gain a foothold in corporate or government networks. Over the last decade, a number of anti-phishing techniques have been proposed to detect and mitigate these attacks. However, they are still inefficient and inaccurate. Thus, there is a great need for efficient and accurate detection techniques to cope with these attacks. In this paper, we proposed a phishing attack detection technique based on machine learning. We collected and analyzed more than 4000 phishing emails targeting the email service of the University of North Dakota. We modeled these attacks by selecting 10 relevant features and building a large dataset. This dataset was used to train, validate, and test the machine learning algorithms. For performance evaluation, four metrics have been used, namely probability of detection, probability of miss-detection, probability of false alarm, and accuracy. The experimental results show that better detection can be achieved using an artificial neural network.</description><identifier>EISSN: 2331-8422</identifier><identifier>DOI: 10.48550/arxiv.2201.10752</identifier><language>eng</language><publisher>Ithaca: Cornell University Library, arXiv.org</publisher><subject>Algorithms ; Artificial neural networks ; Computer Science - Cryptography and Security ; Computer Science - Learning ; Cybercrime ; Datasets ; False alarms ; Machine learning ; Performance evaluation ; Phishing</subject><ispartof>arXiv.org, 2022-01</ispartof><rights>2022. This work is published under http://creativecommons.org/licenses/by/4.0/ (the “License”). Notwithstanding the ProQuest Terms and Conditions, you may use this content in accordance with the terms of the License.</rights><rights>http://creativecommons.org/licenses/by/4.0</rights><oa>free_for_read</oa><woscitedreferencessubscribed>false</woscitedreferencessubscribed></display><links><openurl>$$Topenurl_article</openurl><openurlfulltext>$$Topenurlfull_article</openurlfulltext><thumbnail>$$Tsyndetics_thumb_exl</thumbnail><link.rule.ids>228,230,780,784,885,27925</link.rule.ids><backlink>$$Uhttps://doi.org/10.48550/arXiv.2201.10752$$DView paper in arXiv$$Hfree_for_read</backlink><backlink>$$Uhttps://doi.org/10.1109/UEMCON53757.2021.9666627$$DView published paper (Access to full text may be restricted)$$Hfree_for_read</backlink></links><search><creatorcontrib>Salahdine, Fatima</creatorcontrib><creatorcontrib>Zakaria El Mrabet</creatorcontrib><creatorcontrib>Kaabouch, Naima</creatorcontrib><title>Phishing Attacks Detection -- A Machine Learning-Based Approach</title><title>arXiv.org</title><description>Phishing attacks are one of the most common social engineering attacks targeting users emails to fraudulently steal confidential and sensitive information. They can be used as a part of more massive attacks launched to gain a foothold in corporate or government networks. Over the last decade, a number of anti-phishing techniques have been proposed to detect and mitigate these attacks. However, they are still inefficient and inaccurate. Thus, there is a great need for efficient and accurate detection techniques to cope with these attacks. In this paper, we proposed a phishing attack detection technique based on machine learning. We collected and analyzed more than 4000 phishing emails targeting the email service of the University of North Dakota. We modeled these attacks by selecting 10 relevant features and building a large dataset. This dataset was used to train, validate, and test the machine learning algorithms. For performance evaluation, four metrics have been used, namely probability of detection, probability of miss-detection, probability of false alarm, and accuracy. The experimental results show that better detection can be achieved using an artificial neural network.</description><subject>Algorithms</subject><subject>Artificial neural networks</subject><subject>Computer Science - Cryptography and Security</subject><subject>Computer Science - Learning</subject><subject>Cybercrime</subject><subject>Datasets</subject><subject>False alarms</subject><subject>Machine learning</subject><subject>Performance evaluation</subject><subject>Phishing</subject><issn>2331-8422</issn><fulltext>true</fulltext><rsrctype>article</rsrctype><creationdate>2022</creationdate><recordtype>article</recordtype><sourceid>ABUWG</sourceid><sourceid>AFKRA</sourceid><sourceid>AZQEC</sourceid><sourceid>BENPR</sourceid><sourceid>CCPQU</sourceid><sourceid>DWQXO</sourceid><sourceid>GOX</sourceid><recordid>eNotjztPwzAURi0kJKrSH8CEJWYHv2NPKJSnFARD9-jGdmgKpMFOEfx7TMt0h-_o6hyEzhgtpFGKXkL87r8KzikrGC0VP0IzLgQjRnJ-ghYpbSilXJdcKTFDVy_rPq374RVX0wTuLeGbMAU39dsBE4Ir_AQuzwHXAeKQOXINKXhcjWPc5ukUHXfwnsLi_87R6u52tXwg9fP947KqCSiuSZAmWAWe6daJlnqtHXipTFlqMJYz1YXWS996T6lllIFTVlojWPbU1nRijs4Pb_d1zRj7D4g_zV9ls6_MxMWByF6fu5CmZrPdxSE7NVxzwWxptRa_YahSug</recordid><startdate>20220126</startdate><enddate>20220126</enddate><creator>Salahdine, Fatima</creator><creator>Zakaria El Mrabet</creator><creator>Kaabouch, Naima</creator><general>Cornell University Library, arXiv.org</general><scope>8FE</scope><scope>8FG</scope><scope>ABJCF</scope><scope>ABUWG</scope><scope>AFKRA</scope><scope>AZQEC</scope><scope>BENPR</scope><scope>BGLVJ</scope><scope>CCPQU</scope><scope>DWQXO</scope><scope>HCIFZ</scope><scope>L6V</scope><scope>M7S</scope><scope>PIMPY</scope><scope>PQEST</scope><scope>PQQKQ</scope><scope>PQUKI</scope><scope>PRINS</scope><scope>PTHSS</scope><scope>AKY</scope><scope>GOX</scope></search><sort><creationdate>20220126</creationdate><title>Phishing Attacks Detection -- A Machine Learning-Based Approach</title><author>Salahdine, Fatima ; Zakaria El Mrabet ; Kaabouch, Naima</author></sort><facets><frbrtype>5</frbrtype><frbrgroupid>cdi_FETCH-LOGICAL-a526-e48e95ad16bc3b0d66cad458776a89215febd4dbdd009101ac5949831267698f3</frbrgroupid><rsrctype>articles</rsrctype><prefilter>articles</prefilter><language>eng</language><creationdate>2022</creationdate><topic>Algorithms</topic><topic>Artificial neural networks</topic><topic>Computer Science - Cryptography and Security</topic><topic>Computer Science - Learning</topic><topic>Cybercrime</topic><topic>Datasets</topic><topic>False alarms</topic><topic>Machine learning</topic><topic>Performance evaluation</topic><topic>Phishing</topic><toplevel>online_resources</toplevel><creatorcontrib>Salahdine, Fatima</creatorcontrib><creatorcontrib>Zakaria El Mrabet</creatorcontrib><creatorcontrib>Kaabouch, Naima</creatorcontrib><collection>ProQuest SciTech Collection</collection><collection>ProQuest Technology Collection</collection><collection>Materials Science &amp; Engineering Collection</collection><collection>ProQuest Central (Alumni Edition)</collection><collection>ProQuest Central UK/Ireland</collection><collection>ProQuest Central Essentials</collection><collection>ProQuest Central</collection><collection>Technology Collection</collection><collection>ProQuest One Community College</collection><collection>ProQuest Central Korea</collection><collection>SciTech Premium Collection</collection><collection>ProQuest Engineering Collection</collection><collection>Engineering Database</collection><collection>Publicly Available Content Database</collection><collection>ProQuest One Academic Eastern Edition (DO NOT USE)</collection><collection>ProQuest One Academic</collection><collection>ProQuest One Academic UKI Edition</collection><collection>ProQuest Central China</collection><collection>Engineering Collection</collection><collection>arXiv Computer Science</collection><collection>arXiv.org</collection><jtitle>arXiv.org</jtitle></facets><delivery><delcategory>Remote Search Resource</delcategory><fulltext>fulltext</fulltext></delivery><addata><au>Salahdine, Fatima</au><au>Zakaria El Mrabet</au><au>Kaabouch, Naima</au><format>journal</format><genre>article</genre><ristype>JOUR</ristype><atitle>Phishing Attacks Detection -- A Machine Learning-Based Approach</atitle><jtitle>arXiv.org</jtitle><date>2022-01-26</date><risdate>2022</risdate><eissn>2331-8422</eissn><abstract>Phishing attacks are one of the most common social engineering attacks targeting users emails to fraudulently steal confidential and sensitive information. They can be used as a part of more massive attacks launched to gain a foothold in corporate or government networks. Over the last decade, a number of anti-phishing techniques have been proposed to detect and mitigate these attacks. However, they are still inefficient and inaccurate. Thus, there is a great need for efficient and accurate detection techniques to cope with these attacks. In this paper, we proposed a phishing attack detection technique based on machine learning. We collected and analyzed more than 4000 phishing emails targeting the email service of the University of North Dakota. We modeled these attacks by selecting 10 relevant features and building a large dataset. This dataset was used to train, validate, and test the machine learning algorithms. For performance evaluation, four metrics have been used, namely probability of detection, probability of miss-detection, probability of false alarm, and accuracy. The experimental results show that better detection can be achieved using an artificial neural network.</abstract><cop>Ithaca</cop><pub>Cornell University Library, arXiv.org</pub><doi>10.48550/arxiv.2201.10752</doi><oa>free_for_read</oa></addata></record>
fulltext fulltext
identifier EISSN: 2331-8422
ispartof arXiv.org, 2022-01
issn 2331-8422
language eng
recordid cdi_arxiv_primary_2201_10752
source arXiv.org; Free E- Journals
subjects Algorithms
Artificial neural networks
Computer Science - Cryptography and Security
Computer Science - Learning
Cybercrime
Datasets
False alarms
Machine learning
Performance evaluation
Phishing
title Phishing Attacks Detection -- A Machine Learning-Based Approach
url https://sfx.bib-bvb.de/sfx_tum?ctx_ver=Z39.88-2004&ctx_enc=info:ofi/enc:UTF-8&ctx_tim=2024-12-24T02%3A31%3A07IST&url_ver=Z39.88-2004&url_ctx_fmt=infofi/fmt:kev:mtx:ctx&rfr_id=info:sid/primo.exlibrisgroup.com:primo3-Article-proquest_arxiv&rft_val_fmt=info:ofi/fmt:kev:mtx:journal&rft.genre=article&rft.atitle=Phishing%20Attacks%20Detection%20--%20A%20Machine%20Learning-Based%20Approach&rft.jtitle=arXiv.org&rft.au=Salahdine,%20Fatima&rft.date=2022-01-26&rft.eissn=2331-8422&rft_id=info:doi/10.48550/arxiv.2201.10752&rft_dat=%3Cproquest_arxiv%3E2623197966%3C/proquest_arxiv%3E%3Curl%3E%3C/url%3E&disable_directlink=true&sfx.directlink=off&sfx.report_link=0&rft_id=info:oai/&rft_pqid=2623197966&rft_id=info:pmid/&rfr_iscdi=true