Professional Documents
Culture Documents
Bachelor of Technology
In
Submitted by
Content Pages
1. Abstract 01
2. Introduction 02
3. Problem
• Key Issue 03-04
• Project Goals
4. Application Area 05-06
5. Literature Review 07-08
6. Conclusion 09-10
7. References 11
Acknowledgement
I wish to express my heartfelt gratitude to the all the
people who have played a crucial role in the research for
this project, without their active cooperation the
preparation of this project could not have been completed
within the specified time limit. I am thankful to my
project guide Prof. Somyendu Sekhar, who supported
me throughout this project with utmost cooperation and
patience and for helping me in doing this Project.
I am also thankful to our respected Head of the
Department Prof. Dr. Moutushi Singh, for motivating
me to complete this project with complete focus and
attention. I am thankful to my department and all my
teachers for the help and guidance provided for this
work.
I extend my sincere thanks to my institute, the Institute
of Engineering and Management, Kolkata for the
opportunity provided to me for the betterment of my
academics.
--------------------------------------------
Nitesh Kumar Thakur
Department of CSE (IoTCSBT)
Enrolment No: 22022002017003
Date: 30-11-2023
Place: Kolkata
Abstract
In recent times, a phishing attack has become one of the most prominent
attacks faced by internet users, governments, and service-providing
organizations. In a phishing attack, the attacker(s) collects the client’s
sensitive data (i.e., user account login details, credit/debit card numbers,
etc.) by using spoofed emails or fake websites. Phishing websites are
common entry points of online social engineering attacks, including
numerous frauds on the websites. In such types of attacks, the attacker(s)
create website pages by copying the behavior of legitimate websites and
sends URL(s) to the targeted victims through spam messages, texts, or
social networking. To provide a thorough understanding of phishing
attack(s), this paper provides a literature review of Artificial Intelligence (AI)
techniques: Machine Learning, Deep Learning, Hybrid Learning, and
Scenario-based techniques for phishing attack detection. This paper also
presents the comparison of different studies detecting the phishing attack
for each AI technique and examines the qualities and shortcomings of these
methodologies. Furthermore, this paper provides a comprehensive set of
current challenges of phishing attacks and future research direction in this
domain.
Page | 1
Introduction
Cybersecurity, vital in safeguarding internet resources, faces escalating
challenges due to the growing complexity of cyber threats. Cyberattacks,
malicious digital endeavors to access confidential data, are exemplified by
phishing attacks using deceptive websites to extract sensitive information.
The ineffectiveness of current anti-phishing methods is evident in alarming
statistics, with over 51,000 phishing websites reported in 2018 and global
losses reaching $9 billion in 2016. This underscores the urgency for
improved defenses. This paper focuses on the integral role of Artificial
Intelligence (AI) in countering phishing attacks, utilizing advanced
techniques such as machine learning and deep learning to enhance
detection accuracy. As cyber threats evolve, understanding and mitigating
these risks become paramount. The comprehensive survey delves into
communication media, target devices, attack techniques, and counter-
measures employed in phishing attacks. By categorizing and assessing
these aspects, the survey aims to provide a thorough overview of existing
techniques, challenges, and future research directions in phishing attack
detection. The contributions of this study include a detailed exploration of
deep learning, machine learning, hybrid learning, and scenario-based
techniques, along with a comparative analysis of reported results.
Additionally, the paper discusses prevalent phishing attack methods and
outlines current challenges, offering valuable insights for the advancement
of cybersecurity practices..
Page | 2
Problem Definition
Key Issues:
Real-time Responsiveness:
Regulatory Compliance:
Page | 3
Challenge: Adhering to evolving regulatory standards is crucial for
cybersecurity practices, and noncompliance poses legal and reputational
risks.
Objective: Ensure that AI-enabled detection models and processes align
with existing and emerging regulatory standards, creating a compliant and
robust defense against phishing threats.
Project Goals:
Develop and implement AI-driven models that analyze diverse data sources
to enhance the precision of phishing threat detection, reducing the
susceptibility to phishing attacks.
Regulatory Adherence:
Page | 4
Leverage the latest advancements in AI technologies to enable continuous
learning and adaptation, staying ahead of evolving phishing tactics and
improving overall cybersecurity resilience.
Application Area
The project's impact is extensive, catering to a diverse range of sectors eager
to fortify their defenses against phishing attacks and enhance overall
cybersecurity. It holds relevance and applicability in various domains,
including:
Corporate Enterprises:
Corporate entities can employ AI-enabled phishing attack detection
techniques to bolster their cybersecurity posture. By implementing
advanced threat detection models, businesses can safeguard sensitive data,
protect employee accounts, and ensure the integrity of their digital
infrastructure.
Financial Institutions:
Similar to loan approval processes, banks and financial institutions can
utilize AI techniques for detecting phishing attacks. This approach
enhances their ability to identify and neutralize phishing threats in real-
time, safeguarding customer information and maintaining the trust of
account holders.
E-commerce Platforms:
Online businesses face a constant threat of phishing attacks targeting
customer accounts and sensitive transaction information. The
implementation of AI-driven detection methods ensures a proactive defense
against phishing threats, providing a secure online shopping experience for
users.
Healthcare Organizations:
Given the sensitive nature of healthcare data, AI-enabled phishing detection
techniques are crucial for safeguarding patient information. Healthcare
institutions can deploy advanced models to identify and thwart phishing
attempts, ensuring data privacy and compliance with regulatory standards.
Government Agencies:
Page | 5
Government entities are frequent targets of phishing attacks seeking to
compromise sensitive information. By incorporating AI-based detection
systems, government agencies can enhance their cybersecurity measures,
protecting critical data and maintaining the integrity of public services.
Educational Institutions:
Phishing attacks often target educational institutions, seeking unauthorized
access to student and faculty accounts. Implementing AI-enabled detection
techniques helps these institutions preemptively identify and neutralize
phishing threats, securing sensitive academic and personal information.
Technology Companies:
Companies in the technology sector can benefit from advanced AI
techniques to fortify their defenses against phishing attacks. By leveraging
machine learning and scenario-based detection methods, these companies
can stay ahead of evolving cyber threats and protect their intellectual
property.
Page | 6
Literature Review
The literature review provides a comprehensive overview of AI-enabled
phishing attack detection techniques, focusing on machine learning (ML),
deep learning (DL), scenario-based, and hybrid learning (HL) approaches.
The study explores various methodologies employed by researchers to
address the growing threat of phishing attacks, emphasizing the importance
of accurate and efficient detection methods.
Page | 7
- Notes the limitations of some studies, such as the lack of ensemble
learning techniques and insufficient feature reduction.
Page | 8
Conclusion
REFERENCES:
10
1. A Comprehensive Survey of AI-enabled Phishing Attacks Detection Techniques
Authors: Ahmed, I. A., Abdullah, A. B., Ibrahim, A. N., & Ab Rahman, M. F. (2020).
a. Journal: SpringerLink
2. Visual-AI: Anti Phishing With Detection Powered By Visual-AI
a. Presenter: Alessandro Prest
b. Company: Visua
3. AI-enabled Phishing Link Detection and Alert System
a. Author: Stefin Franklin
b. Repository: GitHub - T-Phish
4. Phishing Detection: A Machine Learning Approach
a. Authors: Jain, A. K., Gupta, B., & Sikka, G. (2009).
b. Journal: arXiv
5. A Hybrid Approach for Phishing Detection Using Machine Learning and Natural Language
Processing
a. Authors: Alzahrani, Z., Alharbi, K., Aljundi, I., & Menasri, W. (2020, November).
b. Conference: 2020 IEEE International Conference on Artificial Intelligence in Cyber Security
(AICyberS).
c. Publisher: IEEE
11