Enhancеd Analysis Approach to Detect Phishing Attacks During COVID-19 Crisis

Jafar, Mousa Tayseer; Al-Fawa’reh, Mohammad; Barhoush, Malek; Alshira’H, Mohammad H.

doi:10.2478/cait-2022-0004

Abstract

Public health responses to the COVID-19 pandemic since March 2020 have led to lockdowns and social distancing in most countries around the world, with a shift from the traditional work environment to virtual one. Employees have been encouraged to work from home where possible to slow down the viral infection. The massive increase in the volume of professional activities executed online has posed a new context for cybercrime, with the increase in the number of emails and phishing websites. Phishing attacks have been broadened and extended through years of pandemics COVID-19. This paper presents a novel approach for detecting phishing Uniform Resource Locators (URLs) applying the Gated Recurrent Unit (GRU), a fast and highly accurate phishing classifier system. Comparative analysis of the GRU classification system indicates better accuracy (98.30%) than other classifier systems.

References

1. Phishing|General Phishing Information and Prevention Tips (Accessed 18 February 2022). https://www.phishing.org/
Search in Google Scholar Back to article
2. Internet-Statistics (Online). https://www.broadbandsearch.net/blog/internet-statistics
Search in Google Scholar Back to article
3. Whitman, M. E., H. J. Mattord. Principles of Information Security. Cengage Learning, 2011.
Search in Google Scholar Back to article
4. Trautman, L. J., M. Hussein, E. U. Opara, M. J. Molesky, S. Rahman. Posted: No Phishing. – In: Emory Corp. Gov. Account. Rev., 2020.
Search in Google Scholar Back to article
5. Alqurashi, R. K., M. A. AlZain, B. Soh, M. Masud, J. Al-Amri. Cyber Attacks and Impacts: A Case Study in Saudi Arabia. – Int. J., Vol. 9, 2020, No 1.10.30534/ijatcse/2020/33912020
Search in Google Scholar Back to article
6. Sahingoz, O. K., E. Buber, O. Demir, B. Diri. Machine Learning Based Phishing Detection from URLs. – Expert Syst. Appl., Vol. 117, 2019, pp. 345-357.10.1016/j.eswa.2018.09.029
Search in Google Scholar Back to article
7. Buczak, A. L., E. Guven. A Survey of Data Mining and Machine Learning Methods for Cyber Security Intrusion Detection. – IEEE Commun. Surv. Tutorials, Vol. 18, 2015, No 2, pp. 1153-1176.10.1109/COMST.2015.2494502
Search in Google Scholar Back to article
8. Luo, Z. A Study of Accuracy and Reliability of CBIR-Based Phishing Filter. Purdue University, 2013.
Search in Google Scholar Back to article
9. Zouina, M., B. Outtaj. A Novel Lightweight URL Phishing Detection System Using SVM and Similarity Index. – Human-Centric Comput. Inf. Sci., Vol. 7, 2017, No 1, pp. 1-13.10.1186/s13673-017-0098-1
Search in Google Scholar Back to article
10. Anand, A., K. Gorde, J. R. A. Moniz, N. Park, T. Chakraborty, B.-T. Chu. Phishing URL Detection with Oversampling Based on Text Generative Adversarial Networks. – In: Proc. of 2018 IEEE International Conference on Big Data (Big Data’18), 2018, pp. 1168-1177.10.1109/BigData.2018.8622547
Search in Google Scholar Back to article
11. Shirazi, H., S. R. Muramudalige, I. Ray, A. P. Jayasumana. Improved Phishing Detection Algorithms Using Adversarial Autoencoder Synthesized Data. – In: Proc. of 2020 IEEE 45th Conference on Local Computer Networks (LCN’20), 2020, pp. 24-32.10.1109/LCN48667.2020.9314775
Search in Google Scholar Back to article
12. Xiao, X., D. Zhang, G. Hu, Y. Jiang, S. Xia. CNN-MHSA: A Convolutional Neural Network and Multi-Head Self-Attention Combined Approach for Detecting Phishing Websites. – Neural Networks, Vol. 125, 2020, pp. 303-312.10.1016/j.neunet.2020.02.01332172140
Search in Google Scholar Back to article
13. Kamran, S. A., S. Sengupta, A. Tavakkoli. Semi-Supervised Conditional GAN for Simultaneous Generation and Detection of Phishing URLs: A Game Theoretic Perspective. arXiv Prepr. arXiv2108.01852, 2021.
Search in Google Scholar Back to article
14. Yerima, S. Y., M. K. Alzaylaee. High Accuracy Phishing Detection Based on Convolutional Neural Networks. – In: Proc. of 2020 3rd International Conference on Computer Applications & Information Security (ICCAIS’20), 2020, pp. 1-6.10.1109/ICCAIS48893.2020.9096869
Search in Google Scholar Back to article
15. Yi, P., Y. Guan, F. Zou, Y. Yao, W. Wang, T. Zhu. Web Phishing Detection Using a Deep Learning Framework. – Wirel. Commun. Mob. Comput., Vol. 2018, 2018.10.1155/2018/4678746
Search in Google Scholar Back to article
16. Abutair, H., A. Belghith, S. AlAhmadi. CBR-PDS: A Case-Based Reasoning Phishing Detection System. – J. Ambient Intell. Humaniz. Comput., Vol. 10, 2019, No 7, pp. 2593-2606.10.1007/s12652-018-0736-0
Search in Google Scholar Back to article
17. Adebowale, M. A., K. T. Lwin, E. Sanchez, M. A. Hossain. Intelligent Web-Phishing Detection and Protection Scheme Using Integrated Features of Images, Frames and Text. – Expert Syst. Appl., Vol. 115, 2019, pp. 300-313.10.1016/j.eswa.2018.07.067
Search in Google Scholar Back to article
18. Babagoli, M., M. P. Aghababa, V. Solouk. Heuristic Nonlinear Regression Strategy for Detecting Phishing Websites. – Soft Comput., Vol. 23, 2019, No 12, pp. 4315-4327.10.1007/s00500-018-3084-2
Search in Google Scholar Back to article
19. Ferreira, R. P., et al. Artificial Neural Network for Websites Classification with Phishing Characteristics. – Soc. Netw., Vol. 7, 2018, No 2, p. 97.10.4236/sn.2018.72008
Search in Google Scholar Back to article
20. Korkmaz, M., O. K. Sahingoz, B. Diri. Detection of Phishing Websites by Using Machine Learning-Based URL Analysis. – In: Proc. of 2020 11th International Conference on Computing, Communication and Networking Technologies (ICCCNT’20), 2020, pp. 1-7.10.1109/ICCCNT49239.2020.9225561
Search in Google Scholar Back to article
21. Alam, M. N., D. Sarma, F. F. Lima, I. Saha, S. Hossain. Phishing Attacks Detection Using Machine Learning Approach. – In: Proc. of 3rd International Conference on Smart Systems and Inventive Technology (ICSSIT’20), 2020, pp. 1173-1179.10.1109/ICSSIT48917.2020.9214225
Search in Google Scholar Back to article
22. Kumar, J., A. Santhanavijayan, B. Janet, B. Rajendran, B. S. Bindhumad-hava. Phishing Website Classification and Detection Using Machine Learning. – In: Proc. of 2020 International Conference on Computer Communication and Informatics (ICCCI’20), 2020, pp. 1-6.10.1109/ICCCI48352.2020.9104161
Search in Google Scholar Back to article
23. Do, N. Q., A. Selamat, O. Krejcar, T. Yokoi, H. Fujita. Phishing Webpage Classification via Deep Learning-Based Algorithms: An Empirical Study. – Appl. Sci., Vol. 11, 2021, No 19, p. 9210.10.3390/app11199210
Search in Google Scholar Back to article
24. Yang, R., K. Zheng, B. Wu, C. Wu, X. Wang. Phishing Website Detection Based on Deep Convolutional Neural Network and Random Forest Ensemble Learning. – Sensors, Vol. 21, 2021, No 24, p. 8281.10.3390/s21248281870938034960375
Search in Google Scholar Back to article
25. Dangwal, S., A.-N. Moldovan. Feature Selection for Machine Learning-Based Phishing Websites Detection. – In: Proc. of 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA’21), 2021, pp. 1-6.10.1109/CyberSA52016.2021.9478242
Search in Google Scholar Back to article
26. Berners-Lee, T., L. Masinter, M. McCahill. Uniform Resource Locators (URL). 1994.10.17487/rfc1738
Search in Google Scholar Back to article
27. Bibi, I., A. Akhunzada, J. Malik, J. Iqbal, A. Mussaddiq, S. Kim. A Dynamic DL-Driven Architecture to Combat Sophisticated Android Malware. – IEEE Access, Vol. 8, 2020, pp. 129600-129612.10.1109/ACCESS.2020.3009819
Search in Google Scholar Back to article
28. Kula, S., M. Choraś, R. Kozik, P. Ksieniewicz, M. Woźniak. Sentiment Analysis for Fake News Detection by Means of Neural Networks. – In: Proc. of International Conference on Computational Science, 2020, pp. 653-666.10.1007/978-3-030-50423-6_49
Search in Google Scholar Back to article
29. Chung, J., C. Gulcehre, K. Cho, Y. Bengio. Empirical Evaluation of Gated Recurrent Neural Networks on Sequence Modeling. arXiv Prepr. arXiv1412.3555, 2014.
Search in Google Scholar Back to article
30. Kalman, B. L., S. C. Kwasny. Why Tanh: Choosing a Sigmoidal Function. – In: Proc. of 1992 IJCNN International Joint Conference on Neural Networks, Vol. 4, 1992, pp. 578-581.
Search in Google Scholar Back to article
31. Baldi, P., S. Brunak, Y. Chauvin, C. A. F. Andersen, H. Nielsen. Assessing the Accuracy of Prediction Algorithms for Classification: An Overview. – Bioinformatics, Vol. 16, 2000, No 5, pp. 412-424.10.1093/bioinformatics/16.5.41210871264
Search in Google Scholar Back to article
32. Saito, T., M. Rehmsmeier. The Precision-Recall Plot is More Informative than the ROC Plot When Evaluating Binary Classifiers on Imbalanced Datasets. – PLoS One, Vol. 10, 2015, No 3, p. e0118432.10.1371/journal.pone.0118432434980025738806
Search in Google Scholar Back to article
33. Chatterjee, M., A.-S. Namin. Detecting Phishing Websites through Deep Reinforcement Learning. – In: Proc. of 2019 IEEE 43rd Annual Computer Software and Applications Conference (COMPSAC’19), Vol. 2, 2019, pp. 227-232.10.1109/COMPSAC.2019.10211
Search in Google Scholar Back to article
34. Zhang, W., Q. Jiang, L. Chen, C. Li. Two-Stage ELM for Phishing Web Pages Detection Using Hybrid Features. – World Wide Web, Vol. 20, 2017, No 4, pp. 797-813.10.1007/s11280-016-0418-9
Search in Google Scholar Back to article
35. El-Alfy, E.-S. M. Detection of Phishing Websites Based on Probabilistic Neural Networks and K-Medoids Clustering. – Comput. J., Vol. 60, 2017, No 12, pp. 1745-1759.10.1093/comjnl/bxx035
Search in Google Scholar Back to article
36. Montazer, G. A., S. ArabYarmohammadi. Detection of Phishing Attacks in Iranian e-Banking Using a Fuzzy-Rough Hybrid System. – Appl. Soft Comput., Vol. 35, 2015, pp. 482-492.10.1016/j.asoc.2015.05.059
Search in Google Scholar Back to article
37. Yadollahi, M. M., F. Shoeleh, E. Serkani, A. Madani, H. Gharaee. An Adaptive Machine Learning Based Approach for Phishing Detection Using Hybrid Features. – In: Proc. of 2019 5th International Conference on Web Research (ICWR’19), 2019, pp. 281-286.10.1109/ICWR.2019.8765265
Search in Google Scholar Back to article
38. Alshira’h, M., M. Al-Fawa’reh. Detecting Phishing Urls Using machine Learning Lexical Feature-Based Analysis. – Int. J. Adv. Trends Comput. Sci. Eng., Vol. 9, 2020, No 4, pp. 5828-5837.10.30534/ijatcse/2020/242942020
Search in Google Scholar Back to article
39. Al-Ruzouq, R. et al. Sensors, Features, and Machine Learning for Oil Spill Detection and Monitoring: A Review. – Remote Sens., Vol. 12, 2020, No 20, p. 3338.10.3390/rs12203338
Search in Google Scholar Back to article
40. Deep Learning – What is the Complexity of a Bidirectional Recurrent Neural Network? – Data Science Stack Exchange (Accessed 18 February 2022). https://datascience.stackexchange.com/questions/82766/what-is-the-complexity-of-a-bidirectional-recurrent-neural-network
Search in Google Scholar Back to article
41. Computational Complexity of ML Models|by Paritosh Kumar|Analytics Vidhya|Medium (Accessed 18 February 2022). https://medium.com/analytics-vidhya/time-complexity-of-ml-models-4ec39fad2770
Search in Google Scholar Back to article

Enhancеd Analysis Approach to Detect Phishing Attacks During COVID-19 Crisis

Abstract

Paradigm

My account