Dataciencia

Colección SciELO Chile

Uncovering phishing attacks using principles of persuasion analysis

Indexado

WoS	WOS:001347129400001
Scopus	SCOPUS_ID:85197791840

DOI

10.1016/J.JNCA.2024.103964

Año

2024

Tipo

artículo de investigación

Citas Totales

Autores Afiliación Chile

Instituciones Chile

% Participación
Internacional

Autores
Afiliación Extranjera

Instituciones
Extranjeras

Abstract

With the rising of Internet in early ’90s, many fraudulent activities have migrated from physical to digital: one of them is phishing. Phishing is a deceptive practice focused on exploiting the human factor, which is the most vulnerable aspect of any security process. In this scam, social engineering techniques are extensively utilized, specifically focusing on the principles of persuasion, to deceive individuals into disclosing sensitive information or engaging in malicious actions. This research explores the use of message subjectivity for detecting phishing attacks. It does so by assessing the impact of various data representations and classifiers on automatically identifying principles of persuasion. Furthermore, it investigates how these detected principles of persuasion can be leveraged for identifying phishing attacks. The experiments conducted revealed that there is no universal solution for data representation and classifier selection to effectively detect all principles of persuasion. Instead, a tailored combination of data representation and classifiers is required for detecting each principle. The Machine Learning models created automatically detect principles of persuasion with confidence levels ranging from 0.7306 to 0.8191 for AUC-ROC. Next, principles of persuasion detected are used for phishing detection. This study also emphasizes the need for user-friendly and comprehensible models. To validate the proposal presented, several families of classifiers were tested, but among all of them, tree-based models (and Random Forest in particular) stand out as preferred option. These models achieve similar level of effectiveness as alternative methods while offering improved clarity and user-friendliness, with an AUC-ROC of 0.859842.

Revista

Revista	ISSN
Journal Of Network And Computer Applications	1084-8045

Métricas Externas

PlumX	Altmetric	Dimensions

Muestra métricas de impacto externas asociadas a la publicación. Para mayor detalle:

Plumx: https://plumanalytics.com/learn/about-metrics/
Altmetric: https://www.altmetric.com/about-altmetrics/what-are-altmetrics/
Dimensions: https://www.dimensions.ai/why-dimensions/

Disciplinas de Investigación

WOS
Computer Science, Software Engineering
Computer Science, Interdisciplinary Applications
Computer Science, Hardware & Architecture

Scopus
Sin Disciplinas

SciELO
Sin Disciplinas

Muestra la distribución de disciplinas para esta publicación.

Publicaciones WoS (Ediciones: ISSHP, ISTP, AHCI, SSCI, SCI), Scopus, SciELO Chile.

Colaboración Institucional

Muestra la distribución de colaboración, tanto nacional como extranjera, generada en esta publicación.

Autores - Afiliación

Ord.	Autor	Género	Institución - País
1	Bustio-Martínez, Lázaro	-	Universidad Iberoamericana - México Univ Iberoamer Ciudad Mexico - México
2	Herrera-Semenets, Vitali	-	Centro de Aplicaciones de Tecnologías de Avanzada, Cuba - Cuba Adv Technol Applicat Ctr CENATAV - Cuba
3	García-Mendoza, Juan Luis	-	University Sorbonne Paris Nord - Francia Univ Sorbonne Paris Nord - Francia
4	Álvarez-Carmona, Miguel Ángel	-	Centro de Investigación en Matemáticas (CIMAT) sede Monterrey - México Ctr Invest Matemat CIMAT Sede Monterrey - México
5	González-Ordiano, Jorge Ángel	-	Universidad Iberoamericana - México Univ Iberoamer Ciudad Mexico - México
6	Zúñiga-Morales, Luis	-	Universidad Iberoamericana - México Univ Iberoamer Ciudad Mexico - México
7	Quiróz-Ibarra, J. Emilio	-	Universidad Iberoamericana - México Univ Iberoamer Ciudad Mexico - México
8	SANTANDER-MADARIAGA, PEDRO	Hombre	Pontificia Universidad Católica de Valparaíso - Chile
9	van den Berg, Jan	-	Delft University of Technology - Países Bajos Delft Univ Technol - Países Bajos

Muestra la afiliación y género (detectado) para los co-autores de la publicación.

Financiamiento

Fuente
Universidad Iberoamericana Ciudad de México
Consejo Nacional de Humanidades, Ciencias y Tecnologías
InIAT
Institute of Applied Research and Technology
Instituto de Investigación Aplicada y Tecnología
Universidad Iberoamericana Ciudad de Mexico (Ibero)
Instituto de Investigacion Aplicada y Tecnologia (InIAT)

Muestra la fuente de financiamiento declarada en la publicación.

Agradecimientos

Agradecimiento
This research was supported by the Universidad Iberoamericana Ciudad de M\u00E9xico (Ibero) and the Instituto de Investigaci\u00F3n Aplicada y Tecnolog\u00EDa (InIAT) through the project \u201CDetection of phishing attacks in electronic messages using Artificial Intelligence techniques\u201D. Additionally, the authors thank CONAHCYT for the computer resources provided through the INAOE Supercomputing Laboratory's Deep Learning Platform for Language Technologies.
This research was supported by the Universidad Iberoamericana Ciudad de M\u00E9xico (Ibero) and the Instituto de Investigaci\u00F3n Aplicada y Tecnolog\u00EDa (InIAT) through the project \u201CDetection of phishing attacks in electronic messages using Artificial Intelligence techniques\u201D. Additionally, the authors thank CONAHCYT for the computer resources provided through the INAOE Supercomputing Laboratory's Deep Learning Platform for Language Technologies.
This research was supported by the Universidad Iberoamericana Ciudad de Mexico (Ibero) and the Instituto de Investigacion Aplicada y Tecnologia (InIAT) through the project "Detection of phishing attacks in electronic messages using Artificial Intelligence techniques". Additionally, the authors thank CONAHCYT for the computer resources provided through the INAOE Supercomputing Laboratory's Deep Learning Platform for Language Technologies.