Machine learning as a key tool in defensive cyber operations: the effectiveness of phishing threat detection
Abstract
Purpose: to determine the effectiveness of using machine learning algorithms for detecting phishing threats within the scope of defensive cyber operations.
Method: utilization of random forest algorithms, logistic regression, and supporting vector machines for automated URL analysis. The program is implemented in Python using the Flask framework.
Findings: the developed solution demonstrated high effectiveness in detecting phishing links, showcasing accuracy in analysis when tested on real data sets.
Practical implications: the proposed system can be implemented as part of defensive cyber operations for automated detection of malicious links and enhancement of cybersecurity.
Paper type: theoretical, practical.
Downloads
References
Mueller, G. B., Jensen, B., Valeriano, B., Maness, R. C., & Macias, J. M. (2023, July 13). Cyber operations during the Russo-Ukrainian war. Center for Strategic and International Studies. Available from : https://www.csis.org/analysis/cyber-operations-during-russo-ukrainian-war
Lewis, J. A. (2022, June 16). Cyber war and Ukraine. Center for Strategic and International Studies. https://www.csis.org/analysis/cyber-war-and-ukraine
Russia’s cyberattack activity in the Ukraine | Security Insider. (2022). Available from : https://www.microsoft.com/en-us/security/security-insider/intelligence-reports/special-report-ukraine/
Freedberg Jr, S. J. (2023, February 16). Russian phishing attacks flooded Ukraine, tripled against NATO nations in 2022: Report – Breaking Defense. Breaking Defense. Available from : https://breakingdefense.com/2023/02/russian-phishing-attacks-flooded-ukraine-tripled-against-nato-nations-in-2022-report/
Fendorf, K., & Miller, J. (2022, March 24). Tracking cyber operations and actors in the russia-ukraine war. Council on Foreign Relations. https://www.cfr.org/blog/tracking-cyber-operations-and-actors-russia-ukraine-war
Daniel, M. (2022). Offensive cyber operations: Understanding intangible warfare. Oxford University Press, Incorporated.
Huskaj, G. (2023). Offensive cyberspace operations for cyber security. International Conference on Cyber Warfare and Security, 18(1), 476–479. https://doi.org/10.34190/iccws.18.1.1054
Porche, I. R., Sollinger, J. M., & McKay, S. (2011). A cyberworm that knows no boundaries. RAND Corporation. https://doi.org/10.7249/op342
Sarker, I. H. (2024). Learning technologies: Toward machine learning and deep learning for cybersecurity. У AI-Driven cybersecurity and threat intelligence: Cyber automation, intelligent decision-making and explainability (S. 43-59). Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-54497-2_3
Kapan, S., & Sora Gunal, E. (2023). Improved phishing attack detection with machine learning: A comprehensive evaluation of classifiers and features. Applied Sciences, 13(24). https://doi.org/10.3390/app132413269
Abstract views: 167 PDF Downloads: 94
Copyright (c) 2024 Nadiia Burova, Roman Oprysk, Yevhenii Kurii, Yuriy Lakh, Vitalii Susukailo
This work is licensed under a Creative Commons Attribution 4.0 International License.
The authors agree with the following conditions:
1. Authors retain copyright and grant the journal right of first publication (Download agreement) with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgment of the work's authorship and initial publication in this journal.
2. Authors have the right to complete individual additional agreements for the non-exclusive spreading of the journal’s published version of the work (for example, to post work in the electronic repository of the institution or to publish it as part of a monograph), with the reference to the first publication of the work in this journal.
3. Journal’s politics allows and encourages the placement on the Internet (for example, in the repositories of institutions, personal websites, SSRN, ResearchGate, MPRA, SSOAR, etc.) manuscript of the work by the authors, before and during the process of viewing it by this journal, because it can lead to a productive research discussion and positively affect the efficiency and dynamics of citing the published work (see The Effect of Open Access).
