IDEAS home Printed from https://ideas.repec.org/a/spr/telsys/v76y2021i1d10.1007_s11235-020-00733-2.html
   My bibliography  Save this article

A comprehensive survey of AI-enabled phishing attacks detection techniques

Author

Listed:
  • Abdul Basit

    (Air University)

  • Maham Zafar

    (Air University)

  • Xuan Liu

    (Yangzhou University)

  • Abdul Rehman Javed

    (Air University)

  • Zunera Jalil

    (Air University)

  • Kashif Kifayat

    (Air University)

Abstract

In recent times, a phishing attack has become one of the most prominent attacks faced by internet users, governments, and service-providing organizations. In a phishing attack, the attacker(s) collects the client’s sensitive data (i.e., user account login details, credit/debit card numbers, etc.) by using spoofed emails or fake websites. Phishing websites are common entry points of online social engineering attacks, including numerous frauds on the websites. In such types of attacks, the attacker(s) create website pages by copying the behavior of legitimate websites and sends URL(s) to the targeted victims through spam messages, texts, or social networking. To provide a thorough understanding of phishing attack(s), this paper provides a literature review of Artificial Intelligence (AI) techniques: Machine Learning, Deep Learning, Hybrid Learning, and Scenario-based techniques for phishing attack detection. This paper also presents the comparison of different studies detecting the phishing attack for each AI technique and examines the qualities and shortcomings of these methodologies. Furthermore, this paper provides a comprehensive set of current challenges of phishing attacks and future research direction in this domain.

Suggested Citation

  • Abdul Basit & Maham Zafar & Xuan Liu & Abdul Rehman Javed & Zunera Jalil & Kashif Kifayat, 2021. "A comprehensive survey of AI-enabled phishing attacks detection techniques," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 76(1), pages 139-154, January.
    • Handle: RePEc:spr:telsys:v:76:y:2021:i:1:d:10.1007_s11235-020-00733-2
    DOI: 10.1007/s11235-020-00733-2
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s11235-020-00733-2
    File Function: Abstract
    Download Restriction: Access to the full text of the articles in this series is restricted.
    File URL: https://libkey.io/10.1007/s11235-020-00733-2?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. B. B. Gupta & Nalin A. G. Arachchilage & Kostas E. Psannis, 2018. "Defending against phishing attacks: taxonomy of methods, current issues and future directions," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 67(2), pages 247-267, February.
    2. Ankit Kumar Jain & B. B. Gupta, 2018. "Towards detection of phishing websites on client-side using machine learning based approach," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 68(4), pages 687-700, August.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Emtethal K. Alamri & Abdullah M. Alnajim & Suliman A. Alsuhibany, 2022. "Investigation of Using CAPTCHA Keystroke Dynamics to Enhance the Prevention of Phishing Attacks," Future Internet, MDPI, vol. 14(3), pages 1-21, March.
    2. Routhu Srinivasa Rao & Amey Umarekar & Alwyn Roshan Pais, 2022. "Application of word embedding and machine learning in detecting phishing websites," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 79(1), pages 33-45, January.
    3. Scott Robbins & Aimee van Wynsberghe, 2022. "Our New Artificial Intelligence Infrastructure: Becoming Locked into an Unsustainable Future," Sustainability, MDPI, vol. 14(8), pages 1-11, April.
    4. Kumar Prateek & Nitish Kumar Ojha & Fahiem Altaf & Soumyadev Maity, 2023. "Quantum secured 6G technology-based applications in Internet of Everything," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 82(2), pages 315-344, February.
    5. Hernández-Rivera, Ariadna, 2023. "Brecha de género en la confianza de productos y servicios financieros desde la perspectiva del comportamiento," Revista Finanzas y Politica Economica, Universidad Católica de Colombia, vol. 15(1), pages 245-273, January.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Joakim Kävrestad & Allex Hagberg & Marcus Nohlberg & Jana Rambusch & Robert Roos & Steven Furnell, 2022. "Evaluation of Contextual and Game-Based Training for Phishing Detection," Future Internet, MDPI, vol. 14(4), pages 1-16, March.
    2. Ömer Kasim, 2021. "Automatic detection of phishing pages with event-based request processing, deep-hybrid feature extraction and light gradient boosted machine model," Telecommunication Systems: Modelling, Analysis, Design and Management, Springer, vol. 78(1), pages 103-115, September.
    3. Robert Karamagi, 2022. "A Review of Factors Affecting the Effectiveness of Phishing," Computer and Information Science, Canadian Center of Science and Education, vol. 15(1), pages 1-20, February.
    4. Aurélien Baillon & Jeroen de Bruin & Aysil Emirmahmutoglu & Evelien van de Veer & Bram van Dijk, 2019. "Informing, simulating experience, or both : A field experiment on phishing risks," Post-Print hal-04325609, HAL.
    5. Altyeb Taha, 2021. "Intelligent Ensemble Learning Approach for Phishing Website Detection Based on Weighted Soft Voting," Mathematics, MDPI, vol. 9(21), pages 1-13, November.
    6. Jaime A. Teixeira da Silva & Aceil Al-Khatib & Panagiotis Tsigaris, 2020. "Spam emails in academia: issues and costs," Scientometrics, Springer;Akadémiai Kiadó, vol. 122(2), pages 1171-1188, February.
    7. Yilin Wang & Siqing Xue & Jun Song, 2022. "A Malicious Webpage Detection Method Based on Graph Convolutional Network," Mathematics, MDPI, vol. 10(19), pages 1-15, September.
    8. Dipankar Dasgupta & Zahid Akhtar & Sajib Sen, 2022. "Machine learning in cybersecurity: a comprehensive survey," The Journal of Defense Modeling and Simulation, , vol. 19(1), pages 57-106, January.
    9. Aurélien Baillon & Jeroen de Bruin & Aysil Emirmahmutoglu & Evelien van de Veer & Bram van Dijk, 2019. "Informing, simulating experience, or both: A field experiment on phishing risks," PLOS ONE, Public Library of Science, vol. 14(12), pages 1-15, December.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:spr:telsys:v:76:y:2021:i:1:d:10.1007_s11235-020-00733-2. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.