Phishing attacks are one of the most common social engineering attacks targeting users emails to fraudulently steal confidential and sensitive information. They can be used as a part of more massive attacks launched to gain a foothold in corporate or government networks. Over the last decade, a number of anti-phishing techniques have been proposed to detect and mitigate these attacks. However, they are still inefficient and inaccurate. Thus, there is a great need for efficient and accurate detection techniques to cope with these attacks. In this paper, we proposed a phishing attack detection technique based on machine learning. We collected and analyzed more than 4000 phishing emails targeting the email service of the University of North Dakota. We modeled these attacks by selecting 10 relevant features and building a large dataset. This dataset was used to train, validate, and test the machine learning algorithms. For performance evaluation, four metrics have been used, namely probability of detection, probability of miss-detection, probability of false alarm, and accuracy. The experimental results show that better detection can be achieved using an artificial neural network.
翻译:模拟攻击是针对用户电子邮件的最常见的社会工程攻击之一,目的是欺诈性地窃取机密和敏感信息。它们可以用作为在公司或政府网络中获得立足点而发动的更大规模攻击的一部分。在过去的十年中,提出了若干反钓鱼技术来探测和减轻这些攻击。但是,它们仍然效率低下和不准确。因此,非常需要高效和准确的探测技术来对付这些攻击。在本文中,我们提议了一种基于机器学习的钓鱼攻击探测技术。我们收集和分析了4000多封针对北达科他大学电子邮件服务的钓鱼电子邮件。我们通过选择10个相关特征和建立一个大型数据集来模拟这些攻击。这个数据集用来训练、验证和测试机器学习算法。在业绩评估中,使用了四个尺度,即探测概率、误差概率、误差概率和准确性。实验结果表明,使用人工神经网络可以实现更好的探测。