Faculty Publications

Permanent URI for this communityhttps://idr.nitk.ac.in/handle/123456789/18736

Publications by NITK Faculty

Browse

Filters

2020 - 20255

Settings

Subject: search.filters.subject.Phishing detections

Search Results

Now showing 1 - 5 of 5
  • No Thumbnail Available
    Item
    Efficient deep learning techniques for the detection of phishing websites
    (Springer, 2020) Somesha, M.; Pais, A.R.; Rao, R.S.; Rathour, V.S.
    Phishing is a fraudulent practice and a form of cyber-attack designed and executed with the sole purpose of gathering sensitive information by masquerading the genuine websites. Phishers fool users by replicating the original and genuine contents to reveal personal information such as security number, credit card number, password, etc. There are many anti-phishing techniques such as blacklist- or whitelist-, heuristic-feature- and visual-similarity-based methods proposed as of today. Modern browsers adapt to reduce the chances of users getting trapped into a vicious agenda, but still users fall as prey to phishers and end up revealing their secret information. In a previous work, the authors proposed a machine learning approach based on heuristic features for phishing website detection and achieved an accuracy of 99.5% using 18 features. In this paper, we have proposed novel phishing URL detection models using (a) Deep Neural Network (DNN), (b) Long Short-Term Memory (LSTM) and (c) Convolution Neural Network (CNN) using only 10 features of our earlier work. The proposed technique achieves an accuracy of 99.52% for DNN, 99.57% for LSTM and 99.43% for CNN. The proposed techniques utilize only one third-party service feature, thus making it more robust to failure and increases the speed of phishing detection. © 2020, Indian Academy of Sciences.
  • No Thumbnail Available
    Item
    Classification of Phishing Email Using Word Embedding and Machine Learning Techniques
    (River Publishers, 2022) Somesha, M.; Pais, A.R.
    Email phishing is a cyber-attack, bringing substantial financial damage to corporate and commercial organizations. A phishing email is a special type of spamming, used to trick the user to disclose personal information to access his digital assets. Phishing attack is generally triggered by emailing links to spoofed websites that collect sensitive information. The APWG survey suggests that the existing countermeasures remain ineffective and insufficient for detecting phishing attacks. Hence there is a need for an efficient mechanism to detect phishing emails to provide better security against such attacks to the common user. The existing open-source data sets are limited in diversity, hence they do not capture the real picture of the attack. Hence there is a need for real-time input data set to design accurate email anti-phishing solutions. In the current work, it has been created a real-time in-house corpus of phishing and legitimate emails and proposed efficient techniques to detect phishing emails using a word embedding and machine learning algorithms. The proposed system uses only four email header-based heuristics for the classification of emails. The proposed word embedding cum machine learning framework comprises six word embedding techniques with five machine learning classifiers to evaluate the best performing combination. Among all six combinations, Random Forest consistently performed the best with FastText (CBOW) by achieving an accuracy of 99.50% with a false positive rate of 0.053%, TF-IDF achieved an accuracy of 99.39% with a false positive rate of 0.4% and Count Vectorizer achieved an accuracy of 99.18% with a false positive rate of 0.98% respectively for three datasets used. © 2022 River Publishers.
  • No Thumbnail Available
    Item
    DeepEPhishNet: a deep learning framework for email phishing detection using word embedding algorithms
    (Springer, 2024) Somesha, M.; Pais, A.R.
    Email phishing is a social engineering scheme that uses spoofed emails intended to trick the user into disclosing legitimate business and personal credentials. Many phishing email detection techniques exist based on machine learning, deep learning, and word embedding. In this paper, we propose a new technique for the detection of phishing emails using word embedding (Word2Vec, FastText, and TF-IDF) and deep learning techniques (DNN and BiLSTM network). Our proposed technique makes use of only four header based (From, Returnpath, Subject, Message-ID) features of the emails for the email classification. We applied several word embeddings for the evaluation of our models. From the experimental evaluation, we observed that the DNN model with FastText-SkipGram achieved an accuracy of 99.52% and BiLSTM model with FastText-SkipGram achieved an accuracy of 99.42%. Among these two techniques, DNN outperformed BiLSTM using the same word embedding (FastText-SkipGram) techniques with an accuracy of 99.52%. © Indian Academy of Sciences 2024.
  • No Thumbnail Available
    Item
    An ensemble learning approach for detecting phishing URLs in encrypted TLS traffic
    (Springer, 2024) Kondaiah, C.; Pais, A.R.; Rao, R.S.
    Phishing is a fraudulent method used by hackers to acquire confidential data from victims, including security passwords, bank account details, debit card data, and other sensitive data. Owing to the increase in internet users, the corresponding network attacks have also grown over the last decade. Existing phishing detection methods are implemented for the application layer and are not effectively adapted to the transport layer. In this paper, we propose a novel phishing detection method that extends beyond traditional approaches by utilizing a multi-model ensemble of deep neural networks, long short term memory, and Random Forest classifiers. Our approach is distinguished by its unique feature extraction from transport layer security (TLS) 1.2 and 1.3 network traffic and the application of advanced deep learning algorithms to enhance phishing detection capabilities. To assess the effectiveness of our model, we curated datasets that include both phishing and legitimate websites, using features derived from TLS 1.2 and 1.3 traffic. The experimental results show that our proposed model achieved a classification accuracy of 99.61%, a precision of 99.80%, and a Matthews Correlation Coefficient of 99.22% on an in-house dataset. Our model excels at detecting phishing Uniform Resource Locator at the transport layer without data decryption. It is designed to block phishing attacks at the network gateway or firewall level. © The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2024.
  • No Thumbnail Available
    Item
    GraPhish: A graph-based approach for phishing detection from encrypted TLS traffic
    (Elsevier Ltd, 2025) Manguli, K.; Kondaiah, C.; Pais, A.R.; Rao, R.S.
    Phishing has increased substantially over the last few years, with cybercriminals deceiving users via spurious websites or confusing mails to steal confidential data like username and password. Even with browser-integrated security indicators like HTTPS prefixes and padlock symbols, new phishing strategies have circumvented these security features. This paper proposes GraPhish, a novel graph-based phishing detection framework that leverages encrypted TLS traffic features. We constructed an in-house dataset and proposed an effective method for graph generation based solely on TLS-based features. Our model performs better than traditional machine learning algorithms. GraPhish achieved an accuracy of 94.82%, a precision of 96.28%, a recall of 92.11%, and an improved AUC-ROC score of 98.29%. © 2025 Elsevier Ltd