基于多维特征预测用户遭受网络钓鱼的倾向。
Predicting User Susceptibility to Phishing Based on Multidimensional Features.
机构信息
School of Cyberspace Security, Beijing University of Posts and Telecommunications, Beijing 100876, China.
School of Computer Science, Beijing University of Technology, Beijing 100124, China.
出版信息
Comput Intell Neurosci. 2022 Jan 17;2022:7058972. doi: 10.1155/2022/7058972. eCollection 2022.
While antiphishing techniques have evolved over the years, phishing remains one of the most threatening attacks on current network security. This is because phishing exploits one of the weakest links in a network system-people. The purpose of this research is to predict the possible phishing victims. In this study, we propose the multidimensional phishing susceptibility prediction model (MPSPM) to implement the prediction of user phishing susceptibility. We constructed two types of emails: legitimate emails and phishing emails. We gathered 1105 volunteers to join our experiment by recruiting volunteers. We sent these emails to volunteers and collected their demographic, personality, knowledge experience, security behavior, and cognitive processes by means of a questionnaire. We then applied 7 supervised learning methods to classify these volunteers into two categories using multidimensional features: susceptible and nonsusceptible. The experimental results indicated that some machine learning methods have high accuracy in predicting user phishing susceptibility, with a maximum accuracy rate of 89.04%. We conclude our study with a discussion of our findings and their future implications.
虽然反网络钓鱼技术近年来已经发展,网络钓鱼仍然是当前网络安全最具威胁的攻击之一。这是因为网络钓鱼利用了网络系统中最薄弱的环节之一——人。本研究旨在预测可能的网络钓鱼受害者。在这项研究中,我们提出了多维网络钓鱼易感性预测模型 (MPSPM),以实现用户网络钓鱼易感性的预测。我们构建了两种类型的电子邮件:合法电子邮件和网络钓鱼电子邮件。我们通过招募志愿者,共召集了 1105 名志愿者参加我们的实验。我们向志愿者发送这些电子邮件,并通过问卷收集他们的人口统计学、个性、知识经验、安全行为和认知过程。然后,我们应用 7 种监督学习方法,使用多维特征将这些志愿者分为两类:易感和不易感。实验结果表明,一些机器学习方法在预测用户网络钓鱼易感性方面具有很高的准确性,最高准确率达到 89.04%。最后,我们讨论了我们的发现及其未来意义。
Zotero 插件