SOK: A Comprehensive Reexamination of Phishing Research from the Security Perspective

11/03/2019
by   Avisha Das, et al.
0

Phishing and spear-phishing are typical examples of masquerade attacks since trust is built up through impersonation for the attack to succeed. Given the prevalence of these attacks, considerable research has been conducted on these problems along multiple dimensions. We reexamine the existing research on phishing and spear-phishing from the perspective of the unique needs of the security domain, which we call security challenges: real-time detection, active attacker, dataset quality and base-rate fallacy. We explain these challenges and then survey the existing phishing/spear phishing solutions in their light. This viewpoint consolidates the literature and illuminates several opportunities for improving existing solutions. We organize the existing literature based on detection techniques for different attack vectors (e.g., URLs, websites, emails) along with studies on user awareness. For detection techniques, we examine properties of the dataset, feature extraction, detection algorithms used, and performance evaluation metrics. This work can help guide the development of more effective defenses for phishing, spear-phishing, and email masquerade attacks of the future, as well as provide a framework for a thorough evaluation and comparison.

READ FULL TEXT

page 1

page 3

page 6

page 8

page 9

page 15

page 19

page 20

research
02/14/2023

Backdoor Learning for NLP: Recent Advances, Challenges, and Future Research Directions

Although backdoor learning is an active research topic in the NLP domain...
research
05/01/2020

A Taxonomy of Approaches for Integrating Attack Awareness in Applications

Software applications are subject to an increasing number of attacks, re...
research
03/27/2022

A Systematic Survey of Attack Detection and Prevention in Connected and Autonomous Vehicles

The number of Connected and Autonomous Vehicles (CAVs) is increasing rap...
research
07/12/2023

SoK: Comparing Different Membership Inference Attacks with a Comprehensive Benchmark

Membership inference (MI) attacks threaten user privacy through determin...
research
06/20/2019

An Extensible Framework for Quantifying the Coverage of Defenses Against Untrusted Foundries

The transistors used to construct Integrated Circuits (ICs) continue to ...
research
10/17/2022

Deepfake Text Detection: Limitations and Opportunities

Recent advances in generative models for language have enabled the creat...
research
01/31/2019

A Holistic Approach to Evaluating Cyber Security Defensive Capabilities

Metrics and frameworks to quantifiably assess security measures have ari...

Please sign up or login with your details

Forgot password? Click here to reset