• International Journal of Computer Science & Network Security
• /
• v.22 no.5
• /
• pp.277-283
• /
• 2022

Email phishing has become very prevalent especially now that most of our dealings have become technical. The victim receives a message that looks as if it was sent from a known party and the attack is carried out through a fake cookie that includes a phishing program or through links connected to fake websites, in both cases the goal is to install malicious software on the user's device or direct him to a fake website. Today it is difficult to deploy robust cybersecurity solutions without relying heavily on machine learning algorithms. This research seeks to detect phishing emails using high-accuracy machine learning techniques. using the WEKA tool with data preprocessing we create a proposed methodology to detect emails phishing. outperformed random forest algorithm on Naïve Bayes algorithms by accuracy of 99.03 %.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.23 no.6
• /
• pp.1037-1047
• /
• 2013

As damages from phishing have been increased, many anti-phishing solutions and related researches have been studied. Anti-phishing solutions are often built in web-browsers or provided as security toolbars. Other types of solutions are also developed such as email-filtering and solutions strengthening server authentication via secret image sharing. At the same time, researchers have tried to see the reasons why phishing works and how effective anti-phishing solutions are. In this paper, we review relevant anti-phishing solutions, their techniques and other phishing-related researches. Based on these, we summarize recommended ways to improve anti-phishing solutions and suggest the future directions to study to protect users from phishing attacks.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.12 no.3
• /
• pp.1348-1375
• /
• 2018

Support Vector Machine (SVM) is a well-known machine learning classification algorithm, which has been widely applied to many data mining problems, with good accuracy. However, SVM classification speed decreases with increase in dataset size. Some applications, like video surveillance and intrusion detection, requires a classifier to be trained very quickly, and on large datasets. Hence, this paper introduces two filter-based instance selection techniques for optimizing SVM training speed. Fast classification is often achieved at the expense of classification accuracy, and some applications, such as phishing and spam email classifiers, are very sensitive to slight drop in classification accuracy. Hence, this paper also introduces two wrapper-based instance selection techniques for improving SVM predictive accuracy and training speed. The wrapper and filter based techniques are inspired by Cuckoo Search Algorithm and Bat Algorithm. The proposed techniques are validated on three popular e-fraud types: credit card fraud, spam email and phishing email. In addition, the proposed techniques are validated on 20 other datasets provided by UCI data repository. Moreover, statistical analysis is performed and experimental results reveals that the filter-based and wrapper-based techniques significantly improved SVM classification speed. Also, results reveal that the wrapper-based techniques improved SVM predictive accuracy in most cases.

• International Journal of Computer Science & Network Security
• /
• v.21 no.12
• /
• pp.213-218
• /
• 2021

This paper proposes a technique for detecting a significant threat that attempts to get sensitive and confidential information such as usernames, passwords, credit card information, and more to target an individual or organization. By definition, a phishing attack happens when malicious people pose as trusted entities to fraudulently obtain user data. Phishing is classified as a type of social engineering attack. For a phishing attack to happen, a victim must be convinced to open an email or a direct message [1]. The email or direct message will contain a link that the victim will be required to click on. The aim of the attack is usually to install malicious software or to freeze a system. In other instances, the attackers will threaten to reveal sensitive information obtained from the victim. Phishing attacks can have devastating effects on the victim. Sensitive and confidential information can find its way into the hands of malicious people. Another devastating effect of phishing attacks is identity theft [1]. Attackers may impersonate the victim to make unauthorized purchases. Victims also complain of loss of funds when attackers access their credit card information. The proposed method has two major subsystems: (1) Data collection: different websites have been collected as a big data corresponding to normal and phishing dataset, and (2) distributed detection system: different artificial algorithms are used: a neural network algorithm and machine learning. The Amazon cloud was used for running the cluster with different cores of machines. The experiment results of the proposed system achieved very good accuracy and detection rate as well.

• Proceedings of the Korean Institute of Information and Commucation Sciences Conference
• /
• 2013.05a
• /
• pp.284-287
• /
• 2013

Recently target oriented attacks which target an enterprise and a government agency are increasing. The starting point of APT(Advanced Persistent Threat), called as target oriented attacks, is the spear phishing email that is personalized based on the information collected via Internet of the target personnel. It is known that 94% of target oriented attacks use spear phishing emails. Therefore, in this paper, we analysed spear phishing methods in detail and the characteristics and recent trends of spear phishing threats and proposed the effective prevention method of spear phishing for the end user.

• Journal of the Korea Institute of Information and Communication Engineering
• /
• v.17 no.12
• /
• pp.2753-2762
• /
• 2013

Recently the paradigm of cyber attacks is changing due to the information security technology improvement. The cyber attack that uses the social engineering and targets the end users has been increasing as the organization's systems and networks security controls have been tightened. The 91% of APT(Advanced Persistent Threat) which targets an enterprise or a government agency to get the important data and disable the critical service starts with the spear phishing email. In this paper, we analysed the security threats and characteristics of the spear phishing in detail and explained why the technical solutions are not enough to prevent spear phishing attacks. Therefore, we proposed the administrative prevention methods for the spear phishing attack.

• Journal of the Korea Institute of Information Security & Cryptology
• /
• v.27 no.2
• /
• pp.267-279
• /
• 2017

This study emulated unscheduled phishing e-mails over a long period of time by imitating the manner in which external hackers attacked a group of employees in a company. We then measured and analyzed the recipient's ability to identify and respond to phishing e-mails as training progressed. In addition, we analyzed the changes in participants' response behavior when changing the external control condition between the training. As a result of the analysis, it was confirmed that the training duration had a positive (+) relationship with the employees' ability to identify phishing e-mails and the infection rate, and more employees read emails and infected with phishing attacks using social issues and seasonal events. It was also confirmed that reinforcement of internal control policy on infected persons affects positively (+) on the phishing attack response behavior of employees. Based on these results, we would like to suggest the right training method for each organization to enhance the ability of employees to cope with phishing attacks.

• Proceedings of the Korea Information Processing Society Conference
• /
• 2021.11a
• /
• pp.297-299
• /
• 2021

Text classification is one of the popular tasks in Natural Language Processing (NLP) used to classify text or document applications such as sentiment analysis and email filtering. Nowadays, state-of-the-art (SOTA) Machine Learning (ML) and Deep Learning (DL) algorithms are the core engine used to perform these classification tasks with high accuracy, and they show satisfying results. This paper conducts a benchmarking performance's analysis of multiple SOTA algorithms on the first known labeled Korean voice phishing dataset called KorCCVi. Experimental results reveal performed on a test set of 366 samples reveal which algorithm performs the best considering the training time and metrics such as accuracy and F1 score.

• Journal of Korea Society of Digital Industry and Information Management
• /
• v.4 no.3
• /
• pp.45-53
• /
• 2008

As internet is wide spread, the number of internet service provider is increased. Internet service providers gather the personnel information with inhabitants registration identification number for the user management and the adult authentication. The personnel information is spreaded thorough the Internet by the system hacking, mismanagement and malicious resale. And the personnel information is used for spam email, phishing scams, etc. by malicious others. So the Ministry of Information and Communication Republic of Korea developments I-PIN system of the personnel identification. But, I-PIN has some problem the guideline for it and the method of 5 I-PIN services. In this paper, we analyze the problem about the guideline for I-PIN and the method of 5 I-PIN services. And we propose the countermeasure about the problem.

• KSII Transactions on Internet and Information Systems (TIIS)
• /
• v.18 no.3
• /
• pp.704-719
• /
• 2024

Botnet pandemics are becoming more prevalent with the growing use of mobile phone technologies. Mobile phone technologies provide a wide range of applications, including entertainment, commerce, education, and finance. In addition, botnet refers to the collection of compromised devices managed by a botmaster and engaging with each other via a command server to initiate an attack including phishing email, ad-click fraud, blockchain, and much more. As the number of botnet attacks rises, detecting harmful activities is becoming more challenging in handheld devices. Therefore, it is crucial to evaluate mobile botnet assaults to find the security vulnerabilities that occur through coordinated command servers causing major financial and ethical harm. For this purpose, we propose a hybrid analysis approach that integrates permissions and API and experiments on the machine-learning classifiers to detect mobile botnet applications. In this paper, the experiment employed benign, botnet, and malware applications for validation of the performance and accuracy of classifiers. The results conclude that a classifier model based on a simple decision tree obtained 99% accuracy with a low 0.003 false-positive rate than other machine learning classifiers for botnet applications detection. As an outcome of this paper, a hybrid approach enhances the accuracy of mobile botnet detection as compared to static and dynamic features when both are taken separately.