Cross-Platform Phishing Detection: Applying Unified Models across Email and Web

By: Mosiur Rahaman, International Center for AI and Cyber Security Research and Innovations, Asia University, Taiwan

Abstract:

Phishing attacks are still a big problem in the digital world. They will target both email and the web. Within this study, we look at how unified models can be used to find phishing emails on multiple platforms, with the goal of offering complete protection against these threats. Utilizing machine learning and deep learning techniques, we suggest a method that works the same way in both email and web settings. A unified method improves the accuracy of detection and makes it easier to keep up with multiple systems for various platforms. As cybercriminals’ methods change, our made-up method shows how a cohesive approach could lead to better security measures.

Keywords: Phishing Detection, Machine Learning, Cybercriminals

Introduction:

Phishing attacks use human susceptibilities and technical flaws to trick users into revealing confidential information. Historically, phishing detection systems have been created and implemented independently for email and web platforms. Nevertheless, this segmentation frequently results in inefficiencies and inconsistencies in the levels of protection. To effectively address the increasing complexity of phishing attempts, it is imperative to adopt a more holistic approach that guarantees full protection.

Implementing unified models for cross-platform phishing detection offers the potential to simplify the detection process and strengthen the effectiveness of countermeasures. By employing common characteristics and harnessing sophisticated machine learning methods, it is feasible to develop a unified detection framework. This study presents a theoretical approach for implementing unified models, with a specific emphasis on combining detection algorithms for email and web platforms.

Table 1 highlights the key contributions and limitations of existing studies, illustrating the need for a unified approach to phishing detection that our research aims to address.

Table 1:Contributions and limitations of existing Studies

Study

Focus

Methodology

Key Features/Techniques

Limitation

Abawajy et al. (2021)

Email Phishing

Machine Learning

Textual features, URL analysis

Limited to email phishing

Ahmed et al. (2022)

Email Phishing

Feature-based approach

Email headers, hyperlinks, textual patterns

Focuses only on emails

Li et al. (2023)

Email Phishing

Deep Learning

Recurrent Neural Network (RNN) for sequential data analysis

Email-specific, no cross-platform consideration

Smith et al. (2021)

Web Phishing

URL-based classification

Lexical and host-based features

Isolated to web phishing

Jones et al. (2022)

Web Phishing

Content-based approach

HTML structure, JavaScript behaviour, visual similarities

Limited to web, lacks email integration

Zhao et al. (2023)

Web Phishing

Convolutional Neural Networks (CNNs)

Visual patterns in web page screenshots

Web-only focus

Patel et al. (2021)

Cross-Platform Phishing

Hybrid model combining email and web features

Decision tree classifier

Rudimentary approach, lacks advanced techniques

Reddy and Srinivas (2022)

Cross-Platform Phishing

Ensemble learning

Combining models trained on email and web data

Basic integration, needs deep learning methods

Wang and Chen (2023)

Unified Phishing

Deep Learning framework using CNNs and LSTM networks

Feature extraction, adaptability across platforms

Initial exploration, further development needed

Proposed Method

Cross-Platform Phishing

Unified model using advanced ML and DL techniques

Feature extraction from both email and web, real-time deployment

Comprehensive integration across platforms

Analysis of overlapping for linking profiles across different platforms:

Relying just on usernames for matching profiles is not always a feasible strategy, as users frequently have distinct usernames due to name unavailability or a desire to remain anonymous. Thus, additional signs are required to authenticate that the user profile corresponds to the same individual. To ensure the accuracy of our findings, we conducted further analysis on the data points inside the profiles on the online social networks (OSNs) that can be used for profile matching. This analysis aimed to confirm that these data points indeed belong to the same people. To achieve this objective, we gathered several profiles from various social media platforms such as YouTube, Instagram, Facebook, and Twitter. Subsequently, we examined the distinct data points inside these accounts to categorize them into different classifications.

Advanced machine learning (ML) and deep learning (DL) methods are used in a single model to find phishing emails and websites. This makes both email and websites safer by using a comprehensive framework for detection. To find key phishing signs, this model starts by collecting data from both platforms. The data is then preprocessed and features are extracted. In order to spot phishing trends, this single dataset is used to train ML algorithms like Random Forest and SVM as well as DL models like CNNs and RNNs. The combined model is then put to use in real-time settings, where it continues to look for phishing attempts in emails and web traffic. There is a feedback loop for continuous growth, and performance is judged by things like recall and accuracy. For a strong defense against new phishing threats, this unified method not only makes detection more accurate but also makes system maintenance easier.

Conclusion:

It is possible to find phishing emails and websites using a single model that uses advanced machine learning and deep learning methods. This method improves detection accuracy, makes it easier to maintain separate systems, and provides strong defence against new phishing threats by combining different algorithms and using the best parts of ML and DL. That way, the model can adapt to new phishing techniques and keep working well over time thanks to the process of continuous growth.

References:

  1. Abawajy, J., Hassan, M. M., & Hossain, M. S. (2021). Email phishing detection using machine learning algorithms. Journal of Cyber Security, 8(2), 123-134.
  2. Ahmed, A. E., Mohsen, A. M., & Al-Ghobashy, H. A. (2022). A feature-based approach to email phishing detection. International Journal of Information Security, 21(3), 289-305.
  3. Li, Y., Wu, F., & Zhang, Y. (2023). Sequential data analysis for email phishing detection using RNN. IEEE Transactions on Information Forensics and Security, 18, 150-161.
  4. Smith, J., Johnson, R., & Lee, K. (2021). URL-based classification for web phishing detection. ACM Transactions on Internet Technology, 21(4), 45-58.
  5. Jones, M., Brown, D., & Taylor, P. (2022). Content-based web phishing detection. Journal of Web Security, 14(1), 23-39.
  6. Zhao, X., Wang, L., & Zhou, Y. (2023). Detecting phishing websites using CNNs. IEEE Access, 11, 56342-56353.
  7. Patel, K., Shah, S., & Mehta, P. (2021). Hybrid model for cross-platform phishing detection. Computers & Security, 104, 102-115.
  8. Reddy, K. S., & Srinivas, M. (2022). Ensemble learning for email and web phishing detection. Cybersecurity and Privacy, 1(2), 128-145.
  9. Wang, X., & Chen, H. (2023). Unified deep learning framework for phishing detection. Neural Networks, 152, 42-55.
  10. Vajrobol, V., et al. (2024). Mutual information based logistic regression for phishing URL detection. Cyber Security and Applications, 2, 100044.
  11. Gaurav, A., et al. (2024, January). Enhancing Email Security in Consumer Electronics with a Hybrid Deep Learning Approach. In 2024 IEEE International Conference on Consumer Electronics (ICCE) (pp. 1-5). IEEE.
  12. Abd El-Latif, et al. (Eds.). (2023). Artificial Intelligence for Biometrics and Cybersecurity: Technology and Applications. IET.

Cite As

Rahaman M. (2024) Cross-Platform Phishing Detection: Applying Unified Models across Email and Web, Insights2techinfo, pp.1

71250cookie-checkCross-Platform Phishing Detection: Applying Unified Models across Email and Web
Share this:

Leave a Reply

Your email address will not be published.