Characterizing phishing attacks using natural language processing

Maria Fernanda Cazares; Roberto Andrade; Gustavo Navas; Walter Fuertes; Jhonathan Herrera

doi:10.1109/WorldS451998.2021.9514039

Characterizing phishing attacks using natural language processing

Maria Fernanda Cazares, Roberto Andrade, Gustavo Navas, Walter Fuertes, Jhonathan Herrera

Research Group on Spatial Data Infrastructure Artificial Intelligence Geoportals and Applied Computing (IDE IA GEO CA)

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

Currently, there are many ways that phishing attacks placed people and businesses at risk. In the economic causes losses the money; in the social aspect, the perception of trust in users decreases; and on the psychological level, fear can avoid the use of digital tools and resources. This study aims to increase efficiency in detecting Phishing attacks using Natural Language Processing (NLP) to explore the mental model people use to detect whether an email is legitimate or not. Specifically, it is based on feedback vectorization and the movement of the mouse, which was obtained when the participants interacted in a test to detect phishing. The results obtained allow us to identify that people based their decision on the URL analysis in the mental model of legitimation and phishing decision. However, in the phishing model, the number of characteristics in each indicator would be more diverse and broader, which produces new challenges and future directions in this solution.

Original language	English
Title of host publication	Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021
Publisher	Institute of Electrical and Electronics Engineers Inc.
Pages	224-229
Number of pages	6
ISBN (Electronic)	9781665400961
ISBN (Print)	9781665400961
DOIs	https://doi.org/10.1109/WorldS451998.2021.9514039
State	Published - 29 Jul 2021
Event	5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021 - London, United Kingdom Duration: 29 Jul 2021 → 30 Jul 2021

Publication series

Name	Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021

Conference

Conference	5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021
Country/Territory	United Kingdom
City	London
Period	29/07/21 → 30/07/21

Bibliographical note

Funding Information:
ACKNOWLEDGMENTS We want to thank the resources granted for developing the research project entitled “Detection and Mitigation of Social Engineering attacks applying Cognitive Security, Code: PIC- ESPE-2020-Social Engineering. Likewise, we would like to thank the financial resources provided by the Universidad Politécnica Salesiana of Quito, Ecuador.

Publisher Copyright:
© 2021 IEEE.

Keywords

Mental model
Natural language processing
Phishing

UN SDGs

This output contributes to the following UN Sustainable Development Goals (SDGs)

Access to Document

10.1109/WorldS451998.2021.9514039

Cite this

Cazares, M. F., Andrade, R., Navas, G., Fuertes, W., & Herrera, J. (2021). Characterizing phishing attacks using natural language processing. In Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021 (pp. 224-229). (Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021). Institute of Electrical and Electronics Engineers Inc.. https://doi.org/10.1109/WorldS451998.2021.9514039

Cazares, Maria Fernanda ; Andrade, Roberto ; Navas, Gustavo et al. / Characterizing phishing attacks using natural language processing. Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021. Institute of Electrical and Electronics Engineers Inc., 2021. pp. 224-229 (Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021).

@inproceedings{de72c40805c744a6a7f655c4a7cce991,

title = "Characterizing phishing attacks using natural language processing",

abstract = "Currently, there are many ways that phishing attacks placed people and businesses at risk. In the economic causes losses the money; in the social aspect, the perception of trust in users decreases; and on the psychological level, fear can avoid the use of digital tools and resources. This study aims to increase efficiency in detecting Phishing attacks using Natural Language Processing (NLP) to explore the mental model people use to detect whether an email is legitimate or not. Specifically, it is based on feedback vectorization and the movement of the mouse, which was obtained when the participants interacted in a test to detect phishing. The results obtained allow us to identify that people based their decision on the URL analysis in the mental model of legitimation and phishing decision. However, in the phishing model, the number of characteristics in each indicator would be more diverse and broader, which produces new challenges and future directions in this solution.",

keywords = "Mental model, Natural language processing, Phishing",

author = "Cazares, {Maria Fernanda} and Roberto Andrade and Gustavo Navas and Walter Fuertes and Jhonathan Herrera",

note = "Publisher Copyright: {\textcopyright} 2021 IEEE.; 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021 ; Conference date: 29-07-2021 Through 30-07-2021",

year = "2021",

month = jul,

day = "29",

doi = "10.1109/WorldS451998.2021.9514039",

language = "English",

isbn = "9781665400961",

series = "Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

pages = "224--229",

booktitle = "Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021",

address = "United States",

}

Cazares, MF, Andrade, R, Navas, G, Fuertes, W & Herrera, J 2021, Characterizing phishing attacks using natural language processing. in Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021. Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021, Institute of Electrical and Electronics Engineers Inc., pp. 224-229, 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021, London, United Kingdom, 29/07/21. https://doi.org/10.1109/WorldS451998.2021.9514039

Characterizing phishing attacks using natural language processing. / Cazares, Maria Fernanda; Andrade, Roberto; Navas, Gustavo et al.
Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021. Institute of Electrical and Electronics Engineers Inc., 2021. p. 224-229 (Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Characterizing phishing attacks using natural language processing

AU - Cazares, Maria Fernanda

AU - Andrade, Roberto

AU - Navas, Gustavo

AU - Fuertes, Walter

AU - Herrera, Jhonathan

PY - 2021/7/29

Y1 - 2021/7/29

N2 - Currently, there are many ways that phishing attacks placed people and businesses at risk. In the economic causes losses the money; in the social aspect, the perception of trust in users decreases; and on the psychological level, fear can avoid the use of digital tools and resources. This study aims to increase efficiency in detecting Phishing attacks using Natural Language Processing (NLP) to explore the mental model people use to detect whether an email is legitimate or not. Specifically, it is based on feedback vectorization and the movement of the mouse, which was obtained when the participants interacted in a test to detect phishing. The results obtained allow us to identify that people based their decision on the URL analysis in the mental model of legitimation and phishing decision. However, in the phishing model, the number of characteristics in each indicator would be more diverse and broader, which produces new challenges and future directions in this solution.

AB - Currently, there are many ways that phishing attacks placed people and businesses at risk. In the economic causes losses the money; in the social aspect, the perception of trust in users decreases; and on the psychological level, fear can avoid the use of digital tools and resources. This study aims to increase efficiency in detecting Phishing attacks using Natural Language Processing (NLP) to explore the mental model people use to detect whether an email is legitimate or not. Specifically, it is based on feedback vectorization and the movement of the mouse, which was obtained when the participants interacted in a test to detect phishing. The results obtained allow us to identify that people based their decision on the URL analysis in the mental model of legitimation and phishing decision. However, in the phishing model, the number of characteristics in each indicator would be more diverse and broader, which produces new challenges and future directions in this solution.

KW - Mental model

KW - Natural language processing

KW - Phishing

UR - http://www.scopus.com/inward/record.url?scp=85114515117&partnerID=8YFLogxK

U2 - 10.1109/WorldS451998.2021.9514039

DO - 10.1109/WorldS451998.2021.9514039

M3 - Conference contribution

AN - SCOPUS:85114515117

SN - 9781665400961

T3 - Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021

SP - 224

EP - 229

BT - Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021

PB - Institute of Electrical and Electronics Engineers Inc.

T2 - 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021

Y2 - 29 July 2021 through 30 July 2021

ER -

Cazares MF, Andrade R, Navas G, Fuertes W, Herrera J. Characterizing phishing attacks using natural language processing. In Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021. Institute of Electrical and Electronics Engineers Inc. 2021. p. 224-229. (Proceedings of the 2021 5th World Conference on Smart Trends in Systems Security and Sustainability, WorldS4 2021). doi: 10.1109/WorldS451998.2021.9514039

Characterizing phishing attacks using natural language processing

Abstract

Publication series

Conference

Bibliographical note

Keywords

UN SDGs

Access to Document

Other files and links

Cite this