Towards a Multi-Layered Phishing Detection

Autor: Kieran Rendall, Antonia Nisioti, Alexios Mylonas
Jazyk: angličtina
Rok vydání: 2020
Předmět:
Zdroj: Sensors, Vol 20, Iss 16, p 4540 (2020)
Druh dokumentu: article
ISSN: 1424-8220
DOI: 10.3390/s20164540
Popis: Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this threat, many data-driven approaches have been proposed, which mostly rely on the use of supervised machine learning under a single-layer approach. However, such approaches are resource-demanding and, thus, their deployment in production environments is infeasible. Moreover, most previous works utilise a feature set that can be easily tampered with by adversaries. In this paper, we investigate the use of a multi-layered detection framework in which a potential phishing domain is classified multiple times by models using different feature sets. In our work, an additional classification takes place only when the initial one scores below a predefined confidence level, which is set by the system owner. We demonstrate our approach by implementing a two-layered detection system, which uses supervised machine learning to identify phishing attacks. We evaluate our system with a dataset consisting of active phishing attacks and find that its performance is comparable to the state of the art.
Databáze: Directory of Open Access Journals
Nepřihlášeným uživatelům se plný text nezobrazuje