Saudi Cultural Missions Theses & Dissertations

Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10

Browse

Filters

2023 - 20244

Settings

Subject: search.filters.subject.Phishing

Search Results

Now showing 1 - 4 of 4
  • No Thumbnail Available
    ItemRestricted
    Detecting LLM Generated Phishing Emails Using Machine Learning: A Multi-Classification Approach And A Comprehensive Evaluation
    (University of Birmingham, 2024-09) Alharthi, Alanoud; Andriotis, Panagiotis
    Phishing is a significant cybersecurity threat that targets organisations as well as individuals. The aim of this project is to provide a comprehensive machine learning model that can accurately detect LLM generated phishing with high accuracy from a dataset of four different classes of emails: LLM phishing, LLM non-phishing, Human phishing and Human non-phishing. This balanced and diverse dataset of 4000 emails acts as a real-world representation of the different types of emails that are sent daily that include different distinct features, allowing for an accurate feature differentiation from the classes of the dataset. The five machine learning algorithms that were used for this research are: Decision Tree, Support Vector Machine (SVM), Random Forest, Gradient Boost and K-Nearest Neighbours (KNN). These algorithms were tuned to evaluate the performance of the models after hyperparameter tuning. The highest accuracy achieved from the model before tuning was the SVM with an accuracy of 97.3%. The subsequent highly accurate models are Random Forest of 96.9%, KNN of 96.8% and Gradient Boosting of 96.7%. The model that achieved the lowest accuracy was Decision Tree, achieving an accuracy of 90.7%. Hyperparameter tuning was applied to models and the performance was re-evaluated to investigate if hyperparameter tuning enhanced the performance of the models. Other metrics such as precision, recall and F1-score were also measured. The developed and trained models were then integrated with a web page developed using streamlit for a user-friendly interface for the classifications of the emails. Overall, this research aims to provide a framework for detecting LLM phishing emails. The results of this research signify that with the correct methodologies, we can enhance the detection of LLM generated phishing, contributing to robust defences against emerging cyber threats.
    15 0
  • No Thumbnail Available
    ItemRestricted
    Measuring the Effectiveness of Popular Communication Platforms in Phishing Education
    (Newcastle University, 2024-09) Jari, Mousa; Ibrahim, Rasha
    The widespread occurrence of phishing threats in the digital realm emphasises the necessity of understanding how end-users perceive these risks and how to effectively deliver anti-phishing education. This research focuses on the comparative analysis of communication platforms as training mediums and explores the emotional impact of phishing on end-users. The thesis examines the effectiveness of anti-phishing training delivered through widely used communication channels: WhatsApp, SMS, and emails. It explores how various training methods impact end-users’ perception, detection capabilities, phishing knowledge, and emotions when dealing with phishing attempts. The thesis presents a study capturing expert opinions on end-user security behaviours and perceptions. Subsequently, it investigates end-users’ perspectives on security threats and coping strategies. The core of the thesis lies in a comparative study investigating the effectiveness of anti-phishing training delivered through different communication platforms (SMS, email, and WhatsApp) and a control group. The analysis reveals that WhatsApp-based training significantly improves phishing detection capabilities compared to other platforms, enhancing knowledge about phishing and improving the detection of both phishing and non-phishing attempts across various mediums. The thesis further explores perceptual, behavioural, and emotional changes experienced by participants, highlighting differences between the WhatsApp group and the other groups in adopting protective technologies, spotting techniques, and emotional responses. Furthermore, the research uncovered the influence of demographic factors on training outcomes. Specifically, it was found that individuals over the age of 24, females, and non-native English speakers exhibited the most significant improvements in phishing detection abilities after receiving the training. This systematic analysis of phishing training approaches bridges the gap between theoretical insights and practical applications, providing valuable insights for both academia and industry. The findings emphasise WhatsApp’s potential as an effective channel for anti-phishing training and underscore the importance of considering the emotional impact of phishing on end-users. The insights gleaned from this work can inform the development of more targeted and effective strategies for combating phishing threats, ultimately contributing to a safer digital environment.
    17 0
  • Thumbnail Image
    ItemRestricted
    Network Intrusion Detection Against Advanced Persistent Threats
    (Imperial College London, 2024-03-11) Alageel, Almuthanna; Maffeis, Sergio
    The thesis explores the challenges of detecting Advanced Persistent Threats (APTs) due to their complex nature and low occurrence. The study focuses on network intrusion detection and analyzes 33 APT campaigns spanning the past 22 years. It finds that 81% of APT campaigns use HTTP(S) for evasion techniques, while 45% utilize the DNS protocol for resolution and tunnelling. By analyzing data from 63 APT campaigns over 13 years, we propose HawkEye, a system that achieves an accuracy of 98.53%, a macro average F1-score of 90.38%, and a low false positive rate (FPR) of 0.48% against unseen APT campaigns. In comparison, the baseline achieves lower performance, with accuracy, F1-score, and FPR values of 96.95%, 76.81%, and 0.68%, respectively. The thesis also examines the TTPs used by APTs employing HTTP(S) protocols and introduces EarlyCrow, which achieves a headline macro average F1-score of 93.72%, an accuracy of 98.11%, and an FPR of 0.74% against unseen APTs. On the other hand, the state of the art achieves a 60.29% F1-score with no false positive rates. Additionally, we present NightVision, which extracts information from network traffic using statistical digital signal processing techniques. NightVision achieves an average F1-score of 80.09%, an accuracy rate of 97.71%, and a low FPR of 0.25%. In comparison, the state of the art baseline performs at 67.61% F1-score, 95.82% accuracy, and 1.61% FPR, respectively. We recommend using the proposed tools in conjunction with Host Intrusion Detection Systems (HIDS) to enhance overall security defences against APTs. By combining HawkEye, EarlyCrow, and NightVision, the approach aims to provide a comprehensive and effective defence mechanism.
    31 0
  • Thumbnail Image
    ItemRestricted
    Educate employees working in critical departments of public and private establishments in Saudi Arabia about cyber security
    (Saudi Digital Library, 2023-10-03) ALluqmani, Ammar; Setzer, Anton
    This project sought to enhance cybersecurity awareness among employees working for various government and private sector organizations through an interactive web-based application. Centered on supporting immediate learning, the platform offers educational materials, quizzes, and up-to-date news, and users are required to complete a quiz upon login. If users answer incorrectly, they are redirected to pertinent resources to promote continuous learning. An emergency login bypass is provided once monthly, and stringent security measures, such as robust password policies and two-factor authentication, are instituted. The backend utilizes PHP Laravel, chosen for its swift development capabilities, structured file organization, and extensive community support benefits. Additionally, Laravel’s Jetstream and Livewire frameworks expedite built-in component integration and authentication. The frontend leverages Tailwind CSS for flexibility. After designing the website, the platform was evaluated by critical department workers in the Saudi Arabian public sector via a survey. The platform received predominantly positive feedback, which negated the need for further alterations. Through using such platform, employees will refine their knowledge about cybersecurity threats which is necessary to save various important governmental departments and private establishments from online threats
    30 0

Copyright owned by the Saudi Digital Library (SDL) © 2025