Security alert framework using dynamic tweet-based features for phishing detection on twitter
Phishing is a form of social engineering crime that deceives victims by directing them to a fake website where their personal credentials are collected eventually for further unlawful activities. Traditionally, phishing attacks target email, but now they have reached to Online Social Networks (OS...
Saved in:
| Main Author: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
2019
|
| Subjects: | |
| Online Access: | http://psasir.upm.edu.my/id/eprint/84548/1/FSKTM%202019%2044%20ir.pdf http://psasir.upm.edu.my/id/eprint/84548/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.upm.eprints.84548 |
|---|---|
| record_format |
eprints |
| spelling |
my.upm.eprints.845482021-12-31T08:25:56Z http://psasir.upm.edu.my/id/eprint/84548/ Security alert framework using dynamic tweet-based features for phishing detection on twitter Liew, Seow Wooi Phishing is a form of social engineering crime that deceives victims by directing them to a fake website where their personal credentials are collected eventually for further unlawful activities. Traditionally, phishing attacks target email, but now they have reached to Online Social Networks (OSNs) like Twitter. The challenging differences between the phishing attacks on email and Twitter are that Twitter disseminates vast information and is difficult to be detected unlike email. Many phishing detection methods, ranging from blacklists, heuristics and visual similarity to machine learning are used to detect phishing attacks for spam emails, machine learning approaches achieve the best phishing email detection results. However, it is observed that there are only a few machine learning solutions to detect phishing attacks on OSNs are being proposed and implemented. Phishing detection method of machine learning has been used to classify tweets on Twitter but the number of classification features used and the one achieving the highest phishing tweet detection accuracy of 94.56% (Random Forest) is still considered high. In addition, many phishing tweet detection researchers included tweet-based features to train the classification model for detection but such an approach could decrease the accuracy of detection systems as claimed by spam detection researchers. On another note, the efficiency of response time to alert users on Twitter is an important factor as well. However, the maximum response time achieved by the existing solutions is still considered high and the one claimed achieving the lowest maximum response time of 0.501 seconds is deemed inadequate. The above mentioned problems are the motivation of this research; where it is vital to propose a security alert framework using dynamic tweet-based features for phishing detection on Twitter. This framework is divided into three phases which are classification model of phishing detection, detection algorithm of phishing tweet detection and security alert mechanism of phishing tweet detection. The best phishing classification features and machine learning technique are identified in order to produce and generate a classification model. This model is then embedded into the detection algorithm together with the inclusion of dynamic tweet-based features which are not as part of the features used to train a classification model for phishing tweet detection. Subsequently, the security alert mechanism is formulated by integrating with the detection algorithm to alert Twitter users. The overall result significantly indicates that a novel security alert framework using dynamic tweet-based features for phishing detection on Twitter has been formulated. In addition, the result proved that the phishing detection accuracy has been improved to 94.75% with a reduced number of phishing classification features (11), phishing tweet detection accuracy on Twitter has been enhanced with the inclusion of dynamic tweet-based features as add-on filtering features (achieving 95.83% accuracy) and phishing tweet detection efficiency has been improved (with faster response time of 0.425 seconds). As a conclusion, this security alert framework has achieved its objective, is the only framework that provides phishing tweet detection security alert to prompt Twitter users to the best of our knowledge. 2019-05 Thesis NonPeerReviewed text en http://psasir.upm.edu.my/id/eprint/84548/1/FSKTM%202019%2044%20ir.pdf Liew, Seow Wooi (2019) Security alert framework using dynamic tweet-based features for phishing detection on twitter. Doctoral thesis, Universiti Putra Malaysia. Computer security Computer crimes Phishing |
| institution |
Universiti Putra Malaysia |
| building |
UPM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Putra Malaysia |
| content_source |
UPM Institutional Repository |
| url_provider |
http://psasir.upm.edu.my/ |
| language |
English |
| topic |
Computer security Computer crimes Phishing |
| spellingShingle |
Computer security Computer crimes Phishing Liew, Seow Wooi Security alert framework using dynamic tweet-based features for phishing detection on twitter |
| description |
Phishing is a form of social engineering crime that deceives victims by directing them
to a fake website where their personal credentials are collected eventually for further
unlawful activities. Traditionally, phishing attacks target email, but now they have
reached to Online Social Networks (OSNs) like Twitter. The challenging differences
between the phishing attacks on email and Twitter are that Twitter disseminates vast
information and is difficult to be detected unlike email. Many phishing detection
methods, ranging from blacklists, heuristics and visual similarity to machine learning
are used to detect phishing attacks for spam emails, machine learning approaches
achieve the best phishing email detection results. However, it is observed that there
are only a few machine learning solutions to detect phishing attacks on OSNs are being
proposed and implemented. Phishing detection method of machine learning has been
used to classify tweets on Twitter but the number of classification features used and
the one achieving the highest phishing tweet detection accuracy of 94.56% (Random
Forest) is still considered high. In addition, many phishing tweet detection researchers
included tweet-based features to train the classification model for detection but such
an approach could decrease the accuracy of detection systems as claimed by spam
detection researchers. On another note, the efficiency of response time to alert users
on Twitter is an important factor as well. However, the maximum response time
achieved by the existing solutions is still considered high and the one claimed
achieving the lowest maximum response time of 0.501 seconds is deemed inadequate.
The above mentioned problems are the motivation of this research; where it is vital to
propose a security alert framework using dynamic tweet-based features for phishing
detection on Twitter. This framework is divided into three phases which are
classification model of phishing detection, detection algorithm of phishing tweet
detection and security alert mechanism of phishing tweet detection. The best phishing
classification features and machine learning technique are identified in order to produce and generate a classification model. This model is then embedded into the
detection algorithm together with the inclusion of dynamic tweet-based features which
are not as part of the features used to train a classification model for phishing tweet
detection. Subsequently, the security alert mechanism is formulated by integrating
with the detection algorithm to alert Twitter users.
The overall result significantly indicates that a novel security alert framework
using dynamic tweet-based features for phishing detection on Twitter has been
formulated. In addition, the result proved that the phishing detection accuracy has been
improved to 94.75% with a reduced number of phishing classification features (11),
phishing tweet detection accuracy on Twitter has been enhanced with the inclusion of
dynamic tweet-based features as add-on filtering features (achieving 95.83%
accuracy) and phishing tweet detection efficiency has been improved (with faster
response time of 0.425 seconds). As a conclusion, this security alert framework has
achieved its objective, is the only framework that provides phishing tweet detection
security alert to prompt Twitter users to the best of our knowledge. |
| format |
Thesis |
| author |
Liew, Seow Wooi |
| author_facet |
Liew, Seow Wooi |
| author_sort |
Liew, Seow Wooi |
| title |
Security alert framework using dynamic tweet-based features for phishing detection on twitter |
| title_short |
Security alert framework using dynamic tweet-based features for phishing detection on twitter |
| title_full |
Security alert framework using dynamic tweet-based features for phishing detection on twitter |
| title_fullStr |
Security alert framework using dynamic tweet-based features for phishing detection on twitter |
| title_full_unstemmed |
Security alert framework using dynamic tweet-based features for phishing detection on twitter |
| title_sort |
security alert framework using dynamic tweet-based features for phishing detection on twitter |
| publishDate |
2019 |
| url |
http://psasir.upm.edu.my/id/eprint/84548/1/FSKTM%202019%2044%20ir.pdf http://psasir.upm.edu.my/id/eprint/84548/ |
| _version_ |
1724075441664294912 |
| score |
13.18916 |