Modular Platform for Detecting and Classifying Phishing Websites Using Cyber Threat Intelligence

Ahmed Elmesiry, Mirela Sertovic

    Research output: Contribution to journalArticlepeer-review

    Abstract

    Phishing attacks are deceptive types of social engineering techniques that attackers use to imitate genuine websites in order to steal the login credentials and private data of the end-users. The continued success of these attacks is heavily attributed to the prolific adoption of online services and the lack of proper training to foster a security awareness mindset of online users. In addition to the financial and reputational damages caused by data breaches of individual users and businesses, cyber adversaries can further use the leaked data for various malicious purposes. In this work, a modular platform was introduced that facilitates accurate detection and automatic evaluation of websites visited by employees of a company or organization. The basis for this approach is a preceding website analysis, which is essential when hunting for potential threats from proxy logs. The platform contains three modules. Characterization of suspicious websites relies on a set of pre-defined features and a multi-stage threat intelligence technique, the functionality of which has been ascertained in initial tests on real data sets
    Original languageEnglish
    Article number1178
    Number of pages4
    JournalElectronic Communications of the EASST
    Volume80
    DOIs
    Publication statusPublished - 13 Sep 2021

    Fingerprint

    Dive into the research topics of 'Modular Platform for Detecting and Classifying Phishing Websites Using Cyber Threat Intelligence'. Together they form a unique fingerprint.

    Cite this