Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Filters

2019 - 201912020 - 20252

Settings

Author: search.filters.author.Rao, R.S.Subject: search.filters.subject.Malware

Search Results

Now showing 1 - 3 of 3
  • No Thumbnail Available
    Item
    PhishDump: A multi-model ensemble based technique for the detection of phishing sites in mobile devices
    (Elsevier B.V., 2019) Rao, R.S.; Vaishnavi, T.; Pais, A.R.
    Phishing is a technique in which the attackers trick the online users to reveal the sensitive information by creating the phishing sites which look similar to that of legitimate sites. There exist many techniques to detect phishing sites in desktop computers. In recent years, the number of mobile users accessing the web has increased which lead to a rise in the number of attacks in mobile devices. Existing techniques designed for desktop computers may not be suitable for mobile devices due to their hardware limitations such as RAM, Screen size, low computational power etc. In this paper, we propose a mobile application named PhishDump to classify the legitimate and phishing websites in mobile devices. PhishDump is based on the multi-model ensemble of Long Short Term Memory (LSTM) and Support Vector Machine (SVM) classifier. As PhishDump focuses on the extraction of features from URL, it has several advantages over existing works such as fast computation, language independence and robust to accidental download of malwares. From the experimental analysis, we observed that our proposed multi-model ensemble outperformed traditional LSTM character and word-level models. PhishDump performed better than the existing baseline models with an accuracy of 97.30% on our dataset and 98.50% on the benchmark dataset. © 2019 Elsevier B.V.
  • No Thumbnail Available
    Item
    Enhanced Malicious Traffic Detection in Encrypted Communication Using TLS Features and a Multi-class Classifier Ensemble
    (Springer, 2024) Kondaiah, C.; Pais, A.R.; Rao, R.S.
    The use of encryption for network communication leads to a significant challenge in identifying malicious traffic. The existing malicious traffic detection techniques fail to identify malicious traffic from the encrypted traffic without decryption. The current research focuses on feature extraction and malicious traffic classification from the encrypted network traffic without decryption. In this paper, we propose an ensemble model using Deep Learning (DL), Machine Learning (ML), and self-attention-based methods. Also, we propose novel TLS features extracted from the network and perform experimentation on the ensemble model. The experimental results demonstrated that the ML-based (RF, LGBM, XGB) ensemble model achieved a significant accuracy of 94.85% whereas the other ensemble model using RF, LSTM, and Bi-LSTM with self-attention technique achieved an accuracy of 96.71%. To evaluate the efficacy of our proposed models, we curated datasets encompassing both phishing, legitimate and malware websites, leveraging features extracted from TLS 1.2 and 1.3 traffic without decryption. © The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2024.
  • No Thumbnail Available
    Item
    TrackPhish: A Multi-Embedding Attention-Enhanced 1D CNN Model for Phishing URL Detection
    (Institute of Electrical and Electronics Engineers Inc., 2025) Kondaiah, C.; Pais, A.R.; Rao, R.S.
    Phishing attacks are a growing threat to online security, with increasingly sophisticated and frequent tactics. This rise in cyber threats underscores the need for advanced detection methods. While the Internet is crucial for modern communication and commerce, it also exposes users to risks such as phishing, spamming, malware, and performance degradation attacks. Among these, malicious URLs, commonly embedded in static links within emails and websites, are a significant challenge in identifying and mitigating these attacks. This study proposes TrackPhish, a novel lightweight application that predicts URL legitimacy without visiting the associated website. The proposed model combines traditional word embeddings (Word2Vec, FastText, GloVe) with transformer models (BERT, RoBERTa, GPT-2) to create a comprehensive feature set fed into a Deep Learning (DL) model for detecting phishing URLs. The integration of these embeddings captures semantic relationships and contextual understanding of the text, generating a robust feature set enhanced by an attention mechanism to choose relevant features. The refined features are then used to train a One-Dimensional Convolutional Neural Network (1D CNN) model for phishing URL detection. The proposed model offers key advantages over existing methods, including independence from third-party features, adaptability for client-side deployment, and target-independent detection. Experimental results demonstrate the model’s effectiveness, achieving 95.41% accuracy with a low false positive rate of 1.44% on our dataset and an impressive 98.55% accuracy on benchmark datasets, outperforming existing baseline models. The proposed model represents a significant advancement over traditional methods, enhancing online security against phishing URLs. © 2005-2012 IEEE.