Abstract | ||
---|---|---|
Phishing is one of the most common threats that users face while browsing the web. In the current threat landscape, a targeted phishing attack (i.e., spear phishing) often constitutes the first action of a threat actor during an intrusion campaign. To tackle this threat, many data-driven approaches have been proposed, which mostly rely on the use of supervised machine learning under a single-layer approach. However, such approaches are resource-demanding and, thus, their deployment in production environments is infeasible. Moreover, most previous works utilise a feature set that can be easily tampered with by adversaries. In this paper, we investigate the use of a multi-layered detection framework in which a potential phishing domain is classified multiple times by models using different feature sets. In our work, an additional classification takes place only when the initial one scores below a predefined confidence level, which is set by the system owner. We demonstrate our approach by implementing a two-layered detection system, which uses supervised machine learning to identify phishing attacks. We evaluate our system with a dataset consisting of active phishing attacks and find that its performance is comparable to the state of the art. |
Year | DOI | Venue |
---|---|---|
2020 | 10.3390/s20164540 | SENSORS |
Keywords | DocType | Volume |
supervised machine learning,phishing,multi-layer | Journal | 20 |
Issue | ISSN | Citations |
16 | 1424-8220 | 0 |
PageRank | References | Authors |
0.34 | 0 | 3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Kieran Rendall | 1 | 0 | 0.34 |
Antonia Nisioti | 2 | 8 | 2.28 |
Alexios Mylonas | 3 | 234 | 17.65 |