Systematic Literature Review: Anti-Phishing Defences and Their Application to Before-the-click Phishing Email Detection
Authors:
Trevor Wood,
Vitor Basto-Fernandes,
Eerke Boiten,
Iryna Yevseyeva
Abstract:
Most research into anti-phishing defence assumes that the mal-actor is attempting to harvest end-users' personally identifiable information or login credentials and, hence, focuses on detecting phishing websites. The defences for this type of attack are usually activated after the end-user clicks on a link, at which point the link is checked. This is known as after-the-click detection. However, mo…
▽ More
Most research into anti-phishing defence assumes that the mal-actor is attempting to harvest end-users' personally identifiable information or login credentials and, hence, focuses on detecting phishing websites. The defences for this type of attack are usually activated after the end-user clicks on a link, at which point the link is checked. This is known as after-the-click detection. However, more sophisticated phishing attacks (such as spear-phishing and whaling) are rarely designed to get the end-user to visit a website. Instead, they attempt to get the end-user to perform some other action, for example, transferring money from their bank account to the mal-actors account. These attacks are rarer, and before-the-click defence has been investigated less than after-the-click defence. To better integrate and contextualize these studies in the overall anti-phishing research, this paper presents a systematic literature review of proposed anti-phishing defences. From a total of 6330 papers, 21 primary studies and 335 secondary studies were identified and examined. The current research was grouped into six primary categories, blocklist/allowlist, heuristics, content, visual, artificial intelligence/machine learning and proactive, with an additional category of "other" for detection techniques that do not fit into any of the primary categories. It then discusses the performance and suitability of using these techniques for detecting phishing emails before the end-user even reads the email. Finally, it suggests some promising areas for further research.
△ Less
Submitted 27 April, 2022;
originally announced April 2022.
An Ontology of Preference-Based Multiobjective Metaheuristics
Authors:
Longmei Li,
Iryna Yevseyeva,
Vitor Basto-Fernandes,
Heike Trautmann,
Ning **g,
Michael Emmerich
Abstract:
User preference integration is of great importance in multi-objective optimization, in particular in many objective optimization. Preferences have long been considered in traditional multicriteria decision making (MCDM) which is based on mathematical programming. Recently, it is integrated in multi-objective metaheuristics (MOMH), resulting in focus on preferred parts of the Pareto front instead o…
▽ More
User preference integration is of great importance in multi-objective optimization, in particular in many objective optimization. Preferences have long been considered in traditional multicriteria decision making (MCDM) which is based on mathematical programming. Recently, it is integrated in multi-objective metaheuristics (MOMH), resulting in focus on preferred parts of the Pareto front instead of the whole Pareto front. The number of publications on preference-based multi-objective metaheuristics has increased rapidly over the past decades. There already exist various preference handling methods and MOMH methods, which have been combined in diverse ways. This article proposes to use the Web Ontology Language (OWL) to model and systematize the results developed in this field. A review of the existing work is provided, based on which an ontology is built and instantiated with state-of-the-art results. The OWL ontology is made public and open to future extension. Moreover, the usage of the ontology is exemplified for different use-cases, including querying for methods that match an engineering application, bibliometric analysis, checking existence of combinations of preference models and MOMH techniques, and discovering opportunities for new research and open research questions.
△ Less
Submitted 10 March, 2017; v1 submitted 26 September, 2016;
originally announced September 2016.