Cargando…
Towards a Multi-Layered Phishing Detection
Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this threat, many data-driven approaches...
| Autores principales: | , , |
|---|---|
| Formato: | Online Artículo Texto |
| Lenguaje: | English |
| Publicado: |
MDPI
2020
|
| Materias: | |
| Acceso en línea: | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7472607/ https://www.ncbi.nlm.nih.gov/pubmed/32823675 http://dx.doi.org/10.3390/s20164540 |
| _version_ | 1783579018927276032 |
|---|---|
| author | Rendall, Kieran Nisioti, Antonia Mylonas, Alexios |
| author_facet | Rendall, Kieran Nisioti, Antonia Mylonas, Alexios |
| author_sort | Rendall, Kieran |
| collection | PubMed |
| description | Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this threat, many data-driven approaches have been proposed, which mostly rely on the use of supervised machine learning under a single-layer approach. However, such approaches are resource-demanding and, thus, their deployment in production environments is infeasible. Moreover, most previous works utilise a feature set that can be easily tampered with by adversaries. In this paper, we investigate the use of a multi-layered detection framework in which a potential phishing domain is classified multiple times by models using different feature sets. In our work, an additional classification takes place only when the initial one scores below a predefined confidence level, which is set by the system owner. We demonstrate our approach by implementing a two-layered detection system, which uses supervised machine learning to identify phishing attacks. We evaluate our system with a dataset consisting of active phishing attacks and find that its performance is comparable to the state of the art. |
| format | Online Article Text |
| id | pubmed-7472607 |
| institution | National Center for Biotechnology Information |
| language | English |
| publishDate | 2020 |
| publisher | MDPI |
| record_format | MEDLINE/PubMed |
| spelling | pubmed-74726072020-09-17 Towards a Multi-Layered Phishing Detection Rendall, Kieran Nisioti, Antonia Mylonas, Alexios Sensors (Basel) Article Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this threat, many data-driven approaches have been proposed, which mostly rely on the use of supervised machine learning under a single-layer approach. However, such approaches are resource-demanding and, thus, their deployment in production environments is infeasible. Moreover, most previous works utilise a feature set that can be easily tampered with by adversaries. In this paper, we investigate the use of a multi-layered detection framework in which a potential phishing domain is classified multiple times by models using different feature sets. In our work, an additional classification takes place only when the initial one scores below a predefined confidence level, which is set by the system owner. We demonstrate our approach by implementing a two-layered detection system, which uses supervised machine learning to identify phishing attacks. We evaluate our system with a dataset consisting of active phishing attacks and find that its performance is comparable to the state of the art. MDPI 2020-08-13 /pmc/articles/PMC7472607/ /pubmed/32823675 http://dx.doi.org/10.3390/s20164540 Text en © 2020 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (http://creativecommons.org/licenses/by/4.0/). |
| spellingShingle | Article Rendall, Kieran Nisioti, Antonia Mylonas, Alexios Towards a Multi-Layered Phishing Detection |
| title | Towards a Multi-Layered Phishing Detection |
| title_full | Towards a Multi-Layered Phishing Detection |
| title_fullStr | Towards a Multi-Layered Phishing Detection |
| title_full_unstemmed | Towards a Multi-Layered Phishing Detection |
| title_short | Towards a Multi-Layered Phishing Detection |
| title_sort | towards a multi-layered phishing detection |
| topic | Article |
| url | https://www.ncbi.nlm.nih.gov/pmc/articles/PMC7472607/ https://www.ncbi.nlm.nih.gov/pubmed/32823675 http://dx.doi.org/10.3390/s20164540 |
| work_keys_str_mv | AT rendallkieran towardsamultilayeredphishingdetection AT nisiotiantonia towardsamultilayeredphishingdetection AT mylonasalexios towardsamultilayeredphishingdetection |