By: Achit Katiyar1
1 International Center for AI and Cyber Security Research and Innovations (CCRI), Asia University, Taiwan achitktr@gmail.com
Abstract: With a constant increase in phishing attacks, the world’s cybersecurity is at risk and needs new strategies to protect it. Traditional prevention techniques lack scalability and the ability to evolve from one level to another to match the complex sophistication of phishing schemes. In this paper, the authors focus on the use of a combination of the machine learning (ML) and blockchain concepts for improving the phishing detection solution. The integration of blockchain into the system as a decentralized platform that is resistant to changes on the one hand, and machine learning on the other hand as the means to recognize patterns, provides a great solution against phishing threats. This article provides an overview of prospects and drawbacks as well as possible uses of this integration to make the online range safer.
Introduction
Machine learning and blockchain technology appear to indicate a new field with potential to boost the fight against phishing in cybersecurity. Phishing attacks which are based on fake e-mails sent with the lure of deceiving end-users and get as much information as possible require new approaches for their identification. Decision Trees and Support Vector Machines have been found to be efficient in detecting phishing URLs based on characteristic of URLs like length and special characters [1], [2]. Also, new approaches such as adversarial domain adaptation used in the detection of phishing in different blockchains which helps to overcome problems resulting from new chain with low knowledge [3]. These combined benefits of machine learning and blockchain enhance the pleasant detection effectiveness while at the same time helping to achieve real-time responsiveness against these ever-evolving phishing threats [4].
However, to be precise, these technologies constitute a great improvement as compared to the security against phishing; yet, because phishing techniques are continually being updated and changed, then these technologies are less useful, thus requiring more laboratory investigations to deal with this challenge.
Machine Learning for Phishing Detection
Through this technique, phishing attack detection has been found to position serious threats to online security using machine learning. In addition, several experiments at the foregoing segment showcase how several forms of the machine learning algorithm and feature selection help improve the performance of the Phishing Detection System.
- Machine Learning Techniques:
- Algorithms Used: Some of the most widely used algorithms are Decision Trees, Random Forest, Support Vector machines, k-NN, among others. In the category of high accuracy and performance measures Extra Trees and Convolutional Neural Networks (CNN) have been rated to perform well [5], [6].
- Feature Engineering: The efficacy of phishing detection largely depends on the extraction of features such as URL, content and network features. New approaches such as genetic algorithms have been suggested to enhance feature selection and enhance the model and also mitigate overfitting [7], [8].
Thus, though the results of machine learning positively impact phishing detection, additional research should be pursued to counter new challenges and strengthen the system.
Blockchain Technology in Cybersecurity
The use of blockchain technology is becoming more popular in its ability to increase cybersecurity in different industries. Since the data is distributed and cannot be changed in the blockchain, it is a very secure technique of keeping the data from being interfered. The following are ways through which blockchain can be implicated in enhancing the current cybersecurity measures.
- Enhanced Data Security:
- Hash function and asymmetric or public-key cryptography cryptographic functions of the blockchain guarantee data integrity and non-repudiation [9].
- The technology’s decentralized architecture does not have a single point of failure as such there are minimal points of exposure to attacks [10].
- Uses Across Different Fields and Sectors:
- Blockchain is currently in use in finance, healthcare, and IoT to reduce the need for intermediaries through the use of smart contracts [9].
- This versatility makes it easy to design measures that meet the needs of certain security threats in certain industries [11].
However, it is important to note that threats are not static and there are many threats out there that can at any time take advantage of blockchains. These issues will be crucial in determining its effectiveness in the protection of digital assets in securing the same.
Integration of ML and Blockchain for Phishing Detection
The use of machine learning and blockchain technology technique has been considered as the better way to improve the phishing detection. Such integration aligns the ability of ML to predict potential phishing attacks with the security attribute of blockchain making it easy to tackle the threat [12].
- Machine Learning Techniques:
- Adversarial Domain Adaptation: ADA-Spear employs adversarial domain adaptation to detect phishing on multiple blockchains and obtains a new chain with F1 score of 77.41 [3].
- Algorithmic Approaches: Methods including Support Vector Machine (SVM) and Random Forest have been found to have a high success rate as far as the identification of phishing sites is concerned, given that the site’s features like the URLs and the users’ activities are put into consideration [1], [13].
- Blockchain’s Role:
- Data Integrity and Transparency: Blockchain offers a distributed, immutable record that increases the accuracy of transaction information needed for real-time fraud identification [14].
- Smart Contracts: These can include the basic issues of responding to the detected form of phishing; examples are blocking transactions or alerting other official agencies, which, by and large, makes the detection of phishing easier [14].
Challenges in Integration
Phishing detection with help of combined machine learning (ML) and blockchain has several issues that prevent it from being effectively implemented. These challenges are familiar from the characteristics of blockchain environments and the changing strategies of phishing threats.
- Data Quality and authenticity:
- Environmental data used in developing the ML models must therefore be genuine. The Proof of Anti-Scam consensus mechanism called PoAS, should ensure the process encourages the community for improving the quality of the data [15].
- It is crucial to learn labels as new blockchain environments provide little reliable labeling, as shown in ADA-Spear model learning with considerable distribution drift and low attributed overlap [3].
- Complexity of Blockchain transactions:
- Due to the very extensive and constantly evolving nature of blockchain transaction structures, it becomes difficult for users to detect phishing scams. Optimizing the interpretability and exploration of those large and dense networks has been discussed through the application of visual analytics methods [16].
- Consequently, consensus protocols that are in use at the current time may no longer be very effective at resisting the attempts of phishing in exchange for goods, as evidenced by the fact that real miners are often involved [17].
- Adaptability to evolving threats:
- Phishing attacks are not static and hence can easily outcompete traditional ML approaches to the challenge. Current changes require incorporation of deep learning techniques and feature set inclusion in advanced models [18].
Although these challenges are substantial, current studies and advancements in techniques are establishing future directions for better integration of ML and Blockchain technologies for Phishing detection. At the same time, it is important to note that the two fields are constantly evolving which calls for constant review of the detection methodologies.
Conclusion
It has been revealed that combining machine learning and blockchain technology may improve detecting phishing in cybersecurity. As for today, ML has enhanced detection features, while blockchain guarantees data decentralization and protection. Altogether, it allows creating a multilevel protection system against phishing, which will be effective irrespective of the type of the current threats. However, there are some drawbacks applying ML techniques, also time complexity, energy safety issues and data security problems are limiting factors for implementing. Therefore, the future work should involve profitably pursuing this integration to come up with integrated, effective, and secure phishing detection systems.
References
- S. S, “Phishing Website Detection using Machine Learning,” INTERANTIONAL J. Sci. Res. Eng. Manag., vol. 08, pp. 1–5, Jun. 2024, doi: 10.55041/IJSREM36212.
- A. E.-S. El-Metwaly et al., “Detection of Phishing URLs Based on Machine Learning and Cybersecurity,” in 2024 International Telecommunications Conference (ITC-Egypt), Jul. 2024, pp. 394–398. doi: 10.1109/ITC-Egypt61547.2024.10620574.
- C. Yan, X. Han, Y. Zhu, D. Du, Z. Lu, and Y. Liu, “Phishing behavior detection on different blockchains via adversarial domain adaptation,” Cybersecurity, vol. 7, no. 1, p. 45, Jun. 2024, doi: 10.1186/s42400-024-00237-5.
- V. Sinha, M. Shanbhog, and K. Upreti, “Unveiling the pattern of PhishingAttacks using the Machine Learning approach,” in 2024 International Conference on Advances in Computing, Communication and Applied Informatics (ACCAI), May 2024, pp. 1–7. doi: 10.1109/ACCAI61061.2024.10602318.
- H. Abdel-jaber, H. A. Bazar, and M. Naser, “A Developed Model Based on Machine Learning Algorithms for Phishing Website Detection,” http://www.eurekaselect.com, Accessed: Sep. 24, 2024. [Online]. Available: https://www.eurekaselect.com/article/141073
- N. F. Almujahid, M. A. Haq, and M. Alshehri, “Comparative evaluation of machine learning algorithms for phishing site detection,” PeerJ Comput. Sci., vol. 10, p. e2131, Jun. 2024, doi: 10.7717/peerj-cs.2131.
- E. Kocyigit, M. Korkmaz, O. K. Sahingoz, and B. Diri, “Enhanced Feature Selection Using Genetic Algorithm for Machine-Learning-Based Phishing URL Detection,” Appl. Sci., vol. 14, no. 14, Art. no. 14, Jan. 2024, doi: 10.3390/app14146081.
- G. Kumar and Dr. K. S, “A Comprehensive Review on an Advanced Machine Learning Approach for Enhancing Phishing Website Detection,” Int. J. Res. Appl. Sci. Eng. Technol., no. 6, pp. 335–341, Jun. 2024, doi: 10.22214/ijraset.2024.63091.
- M. Roopesh, “BLOCKCHAIN TECHNOLOGY’S ROLE IN SECURING DATA AND PREVENTING CYBERATTACKS: A DETAILED REVIEW,” Acad. J. Sci. Technol. Eng. Math. Educ., vol. 4, no. 03, Art. no. 03, Jul. 2024, doi: 10.69593/ajsteme.v4i03.86.
- N. Turab, H. A. Owida, and J. I. Al-Nabulsi, “Harnessing the power of blockchain to strengthen cybersecurity measures: a review,” Indones. J. Electr. Eng. Comput. Sci., vol. 35, no. 1, Art. no. 1, Jul. 2024, doi: 10.11591/ijeecs.v35.i1.pp593-600.
- W. Moqhem Almoqhem, “Block Chain Security Advance Cyber Security Research,” المجلة العلمیة لکلیة الآداب-جامعة أسیوط, vol. 0, Aug. 2024, doi: 10.21608/aakj.2024.302212.1811.
- M. Rahaman, C. Y. Lin, I. Rachmat, R. Bansal, and Prayitno, “Secure Health Features: Implementing Hyperledger Fabric in Blockchain-Driven Healthcare Management Systems,” in Digital Forensics and Cyber Crime Investigation, CRC Press, 2024.
- A. Admane, A. Andhale, A. Assalkar, O. Bastapure, and A. V. Mote, “A Review on Online Phishing Detection Using Machine Learning,” Int. J. Res. Appl. Sci. Eng. Technol., vol. 11, no. 12, pp. 1655–1657, Dec. 2023, doi: 10.22214/ijraset.2023.57518.
- H. O. Bello, C. Idemudia, T. V. Iyelolu, H. O. Bello, C. Idemudia, and T. V. Iyelolu, “Integrating machine learning and blockchain: Conceptual frameworks for real-time fraud detection and prevention,” World J. Adv. Res. Rev., vol. 23, no. 1, Art. no. 1, 2024, doi: 10.30574/wjarr.2024.23.1.1985.
- V. T. T. Hieu, T. T. H. Hao, L. X. Hoang, D. M. Trung, P. T. Duy, and V.-H. Pham, “A Consensus Protocol for Incentivizing Contribution from Decentralized Community for Machine Learning-based Scamming Website Detection,” in 2023 International Conference on System Science and Engineering (ICSSE), Jul. 2023, pp. 570–575. doi: 10.1109/ICSSE58758.2023.10227205.
- J. Dong et al., “Visual Analytics for Phishing Scam Identification in Blockchain Transactions with Multiple Model Comparison,” in Proceedings of the 16th International Symposium on Visual Information Communication and Interaction, in VINCI ’23. New York, NY, USA: Association for Computing Machinery, Oct. 2023, pp. 1–9. doi: 10.1145/3615522.3615540.
- K. Joshi et al., “Machine-Learning Techniques for Predicting Phishing Attacks in Blockchain Networks: A Comparative Study,” Algorithms, vol. 16, no. 8, Art. no. 8, Aug. 2023, doi: 10.3390/a16080366.
- Dr. R. Prasanna, “Enhancing Phishing Detection: A Novel Hybrid Deep Learning Framework for Cybercrime Forensics,” Int. J. Res. Appl. Sci. Eng. Technol., vol. 12, no. 5, pp. 1638–1643, May 2024, doi: 10.22214/ijraset.2024.61874.
- Gupta, B. B., Gaurav, A., & Panigrahi, P. K. (2023). Analysis of retail sector research evolution and trends during COVID-19. Technological Forecasting and Social Change, 194, 122671.
- Aldweesh, A., Alauthman, M., Al Khaldy, M., Ishtaiwi, A., Al-Qerem, A., Almoman, A., & Gupta, B. B. (2023). The meta-fusion: A cloud-integrated study on blockchain technology enabling secure and efficient virtual worlds. International Journal of Cloud Applications and Computing (IJCAC), 13(1), 1-24.
Cite As
Katiyar A. (2024) Machine Learning and Blockchain Integration for Phishing Detection in Cybersecurity, Insights2Techinfo, pp.1