A Systematic Literature Review: Cyber Attack: Phishing Environments, Techniques, and Detection Mechanism

Authors

  • Cindy Natasya Bina Nusantara University
  • Irvin Irvin Bina Nusantara University
  • Alexander Agung Santoso Gunawan Bina Nusantara University

DOI:

https://doi.org/10.21512/ijcshai.v1i1.12155

Keywords:

Phishing, Cyber-Attacks, Platforms, SLR

Abstract

In this digital era, phishing has attacked many platforms such as email, website, message, link form. Phishing is an act of creating a website that is exactly like the original website that is used to take someone's personal data. Phishing causes loss of customer confidence to use any application or website. Most of the victims of phishing are people who do not understand phishing or an organization. This kind of cyber-attacks consist of various types and countermeasures that need to be considered for the public user to prevent phishing based on phishing techniques, educate individuals about these attacks, and encourage the use of phishing prevention techniques. This paper consists of types of phishing and awareness to wary of phishing to overcome them. Therefore, the goal of this study is to identify the most typical environments for phishing attacks in order to ascertain the most popular media and technique. The authors of this study plan to conduct a Systematic Literature Review (SLR) of studies that have been done on the subject that was just described. The authors come to the overall conclusion that a website is the ideal option for phishing attacks using social engineering techniques. Additionally, the authors offer numerous suggestions for preventing phishing with various techniques. However, the most effective defense against phishing attacks is identification of phishing attempts through education and training.

Dimensions

Author Biographies

Cindy Natasya, Bina Nusantara University

Mathematics Department, School of Computer Science

Irvin Irvin, Bina Nusantara University

Mathematics Department, School of Computer Science

Alexander Agung Santoso Gunawan, Bina Nusantara University

Computer Science Department, School of Computer Science

References

T. Doke, P. Khismatrao, V. Jambhale, and N. Marathe, “Phishing-Inspector: Detection & Prevention of Phishing Websites,” ITM Web of Conferences, vol. 32, p. 03004, 2020, doi: 10.1051/itmconf/20203203004.

R. Alabdan, “Phishing attacks survey: Types, vectors, and technical approaches,” Future Internet, vol. 12, no. 10. MDPI AG, pp. 1–39, Oct. 01, 2020. doi: 10.3390/fi12100168.

E. R. S. and R. Ravi, “A performance analysis of Software Defined Network based prevention on phishing attack in cyberspace using a deep machine learning with CANTINA approach (DMLCA),” Comput Commun, vol. 153, pp. 375–381, Mar. 2020, doi: 10.1016/j.comcom.2019.11.047.

M. F. Ansari, P. K. Sharma, and B. Dash, “Prevention of Phishing Attacks Using AI-Based Cybersecurity Awareness Training,” International Journal of Smart Sensor and Adhoc Network., pp. 61–72, Mar. 2022, doi: 10.47893/ijssan.2022.1221.

N. Megha, K. R. Remesh Babu, and E. Sherly, “An Intelligent System for Phishing Attack Detection and Prevention,” in Proceedings of the 4th International Conference on Communication and Electronics Systems, ICCES 2019, Jul. 2019, pp. 1577–1582. doi: 10.1109/ICCES45898.2019.9002204.

University of Westminster., Institute of Electrical and Electronics Engineers, and University of Cambridge, The 5th International Conference on Information Management (ICIM 2019) : 24-27 March, 2019, Cambridge, UK.

E. K. Alamri, A. M. Alnajim, and S. A. Alsuhibany, “Investigation of Using CAPTCHA Keystroke Dynamics to Enhance the Prevention of Phishing Attacks,” Future Internet, vol. 14, no. 3, Mar. 2022, doi: 10.3390/fi14030082.

“PREVENTION OF PHISHING ATTACKS: A THREE-PILLARED APPROACH,” Issues In Information Systems, 2020, doi: 10.48009/2_iis_2020_1-8.

E. Ulqinaku, D. Lain, and S. Capkun, “2FA-PP: 2nd factor phishing prevention,” in WiSec 2019 - Proceedings of the 2019 Conference on Security and Privacy in Wireless and Mobile Networks, May 2019, pp. 60–71. doi: 10.1145/3317549.3323404.

V. Bhavsar, A. Kadlak, and S. Sharma, “Study on Phishing Attacks,” Int J Comput Appl, vol. 182, no. 33, pp. 27–29, Dec. 2018, doi: 10.5120/ijca2018918286.

W. H. Lim, W. Foong Liew, C. Y. Lum, and S. F. Lee, “Phishing Security: Attack, Detection, and Prevention Mechanisms.” [Online]. Available: www.facebook.com.

2018 Fourth International Conference on Computing Communication Control and Automation (ICCUBEA).

M. D. Bhagwat, P. H. Patil, and T. S. Vishawanath, “A methodical overview on detection, identification and proactive prevention of phishing websites,” in Proceedings of the 3rd International Conference on Intelligent Communication Technologies and Virtual Mobile Networks, ICICV 2021, Feb. 2021, pp. 1505–1508. doi: 10.1109/ICICV50876.2021.9388441.

A. J. Tallón-Ballesteros, S. J. Fong, and R. K. K. Wong, “An empirical study on performance server analysis and URL phishing prevention to improve system management through machine learning,” in Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2019, vol. 11113 LNCS, pp. 199–207. doi: 10.1007/978-3-030-13342-9_17.

V. Muthuraman, K. Selvan, and M. Vanitha, “Detection of phishing web pages based on features vector and prevention using multi layered authentication.” [Online]. Available: http://www.acadpubl.eu/hub/

H. Mali, P. Chavan, A. Habib, A. Dhotre, and N. Kamble Student, “International Journal of Research Publication and Reviews Detection and Prevention of Phishing Using Machine Learning,” International Journal of Research Publication and Reviews, vol. 2, pp. 1366–1370, 2021, [Online]. Available: http://217.102.24.235/sample.html

I. National Institute of Technology (Punjab, I. D. of C. S. & E. National Institute of Technology (Punjab, Institute of Electrical and Electronics Engineers. Delhi Section, and Institute of Electrical and Electronics Engineers, ICSCCC 2018 : International Conference on Secure Cyber Computing and Communication : December 15-17, 2018.

SCAD College of Engineering and Technology and Institute of Electrical and Electronics Engineers, Proceedings of the 4th International Conference on Trends in Electronics and Informatics (ICOEI 2020) : 15-17, June 2020.

S. Back and R. T. Guerette, “Cyber Place Management and Crime Prevention: The Effectiveness of Cybersecurity Awareness Training Against Phishing Attacks,” J Contemp Crim Justice, vol. 37, no. 3, pp. 427–451, Aug. 2021, doi: 10.1177/10439862211001628.

A. Sumner and X. Yuan, “Mitigating phishing attacks: An overview,” in ACMSE 2019 - Proceedings of the 2019 ACM Southeast Conference, Apr. 2019, pp. 72–77. doi: 10.1145/3299815.3314437.

M.-S. Hwang et al., “Editor-in-Chief Publishing Editors Board of Editors PUBLISHER: Candy C.” [Online]. Available: http://ijeie.jalaxy.com.tw

A. O. Alsayed, A. Bilgrami, W. : Www, A. O. Alsayed, and A. L. Bilgrami, “E-Banking Security: Internet Hacking, Phishing Attacks, Analysis and Prevention of Fraudulent Activities Using Social Media for Collaborative Learning to enhance learners? Performance on learning View project E-banking Security View project International Journal of Emerging Technology and Advanced Engineering E-Banking Security: Internet Hacking, Phishing Attacks, Analysis and Prevention of Fraudulent Activities,” 2008. [Online]. Available: https://www.researchgate.net/publication/315399380

V. Bieger, G. J. Ramackers, and D. P. M. Kwantes, “Phishing prevention in mobile messaging platforms by the Dutch banking sector,” 2021.

S. Bojjagani, D. R. D. Brabin, and P. V. V. Rao, “PhishPreventer: A Secure Authentication Protocol for Prevention of Phishing Attacks in Mobile Environment with Formal Verification,” in Procedia Computer Science, 2020, vol. 171, pp. 1110–1119. doi: 10.1016/j.procs.2020.04.119.

S. Nasiri, M. T. Sharabian, and M. Aajami, “Using Combined One-Time Password for Prevention of Phishing Attacks,” 2017. [Online]. Available: www.etasr.com

L. Jeurissen, “E-mail phishing prevention proposal: CEPP,” 2021.

S. Salloum, T. Gaber, S. Vadera, and K. Shaalan, “Phishing Email Detection Using Natural Language Processing Techniques: A Literature Survey,” in Procedia CIRP, 2021, vol. 189, pp. 19–28. doi: 10.1016/j.procs.2021.05.077.

A. A. Andryukhin, “Phishing Attacks and Preventions in Blockchain Based Projects,” in Proceedings - 2019 International Conference on Engineering Technologies and Computer Science: Innovation and Application, EnT 2019, May 2019, pp. 15–19. doi: 10.1109/EnT.2019.00008.

R. Parthiban, V. Abarna, M. Banupriya, S. Keerthana, and D. Saravanan, “Web Folder Phishing Discovery and Prevention with Customer Image Verification,” in 2020 International Conference on System, Computation, Automation and Networking, ICSCAN 2020, Jul. 2020. doi: 10.1109/ICSCAN49426.2020.9262395.

N. Abe, Institute of Electrical and Electronics Engineers, and IEEE Computer Society, 2018 IEEE International Conference on Big Data : proceedings : Dec 10 - Dec 13, 2018, Seattle, WA, USA.

Downloads

Published

2024-10-10
Abstract 41  .
PDF downloaded 38  .