Modular Platform for Detecting and Classifying Phishing Websites Using Cyber Threat Intelligence

Ahmed Elmesiry, Mirela Sertovic

    Allbwn ymchwil: Cyfraniad at gyfnodolynErthygladolygiad gan gymheiriaid

    Crynodeb

    Phishing attacks are deceptive types of social engineering techniques that attackers use to imitate genuine websites in order to steal the login credentials and private data of the end-users. The continued success of these attacks is heavily attributed to the prolific adoption of online services and the lack of proper training to foster a security awareness mindset of online users. In addition to the financial and reputational damages caused by data breaches of individual users and businesses, cyber adversaries can further use the leaked data for various malicious purposes. In this work, a modular platform was introduced that facilitates accurate detection and automatic evaluation of websites visited by employees of a company or organization. The basis for this approach is a preceding website analysis, which is essential when hunting for potential threats from proxy logs. The platform contains three modules. Characterization of suspicious websites relies on a set of pre-defined features and a multi-stage threat intelligence technique, the functionality of which has been ascertained in initial tests on real data sets
    Iaith wreiddiolSaesneg
    Rhif yr erthygl1178
    Nifer y tudalennau4
    CyfnodolynElectronic Communications of the EASST
    Cyfrol80
    Dynodwyr Gwrthrych Digidol (DOIs)
    StatwsCyhoeddwyd - 13 Medi 2021

    Ôl bys

    Gweld gwybodaeth am bynciau ymchwil 'Modular Platform for Detecting and Classifying Phishing Websites Using Cyber Threat Intelligence'. Gyda’i gilydd, maen nhw’n ffurfio ôl bys unigryw.

    Dyfynnu hyn