Saudi Cultural Missions Theses & Dissertations
Permanent URI for this communityhttps://drepo.sdl.edu.sa/handle/20.500.14154/10
Browse
4 results
Search Results
Item Restricted Assessing and Addressing Social Engineering Attacks(Saudi Digital Library, 2025-06-17) Aljabri, Abdulrahman Jubran H; Alyamani, AbdulghaniIn recent years, phishing scams have become one of the most common methods used to target individuals, affecting millions of users globally every year. Cybercriminals now use multiple platforms such as social media, text messages, emails, and voice calls to target victims. Thus, Attackers play on emotions like fear, urgency, or curiosity to pressure people into acting quickly without thinking. This study looked at why people fall for these scams. By surveying 123 participants, we discovered gaps in how people spot phishing attempts and what makes some more vulnerable than others. The outcomes provide evidence-based recommendations for mitigating phishing threats, equipping institutions and governance bodies with recommendations to enhance public resilience against phishing attacks.6 0Item Restricted Comparative Analysis of User Responses to Phishing: Emails vs Mobile Instant Messaging Apps(University of the West of England, 2024-06-20) Alqahtani, Mohammed; Gorine, AdamAs phishing gets more sophisticated and multiple tactics are employed across various communication mediums, analysing users’ responses becomes increasingly essential. The extensive literature review indicates that most studies focus on a single medium across different communication platforms, necessitating additional effort. This research paper compares users’ responses to phishing attacks via two major communication platforms: Email and Mobile Instant Messaging (MIM) Apps. Understanding how users recognise and respond to phishing incidents is crucial for improving cybersecurity measures. A structured survey was conducted to investigate multiple dimensions of user interaction with phishing, such as self-reported confidence in phishing identification, frequency of phishing experiences, reliance on specific features for identification, and actions taken in response to suspected phishing attempts. The results reveal several key insights: 1) the study identifies the demographics of users most vulnerable to phishing attacks; 2) it highlights the similarities and differences in what prevents phishing messages from targeting the inbox and app interception; The study also offers recommendations to enhance users’ willingness and capability to withstand phishing attacks, including targeted educational campaigns, more convenient reporting options, and changes in the design of digital communication platforms.50 0Item Restricted Real-time Intelligent Detection System Designs for Web Phishing Attacks(The University of Alabama, 2024-03-27) Asiri, Sultan; Xiao, YangPhishing attacks are still a growing concern for many individuals and organizations worldwide. They steal user credentials and serve as a gateway for approximately 90\% of cybersecurity breaches. Therefore, it has become an important issue that needs to be solved. Most organizations worldwide train humans to avoid being a target of phishing attacks; however, even an expert can be a victim of this kind of attack due to the similarity between benign and phishing web pages. In this dissertation, we first study the current state-of-the-art methods for detecting phishing attacks and highlight the limitations of existing detection approaches. Second, we introduce PhishingRTDS, a system that protects users from different phishing attacks and defends them against accidentally opening malicious URLs. The system isolates the suspected webpage to protect users' local systems from downloading malicious software. Then, we collect all URLs embedded in the webpage and use a deep learning (DL) model to classify each URL independently. These classifications are used to determine whether a webpage is phishing or benign. Third, we introduce PhishTransformer, a deep-learning model that analyzes URLs and page content by detecting phishing attacks. We propose using only embedded URLs, such as hyperlinks and JFrames, to train PhishTransformer. This reduces the need to extract page content features, improving training efficiency. PhishTransformer combines convolutional neural networks and transformer encoders to extract features from website URLs and page content. These features train a classifier to differentiate phishing attacks from legitimate websites. Our findings suggest that PhishTransformer is a promising approach to phishing detection. Fourth, we introduce a method to enhance a detection system by integrating human feedback, which is necessary due to the rising complexity of phishing attacks. Attackers constantly evolve new methods, like hiding malicious links within seemingly legitimate web pages. Static detection systems are insufficient, leaving users vulnerable. Thus, we propose a human-in-the-loop deep learning active system. Initially employing PhishTransformer, we gather test data via a browser extension, continually updating the model and evaluating performance metrics. Our approach produces approximately a 5\% enhancement across all metrics compared to the base model by Version 3.46 0Item Restricted Improving Security in Web Browsing through WebCompass(Fairfield University, 2024-01-17) Alzhrany, Yasr; Almalki, Abdulaziz; Speretta, MircoThe world of online security is full of challenges. The greater the reliance on the Internet, the higher the risk. Every day, users fall prey to phishing attacks, caused by weak defense software, etc. Among these threats, one of the most successful ones is based on spam and phishing emails that lure users to click on links (i.e. URLs) that can capture or expose sensitive information. At the same time, the proliferation of Websites containing vulnerabilities is an open invitation for these cyber-attacks. This underscores the urgent need to address the complexity of phishing techniques and fortify Websites against potential threats to mitigate the risks users face in the digital landscape. This study aims to develop a Chrome extension that focuses on improving the security of users while browsing the Web. We have developed and studied the effectiveness of WebCompass, which is an extension for the Chrome browser that attempts to address the challenge of security on the Internet by, of the Web site currently browsed by the user analyzing in real time both the technology used on the page and the reputation of the page. This combination of indicators is a new and unique approach for detecting and mitigating cybersecurity risks.83 0