Modular Platform for Detecting and Classifying Phishing Websites Using Cyber Threat Intelligence

Ahmed Elmesiry, Mirela Sertovic

Research output: Contribution to journalArticlepeer-review

Abstract

Phishing attacks are deceptive types of social engineering techniques that attackers use to imitate genuine websites in order to steal the login credentials and private data of the end-users. The continued success of these attacks is heavily attributed to the prolific adoption of online services and the lack of proper training to foster a security awareness mindset of online users. In addition to the financial and reputational damages caused by data breaches of individual users and businesses, cyber adversaries can further use the leaked data for various malicious purposes. In this work, a modular platform was introduced that facilitates accurate detection and automatic evaluation of websites visited by employees of a company or organization. The basis for this approach is a preceding website analysis, which is essential when hunting for potential threats from proxy logs. The platform contains three modules. Characterization of suspicious websites relies on a set of pre-defined features and a multi-stage threat intelligence technique, the functionality of which has been ascertained in initial tests on real data sets
Original languageEnglish
Article number1178
Number of pages4
JournalElectronic Communications of the EASST
Volume80
DOIs
Publication statusPublished - 13 Sep 2021

Fingerprint

Dive into the research topics of 'Modular Platform for Detecting and Classifying Phishing Websites Using Cyber Threat Intelligence'. Together they form a unique fingerprint.

Cite this