PhishIntel: Toward Practical Deployment of Reference-Based Phishing Detection

• URL: http://arxiv.org/abs/2412.09057v2
• Date: Fri, 14 Feb 2025 17:17:20 GMT
• Title: PhishIntel: Toward Practical Deployment of Reference-Based Phishing Detection
• Authors: Yuexin Li, Hiok Kuek Tan, Qiaoran Meng, Mei Lin Lock, Tri Cao, Shumin Deng, Nay Oo, Hoon Wei Lim, Bryan Hooi,
• Abstract summary: PhishIntel is an end-to-end phishing detection system for real-world deployment. It segmenting the detection process into two distinct tasks: a fast task that checks against local blacklists and result cache, and a slow task that conducts online blacklist verification, URL crawling, and webpage analysis. This fast-slow task system architecture ensures low response latency while retaining the robust detection capabilities of reference-based phishing detectors.
• Score: 33.98293686647553
• License:
• Abstract: Phishing is a critical cyber threat, exploiting deceptive tactics to compromise victims and cause significant financial losses. While reference-based phishing detectors (RBPDs) have achieved notable advancements in detection accuracy, their real-world deployment is hindered by challenges such as high latency and inefficiency in URL analysis. To address these limitations, we present PhishIntel, an end-to-end phishing detection system for real-world deployment. PhishIntel intelligently determines whether a URL can be processed immediately or not, segmenting the detection process into two distinct tasks: a fast task that checks against local blacklists and result cache, and a slow task that conducts online blacklist verification, URL crawling, and webpage analysis using an RBPD. This fast-slow task system architecture ensures low response latency while retaining the robust detection capabilities of RBPDs for zero-day phishing threats. Furthermore, we develop two downstream applications based on PhishIntel: a phishing intelligence platform and a phishing email detection plugin for Microsoft Outlook, demonstrating its practical efficacy and utility.

Related papers

• Web Phishing Net (WPN): A scalable machine learning approach for real-time phishing campaign detection [0.0]
  Phishing is the most prevalent type of cyber-attack today and is recognized as the leading source of data breaches. In this paper, we propose an unsupervised learning approach that is fast but scalable. It is able to detect entire campaigns at a time with a high detection rate while preserving user privacy.
  arXiv  Detail & Related papers  (2025-02-17T15:06:56Z)
• AdaPhish: AI-Powered Adaptive Defense and Education Resource Against Deceptive Emails [0.0]
  AdaPhish is an AI-powered phish bowl platform that automatically anonymizes and analyzes phishing emails. It achieves real-time detection and adaptation to new phishing tactics while enabling long-term tracking of phishing trends. AdaPhish presents a scalable, collaborative solution for phishing detection and cybersecurity education.
  arXiv  Detail & Related papers  (2025-02-05T21:17:19Z)
• TI-PREGO: Chain of Thought and In-Context Learning for Online Mistake Detection in PRocedural EGOcentric Videos [48.126793563151715]
  No technique effectively detects open-set procedural mistakes online. One branch continuously performs step recognition from the input egocentric video. The other anticipates future steps based on the recognition module's output.
  arXiv  Detail & Related papers  (2024-11-04T20:03:06Z)
• PhishLang: A Lightweight, Client-Side Phishing Detection Framework using MobileBERT for Real-Time, Explainable Threat Mitigation [3.014087730099599]
  In this paper, we introduce PhishLang, an open-source, lightweight language model specifically designed for phishing website detection. We use MobileBERT, a fast and memory-efficient variant of the BERT architecture, to learn granular features characteristic of phishing attacks. Over a 3.5-month testing period, PhishLang successfully identified 25,796 phishing URLs.
  arXiv  Detail & Related papers  (2024-08-11T01:14:13Z)
• Position Paper: Think Globally, React Locally -- Bringing Real-time Reference-based Website Phishing Detection on macOS [0.4962561299282114]
  The recent surge in phishing attacks keeps undermining the effectiveness of the traditional anti-phishing blacklist approaches. On-device anti-phishing solutions are gaining popularity as they offer faster phishing detection locally. We propose a phishing detection solution that uses a combination of computer vision and on-device machine learning models to analyze websites in real time.
  arXiv  Detail & Related papers  (2024-05-28T14:46:03Z)
• Novel Interpretable and Robust Web-based AI Platform for Phishing Email Detection [0.0]
  Phishing emails pose a significant threat, causing financial losses and security breaches. This study proposes a high-performance machine learning model for email classification. The model achieves a f1 score of 0.99 and is designed for deployment within relevant applications.
  arXiv  Detail & Related papers  (2024-05-19T17:18:27Z)
• TANTRA: Timing-Based Adversarial Network Traffic Reshaping Attack [46.79557381882643]
  We present TANTRA, a novel end-to-end Timing-based Adversarial Network Traffic Reshaping Attack. Our evasion attack utilizes a long short-term memory (LSTM) deep neural network (DNN) which is trained to learn the time differences between the target network's benign packets. TANTRA achieves an average success rate of 99.99% in network intrusion detection system evasion.
  arXiv  Detail & Related papers  (2021-03-10T19:03:38Z)
• A System for Efficiently Hunting for Cyber Threats in Computer Systems Using Threat Intelligence [78.23170229258162]
  We build ThreatRaptor, a system that facilitates cyber threat hunting in computer systems using OSCTI. ThreatRaptor provides (1) an unsupervised, light-weight, and accurate NLP pipeline that extracts structured threat behaviors from unstructured OSCTI text, (2) a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities, and (3) a query synthesis mechanism that automatically synthesizes a TBQL query from the extracted threat behaviors.
  arXiv  Detail & Related papers  (2021-01-17T19:44:09Z)
• Enabling Efficient Cyber Threat Hunting With Cyber Threat Intelligence [94.94833077653998]
  ThreatRaptor is a system that facilitates threat hunting in computer systems using open-source Cyber Threat Intelligence (OSCTI) It extracts structured threat behaviors from unstructured OSCTI text and uses a concise and expressive domain-specific query language, TBQL, to hunt for malicious system activities. Evaluations on a broad set of attack cases demonstrate the accuracy and efficiency of ThreatRaptor in practical threat hunting.
  arXiv  Detail & Related papers  (2020-10-26T14:54:01Z)
• Phishing and Spear Phishing: examples in Cyber Espionage and techniques to protect against them [91.3755431537592]
  Phishing attacks have become the most used technique in the online scams, initiating more than 91% of cyberattacks, from 2012 onwards. This study reviews how Phishing and Spear Phishing attacks are carried out by the phishers, through 5 steps which magnify the outcome.
  arXiv  Detail & Related papers  (2020-05-31T18:10:09Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.