Nisreen Innab¹, Ahmed Abdelgader Fadol Osman², Mohammed Awad Mohammed Ataelfadiel², Marwan Abu-Zanona^3,*, Bassam Mohammad Elzaghmouri⁴, Farah H. Zawaideh⁵, Mouiad Fadeil Alawneh⁶

CMC-Computers, Materials & Continua, Vol.80, No.1, pp. 1325-1345, 2024, DOI:10.32604/cmc.2024.051778 - 18 July 2024

Abstract Phishing, an Internet fraud where individuals are deceived into revealing critical personal and account information, poses a significant risk to both consumers and web-based institutions. Data indicates a persistent rise in phishing attacks. Moreover, these fraudulent schemes are progressively becoming more intricate, thereby rendering them more challenging to identify. Hence, it is imperative to utilize sophisticated algorithms to address this issue. Machine learning is a highly effective approach for identifying and uncovering these harmful behaviors. Machine learning (ML) approaches can identify common characteristics in most phishing assaults. In this paper, we propose an ensemble approach… More >

Kofi Sarpong Adu-Manu^*, Richard Kwasi Ahiable

Journal of Cyber Security, Vol.5, pp. 13-32, 2023, DOI:10.32604/jcs.2023.043359 - 19 October 2023

Abstract As businesses develop and expand with a significant volume of data, data protection and privacy become increasingly important. Research has shown a tremendous increase in phishing activities during and after COVID-19. This research aimed to improve the existing approaches to detecting phishing activities on the internet. We designed a multi-layered phish detection algorithm to detect and prevent phishing applications on the internet using URLs. In the algorithm, we considered technical dimensions of phishing attack prevention and mitigation on the internet. In our approach, we merge, Phishtank, Blacklist, Blocklist, and Whitelist to form our framework. A More >

Rundong Yang^1,*, Kangfeng Zheng¹, Xiujuan Wang², Bin Wu¹, Chunhua Wu¹

Computer Systems Science and Engineering, Vol.47, No.2, pp. 2153-2170, 2023, DOI:10.32604/csse.2023.038917 - 28 July 2023

Abstract Social engineering attacks are considered one of the most hazardous cyberattacks in cybersecurity, as human vulnerabilities are often the weakest link in the entire network. Such vulnerabilities are becoming increasingly susceptible to network security risks. Addressing the social engineering attack defense problem has been the focus of many studies. However, two main challenges hinder its successful resolution. Firstly, the vulnerabilities in social engineering attacks are unique due to multistage attacks, leading to incorrect social engineering defense strategies. Secondly, social engineering attacks are real-time, and the defense strategy algorithms based on gaming or reinforcement learning are… More >

Yichiet Aun^1,*, Ming-Lee Gan¹, Nur Haliza Binti Abdul Wahab², Goh Hock Guan¹

CMC-Computers, Materials & Continua, Vol.74, No.3, pp. 4917-4931, 2023, DOI:10.32604/cmc.2023.032373 - 28 December 2022

Abstract In defense-in-depth, humans have always been the weakest link in cybersecurity. However, unlike common threats, social engineering poses vulnerabilities not directly quantifiable in penetration testing. Most skilled social engineers trick users into giving up information voluntarily through attacks like phishing and adware. Social Engineering (SE) in social media is structurally similar to regular posts but contains malicious intrinsic meaning within the sentence semantic. In this paper, a novel SE model is trained using a Recurrent Neural Network Long Short Term Memory (RNN-LSTM) to identify well-disguised SE threats in social media posts. We use a custom… More >

Kofi Sarpong Adu-Manu^*, Richard Kwasi Ahiable, Justice Kwame Appati, Ebenezer Essel Mensah

Journal of Cyber Security, Vol.4, No.4, pp. 239-267, 2022, DOI:10.32604/jcs.2023.041095 - 10 August 2023

Abstract Organisations closed their offices and began working from home online to prevent the spread of the COVID-19 virus. This shift in work culture coincided with increased online use during the same period. As a result, the rate of cybercrime has skyrocketed. This study examines the approaches, techniques, and countermeasures of Social Engineering and phishing in this context. The study discusses recent trends in the existing approaches for identifying phishing assaults. We explore social engineering attacks, categorise them into types, and offer both technical and social solutions for countering phishing attacks which makes this paper different More >

Maher Alsharif¹, Shailendra Mishra^2,*, Mohammed AlShehri¹

Computer Systems Science and Engineering, Vol.40, No.3, pp. 1153-1166, 2022, DOI:10.32604/csse.2022.019938 - 24 September 2021

Abstract Today, security is a major challenge linked with computer network companies that cannot defend against cyber-attacks. Numerous vulnerable factors increase security risks and cyber-attacks, including viruses, the internet, communications, and hackers. Internets of Things (IoT) devices are more effective, and the number of devices connected to the internet is constantly increasing, and governments and businesses are also using these technologies to perform business activities effectively. However, the increasing uses of technologies also increase risks, such as password attacks, social engineering, and phishing attacks. Humans play a major role in the field of cybersecurity. It is… More >