A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Filters
Towards Adversarial Phishing Detection
2020
USENIX Security Symposium
Preserved Fulltext
Over the recent decades, numerous evaluations of automated methods for detecting phishing attacks have been reporting stellar detection performances based on empirical evidence. ...
These performances often neglect the adaptive behavior of an adversary seeking to evade detection, yielding uncertainty about their adversarial robustness. ...
The implementation of the experiments for the conducted assessment, including reproductions of detection solutions and perturbation methods, is provided with open access at https://github.com/tpanum/ towards-adversarial-phishing-detection ...
dblp:conf/uss/PanumHHP20
fatcat:dkdcaneekrewrgdkzodkhb2w44
An Evasion Attack against ML-based Phishing URL Detectors
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Over the year, Machine Learning Phishing URL classification (MLPU) systems have gained tremendous popularity to detect phishing URLs proactively. ...
To achieve this, we first develop an algorithm to generate adversarial phishing URLs. We then reproduce 41 MLPU systems and record their baseline performance. ...
To address these limitations, Machine Learning based Phishing URL detection (MLPU) systems are widely adapted to detect phishing URLs [50, 76, 96] . ...
arXiv:2005.08454v1
fatcat:vbl5jdynpjg5thqy2xefi5bizi
DeltaPhish: Detecting Phishing Webpages in Compromised Websites
[article]
2017
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
DeltaPhish is also robust against adversarial attempts in which the HTML code of the phishing page is carefully manipulated to evade detection. ...
To the best of our knowledge, this is the first work that specifically leverages this adversarial behavior for detection purposes. ...
On the other hand, website compromise is only a pivoting step towards the final goal of the phishing scam. ...
arXiv:1707.00317v1
fatcat:yrafev7fuzad7ffck6nblsy7z4
Detecting Malicious Accounts showing Adversarial Behavior in Permissionless Blockchains
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Further, the previously used ML algorithms for identifying malicious accounts show bias towards a particular malicious activity which is over-represented. ...
In the sequel, we identify that Neural Networks (NN) holds up the best in the face of such bias inducing dataset at the same time being robust against certain adversarial attacks. ...
This proves the existence of bias in ETC towards 'Phishing'. ...
arXiv:2101.11915v1
fatcat:djkwi3p5xnh23bsoqruvtt4stu
On Designing and Evaluating Phishing Webpage Detection Techniques for the Real World
2018
USENIX Security Symposium
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
These guidelines can improve the effectiveness of phishing detection techniques in real-world scenarios and foster technology transfer. ...
We hope to raise awareness about practices causing this gap and present a set of guidelines for the design and evaluation of phishing webpage detection techniques. ...
Resilience to adversaries Knowing a detection technique, phishers will try to evade it by adapting their phishes. ...
dblp:conf/uss/MarchalA18
fatcat:edhht2iq35cadkww3rpq7c5dwy
URLTran: Improving Phishing URL Detection Using Transformers
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Other Versions
Early phishing detection used standard machine learning classifiers, but recent research has instead proposed the use of deep learning models for the phishing URL detection task. ...
Browsers often include security features to detect phishing web pages. In the past, some browsers evaluated an unknown URL for inclusion in a list of known phishing pages. ...
Building URLTran employs a two-pronged approach towards adapting transformers for the task of phishing URL detection. ...
arXiv:2106.05256v3
fatcat:uysix2k4kzb6xlyqz7xcahuoym
Beyond the lock icon: real-time detection of phishing websites using public key certificates
2015
2015 APWG Symposium on Electronic Crime Research (eCrime)
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2016; you can also visit the original URL.
The file type is application/pdf.
We further show that this approach works not only against HTTPS-enabled phishing attacks, but also detects HTTP phishing attacks with port 443 enabled. ...
Other local client-side phishing detection approaches also exist, but primarily rely on page content or URLs, which are arguably easier to manipulate by attackers. ...
Currently use of valid certificate by adversaries is infrequent; however, attackers are part of the long term trend towards more ubiquitous https. ...
doi:10.1109/ecrime.2015.7120795
dblp:conf/ecrime/DongKBC15
fatcat:u3iplbeft5hrdkdwfgoj2et2tu
Characterizing Phishing Threats with Natural Language Processing
[article]
2015
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
Spear phishing is a widespread concern in the modern network security landscape, but there are few metrics that measure the extent to which reconnaissance is performed on phishing targets. ...
In this work we use Natural Language Processing techniques to investigate a specific real-world phishing campaign and quantify attributes that indicate a targeted spear phishing attack. ...
detected per day fell sharply in the same time range [2] . ...
arXiv:1508.07885v1
fatcat:xraqqfl77fhq3elfkel7s2hjuu
VisualPhishNet: Zero-Day Phishing Website Detection by Visual Similarity
[article]
2020
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Other Versions
We furthermore present VisualPhish, the largest dataset to date that facilitates visual phishing detection in an ecologically valid manner. ...
This paper contributes VisualPhishNet, a new similarity-based phishing detection framework, based on a triplet Convolutional Neural Network (CNN). ...
There is a lot of work towards fixing the evasion problem [3] , however, adversarial perturbations are well-known for classification models. ...
arXiv:1909.00300v4
fatcat:ytxzxjswjbcx3eoszjmzcs2jhi
Mobile Application Impersonation Detection Using Dynamic User Interface Extraction
[chapter]
2016
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
As the detection is based on the visual appearance of the application, as seen by the user, our approach is robust towards the attack implementation technique and resilient to simple detection avoidance ...
In this paper we present a novel approach for detection of mobile app impersonation attacks. ...
Phishing detection. ...
doi:10.1007/978-3-319-45744-4_11
fatcat:w2m4k4p5xvb53ka3ve5pgliewy
Shadows Behind the Keyboard
2022
Proceedings of the 2022 ACM on International Workshop on Security and Privacy Analytics
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Through the study of individual differences, we can better understand not only who is most likely to engage in criminal activity in cyberspace but the dispositional tendencies towards specific types of ...
Specifically, because individuals high in Machiavellianism are more cautious and they make more extensive changes between phishing emails in order to avoid detection and evade spam filters. ...
Although recapturing a resource is costly, it is far costlier to let a resource remain in the control of an adversary. ...
doi:10.1145/3510548.3519379
fatcat:zq6uix6ejfapxkvwyx6adqvhra
Phishing URL Detection Through Top-level Domain Analysis: A Descriptive Approach
2020
Proceedings of the 6th International Conference on Information Systems Security and Privacy
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Note that this fulltext copy is not of the "primary" version of this work. The version it corresponds to is:
2020 pre-print arXiv:2005.06599v1 fatcat:o3blenpy6nc6bd6qr7ubh5qhtu
Phishing is considered to be one of the most prevalent cyber-attacks because of its immense flexibility and alarmingly high success rate. ...
This study aims to develop a machine-learning model to detect fraudulent URLs which can be used within the Splunk platform. ...
For the detection of phishing domains, more focus should have been given towards features explicitly targeting the detection of squatting domains (Moubayed et al., 2018) . ...
doi:10.5220/0008902202890298
dblp:conf/icissp/ChristouPPMB20
fatcat:vhjczp26qnerdbr7hi7p7qyq7a
PhiGARo: Automatic Phishing Detection and Incident Response Framework
2014
2014 Ninth International Conference on Availability, Reliability and Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We present a comprehensive framework for automatic phishing incident processing and work in progress concerning automatic phishing detection and reporting. ...
The honeypots are used to capture e-mails, automatically detect messages containing phishing and immediately transfer them to PhiGARo. ...
[6] mimicked user responses to detect phishing. Their work places the response before detection to provide the adversary with fake responses. ...
doi:10.1109/ares.2014.46
dblp:conf/IEEEares/HusakC14
fatcat:2q637rwncbegtjrbo3irocheva
The Threat of Offensive AI to Organizations
[article]
2021
arXiv
pre-print
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
In particular, cyber adversaries can use AI (such as machine learning) to enhance their attacks and expand their campaigns. ...
For example, how does an AI-capable adversary impact the cyber kill chain? Does AI benefit the attacker more than the defender? ...
Many email services use machine learning to detect malicious emails. However, adversaries can use adversarial machine learning to evade detection [57, 74, 136, 137] . ...
arXiv:2106.15764v1
fatcat:zkfukg4krjcczpie2gbdznwqqi
Tree-classification Algorithm to Ease User Detection of Predatory Hijacked Journals: Empirical Analysis of Journal Metrics Rankings
2021
International Journal of Engineering and Manufacturing
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
Results show the classification algorithm can effectively detect 95-percent accuracy of journal phishing based on journal metric indicators and website ranks. ...
The negative impact thus, of predatory and hijacked journals cannot be over-emphasized as adversaries use carefully crafted, social engineering (phishing attack) skillsto exploit unsuspecting and inexperienced ...
. Sequence in search result adds to increased accuracy in detecting phishing pages. ...
doi:10.5815/ijem.2021.04.01
fatcat:63gtt5vqnveq3muwys7f6d3ho4
« Previous
Showing results 1 — 15 out of 2,140 results