Preventive Techniques of Phishing Attacks in Networks

Adil, Muhammad; Khan, Rahim; Ghani, M. Ahmad Nawaz Ul

doi:10.1109/icacs47775.2020.9055943

Cited by 20 publications

(4 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Next, click on any advertisements or pop-ups that can be avoided in the web application because they may contain malicious code. The malicious code is automatically downloaded into the system without anyone's knowledge [27]. Never utilize the input directly in the application code.…”

Section: Prevention Techniquesmentioning

confidence: 99%

An Experimental Study on Detecting and Mitigating Vulnerabilities in Web Applications

Kollepalli,

Reddy,

Sai

et al. 2024

IJSSE

View full text Add to dashboard Cite

The increasing use of the internet has led to a growing number of security threats. Computers, smartphones, smartwatches, and other mobile devices associated with the internet face different threats and exploits. In those cases, different services are provided through web applications only. Those applications are vulnerable to hacking. There are over 1.9 billion websites today, and everything is connected to the network. According to the new national vulnerability database update, 10,683 weaknesses were found in web applications in the first quarter of 2023. The websites have the most significant details of the clients, like personal details, financial details, and so on. Checking all the web application weaknesses is not a silver bullet. So, vulnerability scanners play a significant role in web application security. Vulnerability analysis and penetration testing are two distinct vulnerability types of testing. These tests can help identify all the vulnerabilities in a web application, even those not detected by vulnerability scanners. While certain users access this vulnerability analysis data with just honest goals, like creating some security measures to avoid those vulnerabilities, some utilize it to recognize ways of destroying significant information and records of websites. As it is notable, the term penetration testing is also ethical hacking. The current paper aims to investigate penetration testing on web applications. The paper discusses the different types of penetration testing, the tools and techniques used, and the benefits of penetration testing. It also suggests the challenges of penetration testing and the steps that can be taken to mitigate these challenges.

show abstract

Section: Prevention Techniquesmentioning

confidence: 99%

An Experimental Study on Detecting and Mitigating Vulnerabilities in Web Applications

Kollepalli,

Reddy,

Sai

et al. 2024

IJSSE

View full text Add to dashboard Cite

show abstract

“…Phishing is a social engineering attack where attackers convince users to give their credential information through fake emails, messages, phone calls, etc. [15]. Many social media platforms, such as WhatsApp, Facebook, and Instagram, used for online business, advertisement, and marketing, become easily exploited with phishing attacks to steal users' personal information, such as usernames, passwords, and financial information.…”

Section: Phishing Attackmentioning

confidence: 99%

Intrusion Detection Techniques in Social Media Cloud: Review and Future Directions

Abuali

Nissirat

Al-Samawi

2023

Wireless Communications and Mobile Computing

View full text Add to dashboard Cite

As social media use increases, the number of users has risen also. This has increased the volume of data carried over the network, making it more important to secure users’ data and privacy from threats. As users are unaware of hackers, social media’s security flaws and new forms of attack will persist. Intrusion detection systems, therefore, are vital to identifying intrusion risks. This paper examines a variety of intrusion detection techniques used to detect cyberattacks on social media networks. The paper provides a summary of the prevalent attacks on social media networks, such as phishing, fake profiles, account compromise, and cyberbullying. Then, the most prevalent techniques for classifying network traffic, including statistical and artificial intelligence (AI) techniques, are addressed. The literature also demonstrates that because AI can manage vast, scalable networks, AI-based IDSs are more effective at classifying network traffic and detecting intrusions in complex social media networks. However, AI-based IDSs exhibit high computational and space complexities; therefore, despite their remarkable performance, they are more suitable for high computing power systems. Hybrid IDSs, utilizing statistical feature selection and shallow neural networks, may provide a compromise between computational requirements and efficiency. This investigation shows that accuracies of statistical techniques range from 90% to 97.5%. In contrast, AI and ML technique detection accuracy ranges from 78% to 99.95%. Similarly, swarm and evolutionary techniques achieved from 84% to 99.95% and deep learning-based detection techniques achieved from 45% to more than 99% detection rates. Convolutional neural network deep learning systems outperformed other methods due to their ability to automatically craft the features that would classify the network traffic with high accuracy.

show abstract

“…The aim is to increase the accessibility and availability of web-based solutions needed on a day-to-day basis. Nonetheless, the open accessibility and availability of these web-based solutions in cyberspace create avenues for cyber-attacks as there are no generic control measures to cyberspace [4,5]. These cyber-attacks generate critical vulnerabilities and threats for both the web-based solutions and end-users with information as well as financial losses as major aftermaths of cyber-attacks.…”

Section: Introductionmentioning

confidence: 99%

Improving the phishing website detection using empirical analysis of Function Tree and its variants

Balogun

Adewole

Raheem

et al. 2021

Heliyon

View full text Add to dashboard Cite

The phishing attack is one of the most complex threats that have put internet users and legitimate web resource owners at risk. The recent rise in the number of phishing attacks has instilled distrust in legitimate internet users, making them feel less safe even in the presence of powerful antivirus apps. Reports of a rise in financial damages as a result of phishing website attacks have caused grave concern. Several methods, including blacklists and machine learning-based models, have been proposed to combat phishing website attacks. The blacklist antiphishing method has been faulted for failure to detect new phishing URLs due to its reliance on compiled blacklisted phishing URLs. Many ML methods for detecting phishing websites have been reported with relatively low detection accuracy and high false alarm. Hence, this research proposed a Functional Tree (FT) based metalearning models for detecting phishing websites. That is, this study investigated improving the phishing website detection using empirical analysis of FT and its variants. The proposed models outperformed baseline classifiers, meta-learners and hybrid models that are used for phishing websites detection in existing studies. Besides, the proposed FT based meta-learners are effective for detecting legitimate and phishing websites with accuracy as high as 98.51% and a false positive rate as low as 0.015. Hence, the deployment and adoption of FT and its metalearner variants for phishing website detection and applicable cybersecurity attacks are recommended.

show abstract

Preventive Techniques of Phishing Attacks in Networks

Cited by 20 publications

References 8 publications

An Experimental Study on Detecting and Mitigating Vulnerabilities in Web Applications

An Experimental Study on Detecting and Mitigating Vulnerabilities in Web Applications

Intrusion Detection Techniques in Social Media Cloud: Review and Future Directions

Improving the phishing website detection using empirical analysis of Function Tree and its variants

Contact Info

Product

Resources

About