Evolving Threat of Phishing Attacks Assignment Sample

Introduction Of Current Scope Of Phishing Attacks And Its Countermeasures

Phishing assaults have become progressively common and complex as of late, representing a critical danger to people, organizations, and associations around the world. In the ongoing scene, the extent of phishing assaults has extended emphatically, enveloping different methods and targets. These assaults are basically pointed toward taking touchy data, for example, login accreditations, monetary information, and individual data, by fooling casualties into revealing it enthusiastically. One of the vital advancements in phishing assaults is the enhancement of assault vectors. While email phishing remains a typical strategy, aggressors have likewise gone to different roads, including SMS, online entertainment, and texting stages.

Moreover, the fight against phishing assaults is progressing, as cybercriminals consistently adjust and advance their strategies. Security experts should stay careful, staying aware of the most recent phishing patterns and taking on proactive procedures to alleviate chances. Client training stays a basic part of safeguarding, as even the most exceptional specialized arrangements can't supplant a watchful and informed client base. As the extent of phishing assaults keeps on advancing, associations and people should cooperate to remain in front of this unavoidable danger.

Discussion

Part 1: Current Estimates of the Problem

Phishing Attacks: A Continuous Danger

Phishing assaults have a long history, tracing all the way back to the beginning of the web during the 1990s. The word "phishing" itself is accepted to have started around 1996. These assaults have persevered and developed throughout the long term, ceaselessly adjusting to mechanical headways and changes in client conduct.

The Development of Phishing Procedures

Phishing procedures have gone through critical changes throughout the long term, with assailants turning out to be progressively capable of social designing and misdirection. In the good old days, phishing messages were frequently filled with spelling and syntactic blunders, making them generally simple to detect (Das et al. 2020). In any case, as clients turned out to be more careful, aggressors refined their strategies.

Social Designing:

• Assailants utilize modern social designing strategies to make persuading phishing messages. They research their objectives, customize messages, and make convincing accounts to build the odds of coming out on top.
• Counterfeit sites and messages are intended to intently imitate authentic ones, frequently including logos, marking, and space names that are almost indistinct from the genuine substances.

The Size of Phishing Assaults

Assessing the exact size of phishing assaults is trying because of their surreptitious nature and the way that numerous occurrences go unreported. Nonetheless, a few markers give bits of knowledge into the greatness of the issue that includes:

Episode Reports

• Various associations and network safety firms routinely distribute writes about phishing episodes. These reports offer significant information on the quantity of assaults and their effect.
• In 2020, the Counter Phishing Working Gathering (APWG) revealed a huge flood in phishing assaults, with north of 200,000 novel phishing sites distinguished in the main quarter of the year.

Monetary Misfortunes

• Phishing assaults have brought about significant monetary misfortunes for the two people and associations. In the US alone, the FBI announced more than $57 million in misfortunes due to phishing in 2019.

Designated Areas

• Phishing assaults are not restricted to a particular industry but rather have designated a large number of areas, including finance, medical services, innovation, and government.
• Monetary foundations are many times essential targets, given the potential for direct financial addition.

Stick Phishing and Business Email Compromise (BEC)

Skewer phishing attacks, which are profoundly designated and customized, have become more pervasive. These assaults frequently target high-profile people or representatives with admittance to important data (Chowdhury et al. 2020).

Business Email Compromise (BEC) assaults include mimicking leaders or confiding in merchants to mislead representatives into making deceitful monetary exchanges. These assaults have prompted critical monetary misfortunes for associations.

• The Coronavirus Pandemic: The Coronavirus pandemic opened new doors to phishing attacks, as cybercriminals took advantage of the vulnerability and dread related to the emergency. Phishing messages connected with the pandemic, for example, counterfeit immunization enlistment structures and well-being warnings, were inescapable.
• Phishing Assault Vectors: Phishing attacks can be executed through different vectors, each with its own interesting difficulties. A portion of the essential assault vectors include:
• Email Phishing: Email remains one of the most well-known phishing assault vectors. Assailants send fake messages that seem to come from confided-in sources, frequently provoking beneficiaries to tap into vindictive connections or download destructive connections.
• Smishing (SMS Phishing): Smishing, or SMS phishing, includes sending misleading instant messages to fool beneficiaries into making unsafe moves, for example, tapping on connections or sharing individual data.
• Vishing (Voice Phishing): Vishing, or voice phishing, depends on calls to imitate confided-in elements and concentrate delicate data or cash from casualties.
• Malware Dissemination: Phishing assaults are regularly utilized as a way to disseminate malware. Pernicious connections or connections in phishing messages can prompt the establishment of malware on a casualty's gadget.
• Accreditation Collecting: A shared objective of phishing assaults is to collect login qualifications. Aggressors utilize persuading login pages to catch usernames and passwords, which can be utilized for additional malevolent exercises.

Countermeasures and Relief Endeavors

Endeavors to battle phishing assaults have advanced paired with the developing danger scene. Different innovative arrangements and best practices have been created to moderate the gamble of succumbing to phishing assaults.

• Email Separating: High-level email separating arrangements are utilized to recognize and isolate phishing messages before they arrive at a client's inbox. These frameworks utilize AI calculations to identify dubious examples and content.

• Two-element verification (2FA): Executing 2FA is a viable method for improving record security (Al Qahtani and Cresci, 2022). Regardless of whether aggressors figure out how to get login accreditations, they would in any case require an extra confirmation variable to get to a record.
• Client Training and Mindfulness: Teaching clients about the risks of phishing and giving preparation on the best way to perceive phishing endeavours is a basic guard instrument. Numerous associations direct normal phishing mindfulness missions to test and teach their workers.
• Revealing Instruments: Empowering people to report phishing endeavours to their IT divisions or pertinent specialists is fundamental for following and examining these occurrences.
• Area Name Checking: Observing space names that intently look like genuine sites can help associations distinguish and make a move against phishing endeavors.

Phishing assaults have been a diligent and developing online protection danger starting from the initiation of the web. The size of these assaults up until 2021 was huge, with a great many episodes detailed overall and significant monetary misfortunes caused. As innovation progresses, so do the strategies of cybercriminals, making it fundamental for people and associations to stay watchful and utilize vigorous safety efforts to safeguard against phishing assaults.

B. The typical lifecycle of a phishing attack, including how the phishing attack is prepared and sent

The lifecycle of a phishing assault ordinarily starts with cautious preparation and surveillance. During this stage, cybercriminals distinguish their objective and assemble data about the objective's expected weaknesses. This includes

• Target Selection: Phishers might pick explicit people, associations, or enterprises to target in light of their goals (Allodi et al. 2019). Targets could be people, representatives of an organization, or even high-profile figures.
• Research: Cybercriminals research their objectives to distinguish expected shortcomings or areas of interest. This might include assembling freely accessible data from virtual entertainment, organization sites, or online catalogues.

• Framework Setup: Phishers lay out the foundation they'll have to complete the assault. This incorporates setting up servers, spaces, and email accounts that will be utilized to have phishing sites and send phishing messages.
• Creating the Phishing Assault (Arrangement Stage): When the objective and framework are recognized, the subsequent stage is to make the phishing assault. This includes making misleading components that will be utilized to deceive the person in question. Key parts include:
• Phishing Emails: Cybercriminals make persuading messages that copy authentic correspondence. This frequently includes utilizing conspicuous source names and email addresses, for example, imitating a confided-in association or partner.
• Malevolent Connections and Attachments: Phishers implant pernicious connections or connections in the messages. These connections lead to false sites that intently look like genuine ones, or connections might contain malware intended to think twice about casualty gadgets.
• Social Engineering: Making influential messages that make a need to get a move on, dread, or interest is a basic part of phishing (Suzuki et al. 2021). This urges beneficiaries to make a move automatically.

The execution stage includes sending phishing messages to the main interest group. Phishers utilize different techniques to convey these messages, including

Get Extra 10% OFF on your WhatsApp order!

use my discount

• Email Services: Phishing messages can be sent through real email benefits or compromised email records to try not to be hailed as spam.
• Spoofing: Cybercriminals frequently use strategies to parody email addresses, causing the messages to show up as though they come from a confided-in source.
• Mass Sending: Phishers might send messages in mass to an enormous number of beneficiaries, expanding the odds of coming out on top.

When the phishing messages are conveyed, the outcome of the assault relies upon the casualty's reaction. The casualty's collaboration with the email or its items can prompt various results:

• Clicking Links: If the casualty taps on a noxious connection, they might be coordinated to a phishing site where they are provoked to enter delicate data.
• Downloading Attachments: If the email contains malware-loaded connections, downloading and opening these documents can bring about the casualty's gadget being compromised.
• Giving Information: A few casualties may energetically give delicate data because of the email, believing it's a genuine solicitation.
• When the casualty has made the ideal move, the phisher gathers the taken information. This might include:
• Certification Harvesting: If the casualty entered login qualifications on a phishing site, the aggressor gathers this data for unapproved access.
• Introducing Malware: In situations where malware was conveyed, the assailant deals with the casualty's gadget, permitting them to exfiltration information, screen exercises, or utilize the gadget as a feature of a botnet.

To stay away from the location and keep up with access, cyber criminals frequently do whatever it may take to cover their tracks:

• Erasing Logs: Aggressors might erase logs and hints of their exercises to stay away from identification by security frameworks.
• Keeping up with Persistence: Phishers might utilize procedures to keep up with admittance to compromised gadgets or frameworks for future double-dealing.
• Abuse: At times, the assailant might take advantage of the underlying break further. This could include utilizing taken qualifications to get to delicate frameworks or participating in data fraud.
• At the point when the person in question or the association identifies the phishing assault, they start a reaction to relieve the harm:
• Reporting: Casualties ought to report the assault to their IT office, the association's security group, or policing.
• Investigation: Security experts research the assault to figure out its extension, recognize the aggressor, and accumulate proof.
• Mitigation: Steps are taken to remediate the break, for example, repudiating compromised certifications, eliminating malware, and executing security upgrades.

After the assault is settled, associations and people ought to do whatever it takes to gain from the occurrence and forestall future assaults:

Preparing and Awareness: Workers ought to get prepared to perceive and keep away from phishing assaults, as a human mistake is much of the time a critical figure in effective phishing.

• Security Measures: Carrying out strong safety efforts, for example, email separating, multifaceted verification, and endpoint assurance, can assist with forestalling future assaults.

In the end, the run-of-the-mill lifecycle of a phishing assault includes cautious preparation, readiness, execution, double-dealing, and post-assault exercises (Sadiq et al. 2021). Understanding these stages is fundamental for people and associations to shield against phishing assaults successfully. Cautiousness, training, and network protection measures are key parts of major areas of strength against this inescapable danger.

Part 2: Problem Analysis and Literature Review

Problem Analysis

Numerous countermeasures have been developed and researched to combat the rising threat of phishing across varying attack vectors like email, text/SMS, voice phishing (vishing), and more. However, phishing attacks continue to evolve in sophistication, requiring ongoing enhancement of defensive strategies and solutions. Here is an analysis of five existing research-based anti-phishing approaches and their limitations:

• Email Authentication Protocol: Solutions like SPF, DKIM, and DMARC add authentication data to outbound emails, allowing the receiving server to validate the message's origin. This prevents domain spoofing utilized in many phishing emails. However, attackers adapt by exploiting flaws in authentication implementations, often routing emails through legitimate servers. Authentication alone does not catch closely mimicked domains.
• Automated Phish Detection and Reporting Tools: AI-powered tools like machine learning or natural language processing are able to identify abnormal syntax, keywords, or patterns common in phishing content (Sharma and Shankar, 2022). Tools can automatically flag suspicious emails for quarantine or user warnings. Limitations include false positives catching legitimate content, or false negatives if phishing content mimics trusted sources too closely. Tools require constant training on evolving attack tactics.
• Two-factor authentication (2FA): Requiring an additional step like an OTP code along with a password prevents access with stolen credentials alone. However, 2FA just secures login and is ineffective for other phases of phishing aimed at installing malware, gaining sensitive info, or influencing user actions. Users may be tricked into approving 2FA prompts without recognizing further attack indicators.
• Security Awareness Training: Educating users to identify and report potential phishing is key to an effective defense. But continuous social engineering evolution makes it difficult to recognize new scams for even trained users. Frequent and up-to-date training is essential but is resource-intensive and difficult to mandate for all employees, partners, and customers.

Literature review

According to Alhashmi et al., 2021 Browsers like Chrome and Firefox maintain blacklists of known phishing sites and display warnings on access attempts. Limitations include the lag between emerging scams and blacklist updates. Attackers also quickly shift domains. Users frequently ignore browser warnings when focused on task completion.

According to Jain and Gupta, 2022 one promising area for overcoming the limitations of automated phishing detection tools is to incorporate reinforcement learning algorithms. Reinforcement learning has proven effective for other AI security applications by training systems to maximize a defined reward over time through iterative simulations. For phishing detection, reinforcement learning agents could be rewarded for accurately identifying and flagging verified phishing emails while penalized for false positives on legitimate emails.

According to Wang, 2022 agents trained this way may identify novel phishing indicators unrecognizable to rule-based systems. The agents could provide dynamic analysis on incoming emails rather than relying solely on static analysis of sender, content, URLs, etc. This allows adaptation to evolving email spoofing techniques seen in modern phishing attacks. Reinforcement learning-powered detectors may also lower false positive rates compared to other ML solutions, as continual rewards for correct classifications will fine-tune accuracy over time. Training mechanisms can be developed to feed in new verified phishing emails, training the agent on emerging tactics. Reinforcement learning has shown promise for scaling security tools that must contend with the non-stationary properties of adversarial attacks.

According to Wong and Yiu, 2020 challenges remain such as the interpretability of model decisions for security teams, the potential for evasion just like other ML methods, and difficulty assessing effectiveness across an enterprise's diverse and complex email streams. However, reinforcement learning exhibits theoretical potential to enhance detection rates if implemented carefully as part of a layered anti-phishing strategy. Ongoing research to develop and test reinforcement learning prototypes for combating phishing could provide significant breakthroughs in enterprise security capabilities against phishing's rapid innovations.

A. Brief description of five existing research-based solutions and their limitations

Here is a brief description of five existing research-based phishing countermeasure solutions and their limitations

• Security Awareness Training: Research shows effective security awareness programs can significantly reduce employees' phishing susceptibility. However, training is time/resource-intensive and difficult to mandate for all personnel. Frequent re-training is required as phishing tactics evolve.
• AI-Powered Phishing Detection Tools: Machine learning models can automatically detect phishing emails with high accuracy. However extensive training on new phishing data is required to handle evolving tactics. False negatives and false positives remain problematic.
• DMARC Email Authentication: Domain-based Message Authentication, Reporting, and Conformance adds authentication data to confirm email origins. However, flaws in implementations are often exploited by attackers to bypass.
• Two-Factor Authentication: Requiring a second step like OTP codes prevents access with stolen credentials alone (Jang et al. 2022). But 2FA just secures login and phishers can trick users into approving further malicious actions.
• Browser Blocklists and Warnings: Major browsers maintain blacklists of known phishing sites and display warnings on access. But these have a lag time between new scams and list updates. Users often ignore warnings.

B. Limitation Extension: Reinforcement Learning for Automated Detection

One limitation of current AI phishing detectors is difficulty staying effective against phishing evolution. An extension is to incorporate reinforcement learning, where systems maximize a defined reward through iterative simulations. For phishing detection, the agent could be rewarded for accurately flagging verified phishing emails while penalized for false positives. This may allow the agent to identify new indicators unrecognized by rules-based systems. The dynamic analysis enabled by reinforcement learning could also adapt to emerging email spoofing techniques used in modern phishing. Challenges include model interpretability, the potential for adversarial evasion, and assessing effectiveness across complex enterprise email streams. But reinforcement learning shows promise for scaling security tools against the non-stationary properties of phishing attacks if implemented carefully.

Reinforcement Learning Background: Reinforcement learning (RL) is a machine learning approach where an agent learns to make optimal decisions through trial-and-error interactions within an environment (Vu et al. 2022). The agent seeks to maximize a cumulative reward signal by selecting actions and exploring their impacts on the state of the environment. RL has gained prominence in recent years for mastering games like chess and Go. It is also being applied to robotics, resource management, finance, and many other domains involving sequential decision-making under uncertainty.

Within cybersecurity, RL has shown promise for countering malware, network intrusion detection, vulnerability assessment, and combating various adversarial attacks. The ability to handle arms race dynamics makes RL well-suited to the non-stationary nature of evolving threats like phishing.

Reinforcement Learning for Phishing Detection

A high-level approach for applying RL to phishing detection would be like define the environment, which encompasses the streams of incoming emails to an organization and any available metadata like senders, content, URLs, attachments, etc. Define the set of actions available to the agent which may include options like marking the email as phishing, marking the email as legitimate, quarantining it for further review, and requesting more data. Establish a reward function to incentivize the agent based on desired outcomes. Rewards can be structured to maximize true positive phishing detections and minimize false positives. Penalties can be imposed for missed phish (false negatives) or falsely quarantining legitimate mail (false positives). Leverage RL algorithms like Q-learning, SARSA, or deep RL using neural networks to train the agent (Pham and Xiong, 2021). The algorithms allow the agent to refine its email assessment strategy to maximize cumulative rewards over many iterations.

Continually re-train the model on new data including newly emerged phishing attacks and email streams from additional users/groups. This enhances the adaptability to evolve alongside new tactics.

Advantages over Existing Defenses: There are several advantages RL-enhanced phishing detectors could provide over existing defences the agent has the ability to dynamically analyze emails based on their content and context within a sequence or campaign, rather than relying on hard rules. This allows adapting to novel phishing techniques that may not match predefined rules. Rewards can be shaped to optimize towards the lowest false negative and false positive rates possible for an organization, minimizing missed threats and business disruption. The agent essentially learns the nuanced traits of “normal” traffic and anomalies. The agent continuously improves by incorporating new data on confirmed phishing attacks and employee email habits. This built-in feedback loop enhances detection rates over time without full retraining.

RL agents may identify latent indicators of phishing based on sequences of actions and environmental responses, even if the indicators are not intuitive to human analysts (Chettri et al. 2020). This complements existing rules and ML approaches.

Once trained, the RL model requires relatively low computing resources to assess new emails in real time. This enables the use of email gateways to filter inbound messages.

Research Challenges

• A sufficiently large and high-quality dataset is required to adequately train the RL agent including both phishing emails and a sampling of normal traffic. Data privacy and security is paramount.
• Reward engineering can be challenging to properly align the agent's incentives with the organization's goals. Adversarial attacks could aim to game the reward function.
• Lack of interpretability in RL model decisions remains a challenge, making it difficult for human analysts to diagnose errors or model limitations. Explainable AI methods help to overcome this.
• Careful security controls are necessary to prevent adversaries from manipulating the RL agent through exploration attacks, training data poisoning, or inference evasion.
• Assessing generalization capabilities across broader email streams is critical prior to enterprise deployment. Failure modes and fallback policies should be established.

Research Opportunities

Further research can help tackle the challenges and refine the use of RL for robust phishing detection including:

• Developing constrained RL algorithms that incorporate explain ability methods into the agent so that model decisions can be audited. Integrating human feedback mechanisms can also improve trust.
• Architecting ensemble or hybrid models that combine RL agents with other detection methods like ML or rules-based systems (Basit et al. 2021). This provides defense-in-depth.
• Exploring efficient methods for re-training the RL model on incremental data without losing prior knowledge on older phishing data.
• Leveraging multi-agent RL where interconnected agents monitor different entry vectors like email, mobile, social media, etc. Information can be shared on whole phishing campaigns.
• Prototyping integration of RL phishing detection capabilities into common platforms like Microsoft Office 365 and Google Workspace security tools.
• Employing adversarial machine learning techniques like GANs to generate representative sets of phishing data for training and simulation environments.
• Conducting scaled user studies or simulations across enterprise environments to assess and optimize the efficacy of RL phishing detection prior to production.

While challenges remain, reinforcement learning shows immense promise in combating the constantly evolving threat of phishing. Advances in computing power and algorithms will enable increased research and deployment of RL capabilities as a next-generation security technique against sophisticated cyber adversaries.

Conclusion

In the present advanced scene, phishing attacks have arrived at uncommon degrees of refinement and inescapability. The ongoing extent of these assaults incorporates a large number of tricky procedures, from customary email-based phishing to additional designated structures like lance phishing, vishing, and smishing. These strategies go after human brain research, utilizing trust and direness to misdirect casualties into unveiling delicate data or taking part in hurtful activities. To counter this developing danger, a diverse methodology is basic. Mechanical countermeasures have progressed, with email channels and web security frameworks turning out to be more capable of recognizing and obstructing phishing endeavors. In any case, human weakness remains a critical test, highlighting the requirement for progressing client schooling and mindfulness programs. People and associations should be prepared to perceive phishing warnings and utilize safe web-based rehearses.

However, it is essential to recognize that the fight against phishing is progressing. Aggressors ceaselessly adjust and refine their strategies, guaranteeing that phishing stays an industrious danger. Consequently, a successful safeguard requires a blend of innovation, instruction, and cautiousness. By remaining informed, carrying out powerful safety efforts, and cultivating a culture of digital mindfulness, we can by and large pursue relieving the dangers presented by the consistently developing extent of phishing assaults.

References

Journals

• Das, R.K., Yang, J. and Li, H., 2020, May. Assessing the scope of generalized countermeasures for anti-spoofing. In ICASSP 2020-2020 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) (pp. 6589-6593). IEEE.
• Chowdhury, A., Karmakar, G., Kamruzzaman, J., Jolfaei, A. and Das, R., 2020. Attacks on self-driving cars and their countermeasures: A survey. IEEE Access, 8, pp.207308-207342.
• Al?Qahtani, A.F. and Cresci, S., 2022. The COVID?19 scamdemic: A survey of phishing attacks and their countermeasures during COVID?19. IET Information Security, 16(5), pp.324-345.
• Allodi, L., Chotza, T., Panina, E. and Zannone, N., 2019. The need for new antiphishing measures against spear-phishing attacks. IEEE Security & Privacy, 18(2), pp.23-34.
• Suzuki, N., Harada, T. and Fujihata, T., 2021. Realization and countermeasures for current location spoofing attacks. Procedia Computer Science, 192, pp.2115-2121.
• Sadiq, A., Anwar, M., Butt, R.A., Masud, F., Shahzad, M.K., Naseem, S. and Younas, M., 2021. A review of phishing attacks and countermeasures for internet of things?based smart business applications in industry 4.0. Human behavior and emerging technologies, 3(5), pp.854-864.
• Nayomi, B.D.D., Mallika, S.S., Sowmya, T., Janardhan, G., Laxmikanth, P. and Bhavsingh, M., 2024. A Cloud-Assisted Framework Utilizing Blockchain, Machine Learning, and Artificial Intelligence to Countermeasure Phishing Attacks in Smart Cities. International Journal of Intelligent Systems and Applications in Engineering, 12(1s), pp.313-327.
• Alkhalil, Z., Hewage, C., Nawaf, L. and Khan, I., 2021. Phishing attacks: A recent comprehensive study and a new anatomy. Frontiers in Computer Science, 3, p.563060.
• Sharma, N. and Shanker, R., 2022, March. Analysis of Ransomware Attack and Their Countermeasures: A Review. In 2022 International Conference on Electronics and Renewable Systems (ICEARS) (pp. 1877-1883). IEEE.
• Alhashmi, A.A., Darem, A. and Abawajy, J., 2021. Taxonomy of Cybersecurity Awareness Delivery Methods: A Countermeasure for Phishing Threats.
• Jain, A.K. and Gupta, B.B., 2022. A survey of phishing attack techniques, defence mechanisms and open research challenges. Enterprise Information Systems, 16(4), pp.527-565.
• Wang, Y., 2022, December. A survey of phishing detection: from an intelligent countermeasures view. In 2022 IEEE Conference on Telecommunications, Optics and Computer Science (TOCS) (pp. 761-769). IEEE.
• Wong, S.K. and Yiu, S.M., 2020. Location spoofing attack detection with pre-installed sensors in mobile devices. J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl., 11(4), pp.16-30.
• Jang, C., Lee, O., Mun, C. and Ha, H., 2022. AN ANALYSIS OF PHISHING CASES USING TEXT MINING. Journal of Theoretical and Applied Information Technology, 100(22), pp.6758-6773.
• Vu, M.A., Headley, W.C. and Heaslip, K.P., 2022, July. A Comparative Overview of Automotive Radar Spoofing Countermeasures. In 2022 IEEE International Conference on Cyber Security and Resilience (CSR) (pp. 245-252). IEEE.
• Pham, M. and Xiong, K., 2021. A survey on security attacks and defense techniques for connected and autonomous vehicles. Computers & Security, 109, p.102269.
• Chettri, B., Benetos, E. and Sturm, B.L., 2020. Dataset Artefacts in anti-spoofing systems: a case study on the ASVspoof 2017 benchmark. IEEE/ACM Transactions on Audio, Speech, and Language Processing, 28, pp.3018-3028.
• Basit, A., Zafar, M., Liu, X., Javed, A.R., Jalil, Z. and Kifayat, K., 2021. A comprehensive survey of AI-enabled phishing attacks detection techniques. Telecommunication Systems, 76, pp.139-154.
• Soykan, E.U., Bagriyanik, M. and Soykan, G., 2021. Disrupting the power grid via EV charging: The impact of the SMS Phishing attacks. Sustainable Energy, Grids and Networks, 26, p.100477.
• Abusaimeh, H. and Alshareef, Y., 2021. Detecting the phishing website with the highest accuracy. TEM Journal, 10(2), p.947.
• Sarma, R. and Barbhuiya, F.A., 2019, June. Internet of Things: attacks and defences. In 2019 7th International Conference on Smart Computing & Communications (ICSCC) (pp. 1-5). IEEE.