Real-time Intelligent Detection System Designs for Web Phishing Attacks
| dc.contributor.advisor | Xiao, Yang | |
| dc.contributor.author | Asiri, Sultan | |
| dc.date.accessioned | 2024-05-12T06:36:04Z | |
| dc.date.available | 2024-05-12T06:36:04Z | |
| dc.date.issued | 2024-03-27 | |
| dc.description.abstract | Phishing attacks are still a growing concern for many individuals and organizations worldwide. They steal user credentials and serve as a gateway for approximately 90\% of cybersecurity breaches. Therefore, it has become an important issue that needs to be solved. Most organizations worldwide train humans to avoid being a target of phishing attacks; however, even an expert can be a victim of this kind of attack due to the similarity between benign and phishing web pages. In this dissertation, we first study the current state-of-the-art methods for detecting phishing attacks and highlight the limitations of existing detection approaches. Second, we introduce PhishingRTDS, a system that protects users from different phishing attacks and defends them against accidentally opening malicious URLs. The system isolates the suspected webpage to protect users' local systems from downloading malicious software. Then, we collect all URLs embedded in the webpage and use a deep learning (DL) model to classify each URL independently. These classifications are used to determine whether a webpage is phishing or benign. Third, we introduce PhishTransformer, a deep-learning model that analyzes URLs and page content by detecting phishing attacks. We propose using only embedded URLs, such as hyperlinks and JFrames, to train PhishTransformer. This reduces the need to extract page content features, improving training efficiency. PhishTransformer combines convolutional neural networks and transformer encoders to extract features from website URLs and page content. These features train a classifier to differentiate phishing attacks from legitimate websites. Our findings suggest that PhishTransformer is a promising approach to phishing detection. Fourth, we introduce a method to enhance a detection system by integrating human feedback, which is necessary due to the rising complexity of phishing attacks. Attackers constantly evolve new methods, like hiding malicious links within seemingly legitimate web pages. Static detection systems are insufficient, leaving users vulnerable. Thus, we propose a human-in-the-loop deep learning active system. Initially employing PhishTransformer, we gather test data via a browser extension, continually updating the model and evaluating performance metrics. Our approach produces approximately a 5\% enhancement across all metrics compared to the base model by Version 3. | |
| dc.format.extent | 156 | |
| dc.identifier.uri | https://hdl.handle.net/20.500.14154/71995 | |
| dc.language.iso | en_US | |
| dc.publisher | The University of Alabama | |
| dc.subject | Deep Learning | |
| dc.subject | Phishing Attacks | |
| dc.subject | Browser in the browser attacks | |
| dc.subject | Real-time | |
| dc.subject | Detection Systems | |
| dc.subject | Tiny Uniform Resource Locators | |
| dc.subject | Cybersecurity | |
| dc.title | Real-time Intelligent Detection System Designs for Web Phishing Attacks | |
| dc.type | Thesis | |
| sdl.degree.department | Computer Science | |
| sdl.degree.discipline | Artificial Intelligence and Cybersecurity | |
| sdl.degree.grantor | The University of Alabama | |
| sdl.degree.name | Doctor of Philosophy |