Anti-Phishing Awareness Delivery Methods

Darem, A. Basit

doi:10.48084/etasr.4600

Cited by 8 publications

(2 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…African corporations are facing rising cybersecurity risks, particularly in banks that are poorly performing and under-capitalized. Cyberattacks such as fraud, phishing, hacking, and ransomware attacks erode public confidence in online services, constraining the expansion of online banking [5][6]. Financial institutions are investing heavily in cybersecurity to counteract cyberattacks and cyber bank robbery attempts [7].…”

Section: Introductionmentioning

confidence: 99%

An Ensemble-based Fraud Detection Model for Financial Transaction Cyber Threat Classification and Countermeasures

Alhashmi,

Alashjaee,

Darem

et al. 2023

Eng. Technol. Appl. Sci. Res.

View full text Add to dashboard Cite

Fraud remains a pervasive challenge within the banking industry, where financial institutions and their clients grapple with substantial annual losses. The proliferation of digital transactions and online banking has created new avenues for fraudsters to exploit vulnerabilities, leading to financial harm to unsuspecting victims. Consequently, the imperative to promptly and accurately detect fraudulent transactions has grown significantly, both as a safeguard against financial crimes and as a pillar of trust between customers and the banking sector. This paper introduces an innovative fraud detection model designed for bank payment transactions using advanced ensembling techniques. This study presents a comprehensive evaluation of an ensembling model conducted on the Bank Account Fraud (BAF) dataset. Through meticulous analysis, the performance of various base models and ensembling methods was assessed and compared, employing a variety of critical metrics including accuracy, precision, recall, and F1-score. The proposed ensemble model, referred to as "Stacking," exhibited remarkable performance, attaining a commendable accuracy score of 0.98. This result reaffirmed its prowess as a comprehensive and balanced solution to the multifaceted challenges of fraud detection. This study has paramount implications for the banking industry, offering a robust and adaptable solution to deal with the increasing threats posed by financial fraud. Furthermore, it emphasizes the significance of precision-recall trade-offs in fraud detection and underscores the potential of ensemble methods, particularly the "Stacking" model, to fortify the resilience and efficacy of existing security systems.

show abstract

Section: Introductionmentioning

confidence: 99%

An Ensemble-based Fraud Detection Model for Financial Transaction Cyber Threat Classification and Countermeasures

Alhashmi,

Alashjaee,

Darem

et al. 2023

Eng. Technol. Appl. Sci. Res.

View full text Add to dashboard Cite

show abstract

“…However, smishing remains a problem in many countries [5]- [11]. Some researchers have pointed out the importance of security education, attributing the current situation to low security awareness [12], [13]. Furthermore, researchers indicate that a massive number of malicious apps and their evolving evasion techniques yield a major gap between malware detection research and practice [14], [15].…”

Section: Introductionmentioning

confidence: 99%

Smishing Strategy Dynamics and Evolving Botnet Activities in Japan

Saeki

Kitayama

Koga³

et al. 2022

IEEE Access

View full text Add to dashboard Cite

XLoader and FakeSpy, the two major smishing botnets targeting Japan, change their attack strategies over various timescales. Based on recent observations of the botnets and Twitter data, we present empirical facts about their strategies and activity patterns and applied some of these strategic and activity patterns to malware detection and malicious domain detection. All the proposed methods yielded small false positive and negative rates, and are expected to run on user devices owing to their small computational cost. Recent malware detection methods based on traffic analysis extract TCP/IP traffic features if the upper layers of TCP are encrypted. In this study, Frida's hooking capability was employed to decode the upper layers (WebSocket and JSON-RPC) to create a list of all commands flowing over the botnet channel. The command-level traffic analysis presents decisive attack features because commands are transmitted according to strategies developed by the attackers. The proposed malicious domain detection method, on the other hand, exploited the tendency of the attackers to create domains in batches. Previous researchers focused on how benign and malicious domains were registered and used on the name servers. The proposed method, on the other hand, focuses on the arrival rate of SMS messages with URL links. The error rates become significantly small when users do not receive such messages very often.

show abstract