A Game Theoretical Model for Anticipating Email Spear-Phishing Strategies

Tchakounté, Franklin; Nyassi, Virgile Simé; Danga, Duplex Elvis Houpa; Udagepola, Kalum Priyanath; Atemkeng, Marcellin

doi:10.4108/eai.26-5-2020.166354

Cited by 6 publications

(8 citation statements)

References 36 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…A cyber-defense scenario almost always depends on game theory to understand the attacker's motives and perspective for maximizing the defender's reward. Many similar games have been designed for phishing URL detection with humans in the loop [29,43,14] and adversarial games for generative networks [22,31,17]. However, no work has been proposed, combining adversarial components of GAN and gametheoretic perspectives of attacker-defender for detecting phishing URLs.…”

Section: Literature Reviewmentioning

confidence: 99%

Semi-supervised Conditional GAN for Simultaneous Generation and Detection of Phishing URLs: A Game theoretic Perspective

Kamran¹,

Sengupta²,

Tavakkoli³

2021

Preprint

View full text Add to dashboard Cite

Spear Phishing is a type of cyber-attack where the attacker sends hyperlinks through email on well-researched targets. The objective is to obtain sensitive information such as name, credentials, credit card numbers, or other crucial data by imitating oneself as a trustworthy website. According to a recent report, phishing incidents nearly doubled in frequency in 2020. In recent times, machine learning techniques have become the standard for defending against such attacks. Many augmentations have been made for improving the existing architectures, such as Convolutional Networks, Recurrent Networks, and Generative Adversarial Networks. However, these architectures were designed with only defense in mind. Moreover, the attacker's perspective and motivation are absent while creating such training and deployment pipelines. To address this, we need a gametheoretic approach to understand the rational decision-making process of the attacker (Hacker) and the defender (Phishing URL detector). We propose a Conditional Generative Adversarial Network for real-time phishing URL detection. Additionally, we train our architecture in a semi-supervised manner to distinguish between adversarial and real examples, along with detecting malicious and benign URLs. We also design two games between the attacker and defender in training and deployment settings by utilizing the game-theoretic perspective. Our experiments confirm that the proposed architecture surpasses recent state-of-theart architectures for phishing URLs detection.

show abstract

Section: Literature Reviewmentioning

confidence: 99%

Semi-supervised Conditional GAN for Simultaneous Generation and Detection of Phishing URLs: A Game theoretic Perspective

Kamran¹,

Sengupta²,

Tavakkoli³

2021

Preprint

View full text Add to dashboard Cite

show abstract

“…Meanwhile, the attacker's relationship i.e. fisher and his potential victim can be described as the interaction of players [18]. In this research, the authors introduce an approach according to which the game between IDS agents and insiders was adapted.…”

Section: Introductionmentioning

confidence: 99%

“…The game theory apparatus can be used in different ways. The researchers [18], [19] propose approaches according to which game theory makes it possible to gain knowledge about the interaction between the fisher and the victim in order to predict the next actions of the fisher in accordance with information from past interactions and recommend actions on the side of the victim. These works describe the game in such a way that it is possible to predict the future intentions of the fisher in accordance with the past actions of both players.…”

Section: Introductionmentioning

confidence: 99%

A neuro-game model for analyzing strategies in the dynamic interaction of participants of phishing attacks

Lakhno,

Malyukov,

Malyukova

et al. 2024

TELKOMNIKA

View full text Add to dashboard Cite

A dynamic model of countering phishing attacks is considered. Cryptocurrency exchanges (CCE) and/or their clients are considered as an example of a phishing victim. The model, unlike similar ones, is based on the assumption that the dynamics of the states of the player-victim of phishing attacks and the player-intruder (fisher) is set by means of a system of differential equations. The peculiarity of this model is that it represents a bilinear differential game of quality, for which methods for solving linear differential games are not applicable and, in addition, the absence of functional restrictions on the strategies of players (even immeasurable functions are allowed) does not allow the use of traditional approach. And their solution makes it possible to form payoff matrices, which are part of the training set for artificial neural networks (ANNs). Such a collaboration of models will make it possible to accurately build an anti-phishing strategy, minimizing the costs of both a potential victim of phishing attacks and the defense side when building a secure system of communication with CCE clients. The neuro-game approach makes it possible to predict the process of countering phishing in the context of costs for both parties using different strategies.

show abstract

“…Game theory is a formal mathematical tool for studying situations in which competition or collaboration takes place between several individuals or groups 11 . This tool has been widely used in various studies including network security and cyber security in cases such as privacy, 12 application security, 13 botnet attacks, 14 and phishing 15 . We have developed a privacy‐preserving model that analyzes the impact of user interactions based on game theory.…”

Section: Introductionmentioning

confidence: 99%

“…11 This tool has been widely used in various studies including network security and cyber security in cases such as privacy, 12 application security, 13 botnet attacks, 14 and phishing. 15 We have developed a privacy-preserving model that analyzes the impact of user interactions based on game theory. This theory examines strategic situations in which a player's success in decision-making depends on other players' choices and identifies the Nash equilibrium points.…”

Section: Introductionmentioning

confidence: 99%

A privacy‐preserving mechanism for social mobile crowdsensing using game theory

Esmaeilyfard

Esmaili

2022

Trans Emerging Tel Tech

View full text Add to dashboard Cite

Smartphones and mobile networks have created a new paradigm called mobile crowdsensing for data gathering and processing about a large-scale phenomenon. This paradigm's development allows untrustworthy people to gather large amounts of information over time from the reported events. In this regard, mobile crowdsensing increases the possibility of violating users' privacy. Recently, social communication has added potential capabilities to mobile crowdsourcing environments. Based on these social communications, this article presents an analysis of user's interactions for privacy-preserving using a signaling game with a dynamic approach and incomplete information. First, the analysis identifies the pure-strategy profiles and mixed-strategy profiles and the user's best strategy for accepting access requests in a single time slot. This analysis is then extended into a dynamic multistage game. In this analysis, users' beliefs about the violation of their privacy are analyzed and updated at every stage. As a result, the best response from users will be determined. Following this analysis, a mechanism is presented for privacy-preserving in social mobile crowdsensing. The experimental results have also indicated the success of the proposed method in dealing with different types of user interaction.

show abstract

A Game Theoretical Model for Anticipating Email Spear-Phishing Strategies

Cited by 6 publications

References 36 publications

Semi-supervised Conditional GAN for Simultaneous Generation and Detection of Phishing URLs: A Game theoretic Perspective

Semi-supervised Conditional GAN for Simultaneous Generation and Detection of Phishing URLs: A Game theoretic Perspective

A neuro-game model for analyzing strategies in the dynamic interaction of participants of phishing attacks

A privacy‐preserving mechanism for social mobile crowdsensing using game theory

Contact Info

Product

Resources

About