Phishing, social engineering, and identity fraud are fast becoming the subject of attacks that capitalize on human emotions and deceive them to overcome the conventional security methods. The attacks are not aimed at suspect links or messages with poor grammar but a multi-faceted approach such as pretexting, baiting and spoofing various platforms such as Gmail, Outlook, WhatsApp, and Telegram among others. The URL-based filters or the keyword based detection schemes have proven to be ineffective since the attackers keep changing their tactics and use the most convincing and deceptive content besides the cloaked visuals. Toward this end, this paper suggests an AI-enabled threat detection system built to identify manipulative and malicious content in real-time. Since BERT-based natural language processing (NLP) is used in the proposed system to provide deep semantic analysis of messages, it can identify subtle manipulations in the tone, intent, and shades of meaning that tend to slip past rule-based filters. Complementing this, convolutional autoencoders are adopted to extract visual properties of fraud logs, brand parodies and hidden images that fraudsters attempt to lure the audience with. In addition, a contextual risk engine is developed that would form a combination of metadata analysis, user behavior modeling, and message purpose assessment to identify social engineering techniques that are not technically based. The system has been trained on a vast dataset of more than three million instances which consist of both real-life adversarial cases along with adversarial attacks generated artificially. Such a mixed training is aimed to guarantee robust generalization properties, resulting in low error rates of false-positives and high-detection accuracy. More so, the reinforcement learning features enable the model to continuously learn and develop through the observed patterns of attacks in field deployments. The proposed model offers the advantage of using an unified framework integrating text, image and behavioral context into one system to present a scalable and preventive approach that is above and beyond the traditional phishing-detection methods. This Artificial Intelligence-based device increases security by detecting the dynamic threats before they can harm their users hence boosting digital trust on the new communication platforms.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Cybersecurity Agent for Phishing and Social Engineering Threat Detection: A Systematic Review

  • A. Mohamed Arshath Parvesh,
  • S. Kailash,
  • K. P. Revathi,
  • Sandhya Sasidharan

摘要

Phishing, social engineering, and identity fraud are fast becoming the subject of attacks that capitalize on human emotions and deceive them to overcome the conventional security methods. The attacks are not aimed at suspect links or messages with poor grammar but a multi-faceted approach such as pretexting, baiting and spoofing various platforms such as Gmail, Outlook, WhatsApp, and Telegram among others. The URL-based filters or the keyword based detection schemes have proven to be ineffective since the attackers keep changing their tactics and use the most convincing and deceptive content besides the cloaked visuals. Toward this end, this paper suggests an AI-enabled threat detection system built to identify manipulative and malicious content in real-time. Since BERT-based natural language processing (NLP) is used in the proposed system to provide deep semantic analysis of messages, it can identify subtle manipulations in the tone, intent, and shades of meaning that tend to slip past rule-based filters. Complementing this, convolutional autoencoders are adopted to extract visual properties of fraud logs, brand parodies and hidden images that fraudsters attempt to lure the audience with. In addition, a contextual risk engine is developed that would form a combination of metadata analysis, user behavior modeling, and message purpose assessment to identify social engineering techniques that are not technically based. The system has been trained on a vast dataset of more than three million instances which consist of both real-life adversarial cases along with adversarial attacks generated artificially. Such a mixed training is aimed to guarantee robust generalization properties, resulting in low error rates of false-positives and high-detection accuracy. More so, the reinforcement learning features enable the model to continuously learn and develop through the observed patterns of attacks in field deployments. The proposed model offers the advantage of using an unified framework integrating text, image and behavioral context into one system to present a scalable and preventive approach that is above and beyond the traditional phishing-detection methods. This Artificial Intelligence-based device increases security by detecting the dynamic threats before they can harm their users hence boosting digital trust on the new communication platforms.