ترغب بنشر مسار تعليمي؟ اضغط هنا

Phishing - A Growing Threat to E-Commerce

104   0   0.0 ( 0 )
 نشر من قبل M. Tariq Banday
 تاريخ النشر 2011
  مجال البحث الهندسة المعلوماتية
والبحث باللغة English




اسأل ChatGPT حول البحث

In todays business environment, it is difficult to imagine a workplace without access to the web, yet a variety of email born viruses, spyware, adware, Trojan horses, phishing attacks, directory harvest attacks, DoS attacks, and other threats combine to attack businesses and customers. This paper is an attempt to review phishing - a constantly growing and evolving threat to Internet based commercial transactions. Various phishing approaches that include vishing, spear phishng, pharming, keyloggers, malware, web Trojans, and others will be discussed. This paper also highlights the latest phishing analysis made by Anti-Phishing Working Group (APWG) and Korean Internet Security Center.



قيم البحث

اقرأ أيضاً

Fraud and terrorism have a close connect in terms of the processes that enables and promote them. In the era of Internet, its various services that include Web, e-mail, social networks, blogs, instant messaging, chats, etc. are used in terrorism not only for communication but also for i) creation of ideology, ii) resource gathering, iii) recruitment, indoctrination and training, iv) creation of terror network, and v) information gathering. A major challenge for law enforcement and intelligence agencies is efficient and accurate gathering of relevant and growing volume of crime data. This paper reports on use of established Naive Bayesian filter for classification of threat e-mails. Efficiency in filtering threat e-mail by use of three different Naive Bayesian filter approaches i.e. single keywords, weighted multiple keywords and weighted multiple keywords with keyword context matching are evaluated on a threat e-mail corpus created by extracting data from sources that are very close to terrorism.
117 - Pingfan Xu 2021
Phishing attacks are among emerging security issues that recently draws significant attention in the cyber security community. There are numerous existing approaches for phishing URL detection. However, malicious URL detection is still a research hot spot because attackers can bypass newly introduced detection mechanisms by changing their tactics. This paper will introduce a transformer-based malicious URL detection model, which has significant accuracy and outperforms current detection methods. We conduct experiments and compare them with six existing classical detection models. Experiments demonstrate that our transformer-based model is the best performing model from all perspectives among the seven models and achieves 97.3 % of detection accuracy.
A distributed and transparent ledger system is considered for various e-commerce products including health medicines, electronics, security appliances, food products and many more to ensure technological and e-commerce sustainability. This solution, named as PRODCHAIN, is a generic blockchain framework with lattice-based cryptographic processes for reducing the complexity for tracing the e-commerce products. Moreover, we have introduced a rating based consensus process called Proof of Accomplishment (PoA). The solution has been analyzed and experimental studies are performed on Ethereum network. The results are discussed in terms of latency and throughput which prove the efficiency of PRODCHAIN in e-commerce products and services. The presented solution is beneficial for improving the traceability of the products ensuring the social and financial sustainability. This work will help the researchers to gain knowledge about the blockchain implications for supply chain possibilities in future developments for society.
352 - Peng Gao , Fei Shao , Xiaoyuan Liu 2020
Log-based cyber threat hunting has emerged as an important solution to counter sophisticated attacks. However, existing approaches require non-trivial efforts of manual query construction and have overlooked the rich external threat knowledge provide d by open-source Cyber Threat Intelligence (OSCTI). To bridge the gap, we propose ThreatRaptor, a system that facilitates threat hunting in computer systems using OSCTI. Built upon system auditing frameworks, ThreatRaptor provides (1) an unsupervised, light-weight, and accurate NLP pipeline that extracts structured threat behaviors from unstructured OSCTI text, (2) a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities, (3) a query synthesis mechanism that automatically synthesizes a TBQL query for hunting, and (4) an efficient query execution engine to search the big audit logging data. Evaluations on a broad set of attack cases demonstrate the accuracy and efficiency of ThreatRaptor in practical threat hunting.
Phishing is one of the most severe cyber-attacks where researchers are interested to find a solution. In phishing, attackers lure end-users and steal their personal in-formation. To minimize the damage caused by phishing must be detected as early as possible. There are various phishing attacks like spear phishing, whaling, vishing, smishing, pharming and so on. There are various phishing detection techniques based on white-list, black-list, content-based, URL-based, visual-similarity and machine-learning. In this paper, we discuss various kinds of phishing attacks, attack vectors and detection techniques for detecting the phishing sites. Performance comparison of 18 different models along with nine different sources of datasets are given. Challenges in phishing detection techniques are also given.
التعليقات
جاري جلب التعليقات جاري جلب التعليقات
سجل دخول لتتمكن من متابعة معايير البحث التي قمت باختيارها
mircosoft-partner

هل ترغب بارسال اشعارات عن اخر التحديثات في شمرا-اكاديميا